Download This PaperCorporate Social Irresponsibility and the Occurrence of Data Breaches: A Stakeholder Management Perspective
51 Pages Posted: 28 Feb 2023
Abstract
An ever-increasing incident of cyberattacks is devastating to firms' operations and financial sustainability. We examine the association between corporate social irresponsibility (CSIR) and data breach incidents, stock market reactions to the affected firms, and how firms react to data breaches by mitigating CSIR. Using a sample of 24,456 observations in the 2005-2018 period, we find a significantly positive association between CSIR and the occurrence of data breaches. Further analyses show that CSIR regarding employee, community or corporate governance issues are more likely to result in internal attacks, and environmental concerns can trigger external attacks, while product concerns lead to both internal and external attacks. Consistent with our prediction, the negative stock market reaction to data breaches is more pronounced in CSIR firms. Finally, we show that firms respond to data breaches by mitigating CSIR, and this phenomenon is more common in firms with the existence of corporate social responsibility (CSR) committees. Taken together, our result highlights the role of stakeholders in data breaches and shows how firms manage stakeholders in response to data breaches. This study provides important and timely policy, practice, and research implications as data breaches persist.
Keywords: Stakeholder Management, Corporate Social Irresponsibility: Cyberattack, Cybersecurity, IT governance
Suggested Citation: Suggested Citation