CEC Theses and Dissertations

Campus Access Only

All rights reserved. This publication is intended for use solely by faculty, students, and staff of Nova Southeastern University. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, now known or later developed, including but not limited to photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the author or the publisher.

Date of Award

2012

Document Type

Dissertation - NSU Access Only

Degree Name

Doctor of Philosophy in Information Systems (DISS)

Department

Graduate School of Computer and Information Sciences

Advisor

Marilyn K Littman

Committee Member

Yair Levy

Committee Member

Ling Wang

Abstract

Understanding the financial value resulting from IS security investments is critically important to organizations focused on protecting service confidentiality, integrity, and availability in order to preserve firm revenues and reputations. Quantifying the financial effect from IS security investments is difficult to derive. This study investigated the relationship between e-banking investments in IS security and their market value impacts.

Using an event study approach, the author captured e-banking firm specific data and isolated the IS security effect through the measured change in market values. The author hypothesized that announcements of IS security investments would result in statistically significant changes in market values. The author also hypothesized two sub-segments of the selected security investment data, technology and people, would support statistically significant changes in the market values of e-banking service providers. The hypotheses were tested by measuring stock market reactions to the IS security announcements selected from an eight-year period (2003-2010).

Study findings indicated statistically significant market reactions for e-banking firms making IS security investment announcements and suggested that investors rewarded IS security technology investments more highly than e-banking firms making IS security people-focused investment announcements. The author concluded that because investors understand that mandatory regulatory compliance represents an e-banking firm's commitment to creating a secure computing environment, e-banking information systems are perceived as secure therefore, disclosing IS security investments results in weak changes to market values. Ultimately effective management of IS security requires acceptance of the idea that it is not technically feasible or financially viable to implement protections for all identified IS security risks therefore IS security investments must be effectively measured and risk levels consciously selected in order to implement the right technical and operational protections to support a firm's selected risk posture. The study contributes to the event study literature as well as the literature examining the economic effects of information systems security.

To access this thesis/dissertation you must have a valid nova.edu OR mynsu.nova.edu email address and create an account for NSUWorks.

  Contact Author

  Link to NovaCat

Share

COinS