Authors: Davis, Ginger; Garcia, Alfredo; Zhang, Weide

Source: Risk Analysis, Volume 29, Number 9, September 2009 , pp. 1304-1316(13)

Publisher: Wiley-Blackwell

Abstract:

We analyze the time series associated with web traffic for a representative set of online businesses that have suffered widely reported cyber security incidents. Our working hypothesis is that cyber security incidents may prompt (security conscious) online customers to opt out and conduct their business elsewhere or, at the very least, to refrain from accessing online services. For companies relying almost exclusively on online channels, this presents an important business risk. We test for structural changes in these time series that may have been caused by these cyber security incidents. Our results consistently indicate that cyber security incidents do not affect the structure of web traffic for the set of online businesses studied. We discuss various public policy considerations stemming from our analysis.

Keywords: Breach; security incident; security policy; structural change

Document Type: Research article

DOI: http://dx.doi.org/10.1111/j.1539-6924.2009.01245.x

Affiliations: 1: Department of Systems and Information Engineering, University of Virginia, Charlottesville, VA, USA.

Publication date: 2009-09-01

Related content

• In this: publication
• By this: publisher
• In this Subject: Technology ,  Mathematics and Statistics
• By this author: Davis, Ginger ;  Garcia, Alfredo ;  Zhang, Weide

Website © Publishing Technology. Article copyright remains with the publisher, society or author(s) as specified within the article.

• Terms and conditions
• Privacy policy
• Information for advertisers