TY - JOUR
T1 - Firms' information security investment decisions
T2 - Stock market evidence of investors' behavior
AU - Chai, Sangmi
AU - Kim, Minkyun
AU - Rao, H. Raghav
N1 - Funding Information:
The authors would like to thank editors for the special issue and three anonymous reviewers for their constructive comments. The research of the third author was funded in part by NSF 0830814. The usual disclaimer applies. The work of the third author has been partly supported by Sogang Business School’s World Class University Project (R31-20002) funded by Korea Research Foundation.
PY - 2011/3
Y1 - 2011/3
N2 - In the information society, it is important for firms to manage their core information resources securely. However, the difficulty of measuring the return on an IT security investment is one of the critical obstacles for firms in making such investment decisions. By utilizing event methodology, this study examines the value of an investment in IT security, based on stock market investors' behavior toward a firms' IT security investment announcements. Based on a sample of 101 investment announcements of firms whose stocks are publicly traded in the U.S. stock market between 1997 and 2006, we find substantial support for the hypotheses that information security investment leads to positive abnormal returns for firms. Interestingly, security investments with commercial exploitation tend to result in higher returns than those for IT security improvement. Another interesting finding is that stock market reaction to security investments shows higher abnormal returns after the Sarbanes-Oxley Act (SOX) than any of those before it.
AB - In the information society, it is important for firms to manage their core information resources securely. However, the difficulty of measuring the return on an IT security investment is one of the critical obstacles for firms in making such investment decisions. By utilizing event methodology, this study examines the value of an investment in IT security, based on stock market investors' behavior toward a firms' IT security investment announcements. Based on a sample of 101 investment announcements of firms whose stocks are publicly traded in the U.S. stock market between 1997 and 2006, we find substantial support for the hypotheses that information security investment leads to positive abnormal returns for firms. Interestingly, security investments with commercial exploitation tend to result in higher returns than those for IT security improvement. Another interesting finding is that stock market reaction to security investments shows higher abnormal returns after the Sarbanes-Oxley Act (SOX) than any of those before it.
KW - Abnormal returns
KW - Event methodology
KW - Information security investment
KW - Investors' behavior
KW - Market value
KW - Sarbanes-Oxley Act (SOX)
UR - http://www.scopus.com/inward/record.url?scp=79151484723&partnerID=8YFLogxK
U2 - 10.1016/j.dss.2010.08.017
DO - 10.1016/j.dss.2010.08.017
M3 - Article
AN - SCOPUS:79151484723
SN - 0167-9236
VL - 50
SP - 651
EP - 661
JO - Decision Support Systems
JF - Decision Support Systems
IS - 4
ER -