1. Introduction
In recent years, with the increasing prevalence of the Internet and cloud infrastructure, more and more businesses have begun to utilize information systems to improve the efficiency of their internal and external operations. As a result, many problems surrounding information technology management have arisen. When a company’s operational data can be quickly diffused within the organization and even across organizations, ensuring the integrity, confidentiality, and accessibility of the data is an issue that the company should seriously deal with while reaping the benefit of high efficiency [
1].
In addition, as network transmission capacity and computer performance have continuously improved, hackers are able to steal important corporate secrets or consumers’ personal information within a short time. Attacks from hackers and malicious software, and the resulting damage, are steadily growing, making assurance of information security more important than ever. In several information security events, such as the recent data leak suffered by Cathay Pacific Airways, where 9.4 million passengers were affected, all the affected companies suffered serious damage to their corporate image, a decline of their customers’ confidence in the firm’s website and system, and a tremendous financial loss.
An information security vulnerability can cause losses in a wide range of aspects. In addition to a reduction in revenue, the company may suffer intangible losses that are even greater. Take the event where customers’ credit card data are stolen due to inadequate security protection as an example. The data breach will result in a collapse of customer confidence and trust. The loss of this kind of intangible asset is usually greater than the loss in business operations.
Due to cost considerations, firms usually pay little attention to or ignore the importance of information security. As a result, all kinds of security events still periodically occur. Therefore, by analyzing news coverage of information security events and stock prices, this study attempts to highlight the potential effect of an information security event on stock prices, providing evidence that reminds firms to attach importance to information security and establish a reliable and safe platform for their users.
In addition, in recent years, fake news has been increasingly rampant, and many media have been found to report news with a bias. In the analysis of news content, this study will analyze the use of negative words and certain keywords in articles. The results can be a reference for news media, and can contribute to higher accuracy and impartiality of news reporting.
This study relies on an integrated application of the event study method and various analysis methods to explore the effect of security events on stock prices, and whether the wording and phrasing of news articles also affect stock prices of the reported firm. In the analysis of abnormal returns, this study collects information security events that occurred in recent years and excludes events that may affect the calculation of abnormal returns, such as mergers and acquisitions. After proper samples are selected for analysis, this study calculates if the company involved in the event suffered negative abnormal returns. Later, a content analysis of the news articles will be carried out. By extracting and analyzing keywords and negative words related to information security, this study attempts to examine if the presence of any keywords and negative words in a news report results in abnormal returns.
Finally, through validation of hypotheses and analysis of wording and phrasing of news articles, this study hopes to increase firms’ awareness of the security of their information systems. In so doing, it seeks to motivate firms to reduce the loss of profits or damage to corporate image resulting from a security breach or hacker attack, and to consolidate their infrastructure and employee training to enhance the security of their information systems.
In prior research of the association between information security and stock price fluctuation, event study is a common method employed to examine whether news coverage of certain events has an effect on the rise or decline of the company’s stock price. The event study method explores investors’ responses to news that is just released to the market. The objective is to examine whether the occurrence of a certain event induces an abnormal change in the firm’s stock price and further creates abnormal returns (AR).
In this study, an event study analysis, statistical testing methods, and the decision tree approach are used to explore the correlation between information security events and abnormal returns. Later, the source, use of negative words, and other variables of news articles are analyzed using a number of tools, including the decision tree, support vector machine (SVM), and random forest, to identify their respective associations with abnormal returns.
Previous research data sets are dated and have not been subject to news content analysis. In this study, the information security events published in major newspapers in the U.S. between 1 January 2009 and 31 December 2015 are analyzed. From a further analysis, we also found that the influence of information security news is the greatest on the day following the event. Based on the news content extracted features, this study applies decision tree, SVM, and random forest methods to explore the key factors affecting information security events and abnormal returns, as well as the importance of each variable.
This paper consists of five sections. The first section is an introduction of the research background, motivations, objectives, and contributions. The second section reviews related works and their findings. The third section explains the methodology, including the data collection method and the procedure for event study. The fourth section explains the data analysis and experimental results. The fifth section concludes this study and offers suggestions for future researchers.
5. Conclusions
In this study, the information security events published in major newspapers in the U.S. between 1 January 2009 and 31 December 2015 are analyzed. The conclusions are summarized as follows:
- (1)
The empirical evidence indicates that news coverage of corporate information security events diffuses negative messages among investors, which would in turn cause fluctuation in the firm’s share prices and generation of negative returns.
- (2)
The decision tree analysis shows that the news source and negative words are critically important factors that affect abnormal returns.
- (3)
In further SVM and random forest analyses, other factors are examined, including the number of negative words, presence of negative words in the headline, and total word count. These are found to also be important variables that influence the effect of a news event on abnormal returns.
Through the analyses and statistical testing of the event study method, information security news has significant influence on firms and may lead to negative returns.
The results can contribute to higher corporate awareness of the importance of information security tasks, from regular education training of employees to strengthening of corporate information systems. According to the findings, firms are advised to find and develop preventive methods and solutions to achieve better and more comprehensive protection of information security. Firms, especially those in industries characterized by relatively higher market sensitivity, need to ensure information security so as to avoid losses resulting from a security breach.
Finally, despite efforts to collect a more representative sample, news about information security can be diffused not only via news media but also via other channels, such as social media. However, a more appropriate model for collecting and analyzing samples from multiple media is still absent. Whether investors are influenced by news from social media to make a different investment decision cannot be predicted. The effect of this news diffusion channel must be considered and analyzed in future research.