Author: Wang, Qian
Title: Three essays on organizational determinants of data breach risk
Advisors: Ngai, W. T. Eric (MM)
Degree: Ph.D.
Year: 2021
Subject: Business -- Data processing -- Security measures
Computer security
Computer networks -- Security measures
Hong Kong Polytechnic University -- Dissertations
Department: Department of Management and Marketing
Pages: xii, 167 pages : color illustrations
Language: English
Abstract: Given data breaches can bring firms significant financial and reputational damages, it should come as little surprise that information security has become the chief concern among corporate executives. Against this backdrop, it is important to investigate how data breach risk can be determined by organizational factors. My thesis intents to provide several new insights into this area. The thesis includes three essays. The first essay empirically investigates two research questions: (1) How will firms' information technology (IT) innovativeness influence data breach risk? and (2) How will the relationship between IT innovativeness and data breach risk be contingent upon environmental uncertainty? I determine that firms' IT innovativeness will increase data breach risk. I further determine that the effect of IT innovativeness on increasing such a risk is mitigated if mangers are presented with high long-term incentives and is exacerbated when external environments are complex. This research is the first empirical attempt to analyze the security impact of IT innovation, highlighting the information security challenge and providing beneficial insights for organizations when they pursue proactive and innovative ITs. In the section essay, I investigate how employee-related corporate social responsibility's (CSR) influence data breach risk. I determine that firms' employee-related CSR reduces data breach risk. I further find that the effect of employee-related CSR on reducing such a risk is pronounced when firms suffer from deteriorating economic performance, face turbulent environments, or encounter high product similarity with their competitors. This research is among the first empirical attempts to analyze the security effectiveness of corporate CSR. Specifically, it highlights the information security benefits of employee-related CSR and provides beneficial managerial insights on making strategic decisions on these activities. The third essay investigates (1) how firm diversity strategies influence data breach risks and (2) whether the relationship between firm diversity and data breach risk is moderated by managerial ability. I determine that firm diversity, particularly related diversity, can benefit firms by reducing their data breach risk. I also determine that the benefits of firm diversity in reducing data breach risk is exacerbated when managerial ability is high.
Rights: All rights reserved
Access: open access

Files in This Item:
File Description SizeFormat 
5783.pdfFor All Users1.72 MBAdobe PDFView/Open

Copyright Undertaking

As a bona fide Library user, I declare that:

  1. I will abide by the rules and legal ordinances governing copyright regarding the use of the Database.
  2. I will use the Database for the purpose of my research or private study only and not for circulation or further reproduction or any other purpose.
  3. I agree to indemnify and hold the University harmless from and against any loss, damage, cost, liability or expenses arising from copyright infringement or unauthorized usage.

By downloading any item(s) listed above, you acknowledge that you have read and understood the copyright undertaking as stated above, and agree to be bound by all of its terms.

Show full item record

Please use this identifier to cite or link to this item: