최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기情報保護學會論文誌 = Journal of the Korea Institute of Information Security and Cryptology, v.25 no.3, 2015년, pp.649 - 664
황해수 (성균관대학교 기술경영학과) , 이희상 (성균관대학교 기술경영학과)
Recently, the risk of security incidents has been increased due to change of IT environment and development of new hacking methods. Event study methodology that measures the effect of a specific security incident on the stock price is widely adopted to analyze the damage cost of security incidents o...
핵심어 | 질문 | 논문에서 추출한 답변 |
---|---|---|
산업별 보안사고의 발생분포 현황은 어떠한가? | 1에서 확인할 수 있다. 제조업은 2010년 이전까지 기술정보의 유출사고가 주로 발생하였고, 2011년부터는 인터넷 서비스의 성숙과 확대로 전기, 전자, 통신을 포함한 정보통신 기업 대상의 고객정보 유출사고가 주로 발생하였다. 최근에는 금융기관 대상의 보안사고가 주로 발생함에 따라, 금융기관의 보안사고 예방[36]과 금융기관 중심의 보안 Risk에 관한 연구[37] 등 금융권의 보안 예방에 관한 연구가 활발하게 진행되고 있다. | |
평판손실은 어떻게 도출하는가? | 평판손실은 특정사고로 기업에 발생한 실 손실 비율과 사건연구방법론에서 도출한 비정상 수익률의 합으로 도출한다. 주가의 변화와 실 손실비율을 반영한 평판손실 연구는 금융기관을 중심으로 운영손실의 피해분석 연구에서 시작되었다. | |
정보보호는 무엇인가? | 정보보호(information security)는 일반적으로 고의, 과실, 재해 등에 의해 정보시스템의 고장 및 파괴되는 등의 위해를 막기 위한 물리적, 논리적 대응을 말한다[26]. 본 연구에서는 사람의 실수나 고의적으로 발생 한 보안사고를 대상으로 한다. |
S.W. Chai, "Economic effects of personal information protection," Korea Consumer Agency, vol. 33, pp. 43-64, Apr. 2008.
D.B. Parker, "The strategic values of information security in business," Computers & Security, pp. 572-582, Jun. 1997.
L.A. Gordon and M.P.Loeb, "Economics of information security investment," ACM Transactions on Information and System Security, vol. 5, no. 4, pp. 438-457, Nov. 2002.
R. Bojanc and B. Jerman-Blazic, "An economic modeling approach to information security risk management," International Journal of Information Management, vol. 28, pp. 413-422, Oct. 2008.
S.W. Nam and J.I. Lim, "An empirical study on the impact of security events to the stock price in the analysis method of enterprise security investment effect," Ph.D. Thesis, Korea University, Feb. 2006.
A. Bharadwaj, M. Keil and M. Mahring, "Effects of information technology failures on the market value of firms," Journal of Strategic Information Systems, vol. 18. pp. 66-79, Jun. 2009.
K. Campbell, L.A. Gordon, M.P Loeb and L. Zhou, "The economic cost of publicly announced information security breaches: empirical evidence from the stock market," Journal of Computer Security, vol. 11, pp. 431-448. Mar. 2003.
H. Cavusoglu, B. Mishra and S. Raghunathan, "The effect of internet security breach announcements on market value: capital market reactions for breached firms and internet security developers," International Journal of Electronic Commerce 9, pp. 69-104, Feb. 2002.
K. Kannan, J. Rees and S. Sridhar, "Market reactions to information security breach announcements: an empirical analysis," International Journal of Electronic Commerce, vol. 12, no. 1, pp. 69-91, Fall 2007.
A. Hovav and J. D'Arcy, "The impact of denial-of-service attack announcements on the market value of firms," Risk Management and Insurance Review, vol. 6, pp. 97-121. Oct. 2003.
A. Hovav and J. D'Arcy, "The impact of virus attack announcements on the market value of firms," Information System Security, vol. 13, no. 3, pp. 46-156. Dec. 2004.
A. Hovav and J. D'Arcy, "Capital market reaction to defective IT products: the Case of Computer Viruses," Computers & Security, vol. 24, pp. 409-424. Aug. 2005.
I. Bose and A.C.M. Leung, "The impact of adoption of identity theft countermeasures on firm value," Decision Support Systems, vol. 55, pp. 753-763, Jun. 2013.
S. Goel and H.A. Shawky, "Estimating the Market Impact of Security Breach Announcements on Firm Values," Information & Management, vol. 46, pp. 404-410, Oct. 2009.
M. Ko and C. Dorantes, "The impact of information security breaches on financial performance of the breached firms: an empirical investigation," Journal of Information Technology Management, vol. 17, pp. 3-29, Nov. 2006.
A. Grag, J. Curtis and H. Halper, "Quantifying the financial impact of IT security breaches," Information Management and Computer Security, vol. 11, pp. 74-83. 2003.
B. Jerlod and J.Stephen, "Using daily stock returns: the case of event studies," Journal of Financial Economics, vol. 14, pp. 3-31, Mar. 1985.
A.G. Kotulic and J.G. Clark, "Why there aren't more information security research studies," Information and Management, vol. 41, pp. 597-607, May 2004.
J. Perry and P.De. Fontnouvelle, "Measuring reputational risk: the market reaction to operational loss announcements," Federal Reserve Bank of Boston, Oct. 2005.
Basel Committee on Banking Supervision, International convergence of capital measurement and capital standards. A Revised Framework. Comprehensive Version, Jun. 2006.
Basel Committee on Banking Supervision, Proposed enhancements to the Basel II rramework, Consultative Document, Jan. 2009.
F. Fiordelisi, M-G. Soana and P. Schwizer, "Reputational Losses and Operational Risk in Banking," The European Journal of Finance, vol. 20, pp. 1-20, Mar. 2011.
Y. Konchitchki and D.E. O'Leary, "Event study methodologies in information systems research," International Journal of Account Information Systems 12, pp. 99-115, Jan. 2011.
E.B. Lindenberg and S.A. Ross, "Tobin's q and industrial organization," The Journal of Business, vol. 54, no. 1, pp. 1-32, Jan. 1981.
A.S. Bharadwaj, S.G. Bharadwaj and B.R. Konsynski, "Information technology effects on firm performance as measured by Tobin's q," Management Science, vol. 45, no. 6, pp. 1008-1024, Jun. 1999.
Y.O. Kwon and B.D. Kim, "The effect of information security breach and security investment announcement on the market value of korean firms," Information System Review, 9(1), pp. 105-120, Apr. 2007.
The Economist Intelligence Unit, Sharing the blame how companies are collaborating on data security breaches, Jun. 2014.
Juniper Networks, Juniper networks third annual mobile threats report, Jun. 2013.
A. Hovav and J.Y. Han, "The impact of security breach announcements on the stock value of companies in south Korea," Korea Internet e-Commerce Association, vol. 13, pp. 43-67, Sep. 2013.
R. Gillet, G. Hubner and S.Plunus, "Operational risk and reputation in the financial industry," Journal of Banking and Finance, vol. 34, pp. 224-235, Jan. 2009.
G. Sinanaj and J. Muntermann, "Assessing corporate reputational damage of data breaches: an empirical analysis," Association for Information System BLED 2013 Proceedings Paper 29, Jun. 2013.
Ponemon Institute LLC, 2011 cost of data breach study, Traverse City, Mar. 2011.
S. Bond, A. Klemm, R. Newton-Smith, M. Syed and G. Vllieghe, "The roles of expected profitability, Tobin's q and cash flow in econometric models of company investment," Bank of England Working Paper, vol. 43, Jun. 2004.
H. Zafar, M. Ko and K. Osei-Bryson, "Does a CIO matter? Investigating the impact of IT security breaches on firm performance using Tobin's q," System Sciences, pp. 1-7, Jan. 2011.
E.F. Fama, L. Fisher, M.C. Jensen and R. Roll, "The adjustment of stock price to new information," International Economic Review, vol. 10, no. 1, pp. 1-21, Feb. 1969.
Korea Online Privacy Association, Social cost analysis of the personal information infringement and valuation, Nov. 2013.
A. McWilliams and D. Siegel, "Event studies in management research: theoretical and empirical issues," Academy of Management Journal, vol. 40, no. 3, pp. 626-657, Jun. 1997.
P.W. Roberts and G.R. Dowling, "Corporate reputation and sustained superior financial performance," Strategic Management Journal, vol. 23, pp. 1077-1093, Sep. 2002.
J.B. McGuire, T. Schneeweis and B. Branch, "Perceptions of firm quality: a cause or result of firm performance," Journal of Management, vol. 16, no. 1, pp. 167-180, Mar. 1990.
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
Free Access. 출판사/학술단체 등이 허락한 무료 공개 사이트를 통해 자유로운 이용이 가능한 논문
※ AI-Helper는 부적절한 답변을 할 수 있습니다.