This study examines the economic effect of information security breaches reported in newspapers on publicly traded US corporations. We find limited evidence of an overall negative stock market reaction to public announcements of information security breaches. However, further investigation reveals that the nature of the breach affects this result. We find a highly significant negative market reaction for information security breaches involving unauthorized access to confidential data, but no significant reaction when the breach does not involve confidential information. Thus, stock market participants appear to discriminate across types of breaches when assessing their economic impact on affected firms. These findings are consistent with the argument that the economic consequences of information security breaches vary according to the nature of the underlying assets affected by the breach.
This study investigates the October and November MJO events observed during the Cooperative Indian Ocean Experiment on Intraseasonal Variability in the Year 2011 (CINDY)/Dynamics of the MJO (DYNAMO) field campaign through cloud-permitting numerical simulations. The simulations are compared to multiple observational datasets. The control simulation at 9-km horizontal grid spacing captures the slow eastward progression of both the October and November MJO events in surface precipitation, outgoing longwave radiation, zonal wind, humidity, and large-scale vertical motion. The vertical motion shows weak ascent in the leading edge of the MJO envelope, followed by deep ascent during the peak precipitation stage and trailed by a broad second baroclinic mode structure with ascent in the upper troposphere and descent in the lower troposphere. Both the simulation and the observations also show slow northward propagation components and tropical cyclone-like vortices after the passage of the MJO active phase. Comparison with synthesized observations from the northern sounding array shows that the model simulates the passage of the two MJO events over the sounding array region well. Sensitivity experiments to SST indicate that daily SST plays an important role for the November MJO event, but much less so for the October event.Analysis of the moist static energy (MSE) budget shows that both advection and diabatic processes (i.e., surface fluxes and radiation) contribute to the development of the positive MSE anomaly in the active phase, but their contributions differ by how much they lead the precipitation peak. In comparison to the observational datasets used here, the model simulation may have a stronger surface flux feedback and a weaker radiative feedback. The normalized gross moist stability in the simulations shows an increase from near-zero values to ;0.8 during the active phase, similar to what is found in the observational datasets.
By analyzing evidence of stock returns using a sophisticated market model over a long period and over two distinct and naturally arising sub-periods, this study helps resolve conflicting evidence from previous studies concerning the effect of information security breaches on market returns of firms. This study has three major findings. First, the impact of the broad class of information security breaches on stock market returns of firms is significant. Second, when breaches are classified by their primary effect in terms of (i) confidentiality, (ii) availability or (iii) integrity, attacks associated with breaches of availability are seen to have the greatest negative effect on stock market returns. Third, there has been a significant downward shift in the impact of the security breaches in the sub-period following the 9/11/2001 attacks versus the impact in the pre-9/11 period. Apparently, with increased media reporting of information security breaches without apparent devastating effects on targeted corporations, investors lowered their assessment of the costs of such breaches. Two possible reasons for this downward shift are (1) more effective remediation and disaster recovery and (2) a perceived decrease in the tendency of customers to refrain from doing business with firms experiencing an information security breach. . 1 Detection of information security breaches is a key concern that has received much attention in the computer security literature (e.g., see [13,26,29,34,41]).0926-227X/11/$27.50
Cyber security breaches inflict costs to consumers and businesses. The possibility also exists that a cyber security breach may shut down an entire critical infrastructure industry, putting a nation's whole economy and national defense at risk. Hence, the issue of cyber security investment has risen to the top of the agenda of business and government executives. This paper examines how the existence of well-recognized externalities changes the maximum a firm should, from a social welfare perspective, invest in cyber security activities. By extending the cyber security investment model of Gordon and Loeb [1] to incorporate externalities, we show that the firm's social optimal investment in cyber security increases by no more than 37% of the expected externality loss.
Two modifications are made to the deep convection parameterization in the NCAR Community Climate System Model, version 3 (CCSM3): a dilute plume approximation and an implementation of the convective momentum transport (CMT). These changes lead to significant improvement in the simulated Madden-Julian oscillations (MJOs). With the dilute plume approximation, temperature and convective heating perturbations become more positively correlated. Consequently, more available potential energy is generated and the intraseasonal variability (ISV) becomes stronger. The organization of ISV is also improved, which is manifest in coherent structures between different MJO phases and an improved simulation of the eastward propagation of MJOs with a reasonable eastward speed. The improved propagation can be attributed to a better simulation of the low-level zonal winds due to the inclusion of CMT. The authors posit that the large-scale zonal winds are akin to a selective conveyor belt that facilitates the organization of ISVs into highly coherent structures, which are important features of observed MJOs. The conclusions are supported by two supplementary experiments, which include the dilute plume approximation and CMT separately.
Given the importance of cybersecurity to the survival of an organization, a fundamental economics-based question that must be addressed by all organizations is: How much should be invested in cybersecurity related activities? Gordon and Loeb [1] presented a model to address this question, and that model has received a significant amount of attention in the academic and practitioner literature. The primary objective of this paper is to discuss the Gordon-Loeb Model with a focus on gaining insights for the model's use in a practical setting.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.