Data breaches through hacking incidents have become a significant phenomenon in the world of online shopping. These breaches can result in loss of personal data belonging to customers. This study builds a research model to examine people's intention to engage in e-commerce in the context of a significant data breach (the Target breach in December 2013). In addition, this paper focuses on the difference in responses regarding post breach online shopping intent among younger adults (below 55 years) and older adults (senior citizens-above 55 years). Our findings show the importance of internal (self) monitoring of bank transactions in reducing the effect of perceptions of severity of data breaches on post breach online shopping intent particularly for senior citizens. The study also demonstrates that perceptions of severity of a hacking incident are significant drivers of perceived online shopping risk for both age groups. Further, perceptions of severity of a hacking incident are significant drivers of post breach online shopping intent but only marginally significant for younger adults. Trusting beliefs in online shopping services and attitude towards e-commerce are significant for the older generation for post breach online shopping intentions and also for younger adults. Gender is significant for seniors while it is not significant for younger adults. The impact of perceived online shopping risk on post breach online shopping is significantly different between the two age groups. The implication of this research lies in informing shopping websites the need to prepare better plans for notifying customers about not only data breaches but their proposed mitigation steps so as to increase trust and reduce perceived risks associated with online shopping.
It is important to understand both the usefulness and the inherent limitations of utilizing retrospective recall memory. Retrospective recall has several potential sources of bias. First, compared with concurrent evaluations that rely on short-term memory, recall that utilizes long-term memory may lead to biases such as selectivity of recall, rationality bias, and so forth (East and Uncles 2008; Glick et al. 1990). Second, respondents' post-event recall may potentially bias their recall of pre-event experiences, and vice versa, most likely producing consistency of recall between the two. In other words, relying on long-term memory may introduce some biases, resulting in potential differences between consumers' recalled and actual experiences. Even though most researchers agree that consumers' actual information processing is different from their recall (Ericsson and Simon 1980; Nisbett and Wilson 1977), there are several reasons why memory data might still be quite useful and insightful. According to Lynch and Srull (1982), for the value of recall data, the "recall protocol is assumed to be representative of the underlying [memory] structure with respect to both content and organization" (p. 24). In turn, these structures provide insight into previous processing (see Biehal and Chakravarti 1986). In addition, memory may be particularly predictive of future behaviors (Cox and Hassard 2007). The vast majority of consumer decisions are either totally memory-based or a "mixed" combination of available and memory information (Alba et al. 1991). Thus, employees typically assign ratings and make evaluations by accessing their memories of disaster experiences, regardless of the "accuracy" of this information. Finally, memory data may be the basis for most consumer "word of mouth" communications, as people are more likely to relate memories of their experiences (what they think occurred) than the actual experience itself. In specifically considering the factors that require recalling the disaster experiences, to the extent that such biases occur, there should be consistency across employees' memories of the specific and concrete disaster. Thus, if anything, differences found in this study between the experience group, recall group, and IS effectiveness evaluations are likely to be understated. In terms of internal validity, the retrospective method has strong statistical power (Shadish and Luellen 2005). Howard et al. (1979) found the
I nformation security investment has been getting increasing attention in recent years. Various methods have been proposed to determine the effective level of security investment. However, traditional expected value methods (such as annual loss expectancy) cannot fully characterize the information security risk confronted by organizations, considering some extremal yet perhaps relatively rare cases in which a security failure may be critical and cause high losses. In this research note we introduce the concept of value-at-risk to measure the risk of daily losses an organization faces due to security exploits and use extreme value analysis to quantitatively estimate the value at risk. We collect a set of internal daily activity data from a large financial institution in the northeast United States and then simulate its daily losses with information based on data snapshots and interviews with security managers at the institution. We illustrate our methods using these simulated daily losses. With this approach, decision makers can make a proper investment choice based on their own risk preference instead of pursuing a solution that minimizes only the expected cost.
Intellectual property portfolios that include unique inventions and discoveries are potentially inimitable resources that provide strategic leverage to Information Technology (IT) firms. The increasing patent related litigations in the IT industry, and the high costs associated with litigations make this an economically significant activity. Taking a market oriented view to this issue we investigate the economic impact of patent infringement litigation on both the plaintiff and the defendant firms in IT industry. Event study methodology is used to assess the effect of the litigation on the stock market returns around the date of litigation announcement as well as the date of settlement/termination. Our results suggest that the news of patent infringement litigation was unfavorably accepted in the stock market for the defendants. On the other hand, abnormal returns for plaintiff firms around litigation announcement date as well as settlement/termination date were significantly positive. We find evidence to the effect that patent litigations are not zero-sum games since combined abnormal returns for the plaintiff and defendant firms are negative. Patents belonging to the electronic and electric categories are more likely to influence market returns, whereas computer and communications patent categories are less likely to do so. Patent importance (as measured by patent citations) is found to be an important contributor to market's evaluation of a patent litigation's impact.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.