The Journal of Society for e-Business Studies (한국전자거래학회지)

Society for e-Business Studies (한국전자거래학회)
권호 표지
DOI QR코드

DOI QR Code

Analyzing Effects on Firms' Market Value of Personal Information Security Breaches

개인정보 유출이 기업의 주가에 미치는 영향

  • Kim, JeongYeon (College of Business Administration, Sangmyung University)
  • 김정연 (상명대학교 경영대학 경영학부)
  • Received : 2013.02.09
  • Accepted : 2013.02.16
  • Published : 2013.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

With the increases of requirement for user identification in Internet services, we should let the service companies know my personal information. If the shared personal information with them are used in not-allowed area or delivered to un-authorized persons, we may have practical harms in several fields such as financial related operations. Korean Government has introduced new management method for personal information, but it is not hard to find the personal information management issues from Korean news papers. The proper measurement should be delivered to related companies to help them to decide investment for security. This paper review the indirect measurement method of demages by check the stock prices of related company for personal information management issue. We check the relationship between change of stock price and the information management issue. The result shows there are no changes in stock market. Korean government added strong regulations for personal information management though. To prevent further personal information issues, we should recognize the indirect damages properly and let the company pay higher reparations for any personal information abuse.

온라인 환경에서 개인정보의 사용 빈도가 많아짐과 동시에 제 3자에 의한 개인정보 수집 및 저장의 가능성도 높아지고 있다. 인터넷 서비스 제공에 사용되는 개인정보는 본인이 원하지 않는 용도로 사용되나 타인에게 유출되는 경우 뜻하지 않는 추가피해를 불러올 수 있다. 비록 개인정보 관리 제도의 개선이 이루어지고 있으나 여전히 개인정보의 유출 사례를 주변에서 손쉽게 찾아볼 수 있다. 개인정보보호에 관한 보다 합당한 투자 근거를 제시하기 위해서는 개인정보 유출로 인해 발생될 수 있는 피해의 측정이 선행되어야 한다. 본 논문은 해당 측정 방법의 하나인 개인정보 유출을 겪은 기업의 주가 변화를 측정하여 개인정보보호법 시행 이전보다 개인정보 보안과 관련한 인식이 개선되었는지 검증한다. 실증분석의 결과는 제도적 개선이 이루어지고 있음에도 불구하고 자본시장에서의 개인정보 유출로 인한 피해 인식은 크게 변화되지 않고 있음을 확인해 주고 있다. 여전히 주기적으로 발생하는 정보 보안 사건의 적극적 예방을 위해서는 그 피해액의 산정에 있어 개인의 추가 피해 가능성을 광범위하게 인정하는 전향적인 태도와 함께 피해 배상에 대한 의무를 명확히 인식할 수 있도록 추가적인 개선이 선행되어야 할 것으로 판단된다.

Keywords

References

  1. Ahn, H. G., "Trend and Forecast for the Confidential Information Leakage Prevention of Industries and Personal Privacy Protection," Korean Institute of Information Scientists and Engineers, Vol. 25, No. 8, pp. 42-47, 2007.
  2. Cavusoglu, H., M ishra, B., and Raghunathan, S., "The effect of internet security breach announcements on market value : Capital market reactions for breached firms and internet security developers," International Journal of Electronic Commerce, Vol. 9, No. 1, pp. 70-104, 2004.
  3. CIC Security Working Group, "Incident Cost Analysis and Modeling Project," 1998.
  4. Congressional Research Service, "The Economic Impact of Cyber-Attacks," 2004.
  5. Ettredge, M. and Richardson, V. J., "Assessing the risk in e-commerce," 2002. IEEE.
  6. Gordon, L. A. and Loeb, M. P., "Managing cyber-security resources : A costbenefit analysis," McGraw-Hill New York, Vol. 1. 2006.
  7. Han, C. H., Chai, S. W., Yoo, B. J., Ahn, D. H., and Park, C. H., "A Quantitative Assessment Model of Private Information Breach," The Journal of Society for e-Business Studies, Vol. 16, No. 4, pp. 17-31, 2011. https://doi.org/10.7838/jsebs.2011.16.4.017
  8. Kang, H., Park, K. C., Park, W. H., and Kuk, K. H., "A Study on Model for Assessment of Economic Damages Due to Cyber Terror," Journal of Infoamtion and Security, Vol. 9, No. 3, pp. 25-33, 2009.
  9. Kim, J. K. and Lee, D. H., "A Research on Information Security Risk-based Antecedents Influencing Electronic Commerce User's Trust," Asia Pacific Journal of Information Systems, Vol. 15, No. 2, pp. 65-96, 2005.
  10. Kong, H. K. and Kim, T. S., "Research trend on the effects of invest on information security," Review of Korea Institute of Information Security and Cryptology, Vol. 17, No. 4, pp. 26-33, 2007.
  11. Kwon, Y. O. and Kim, B. D., "The Effect of Information Security Breach and Security Investment Announcement on the Market Value of Korean Firms," Information Systems Review, Vol. 9, No. 1, pp. 105-120, 2007.
  12. Nam, K. H., Park, S. J., Kang, H. S., Nam, K. H., and Kim, S. I., "The latest technology trends and future prospects on personal data protection," Review of Korea Institute of Information Security and Cryptology, Vol. 18, No. 6, pp. 11-19, 2008.
  13. Nam, S. H., "Empirical Study on the Impact of Security events to the Stock Price in the Analysis method of Enterprise Security Investment Effect," Ph.D thesis, Korea University, 2006.
  14. Ryu, I. and Choi, H. R., "Factors Influencing the Consumer Trust and Mediating Roles of Trust on Purchasing Intention in B2C Electronic Commerce," Asia Pacific Journal of Information Systems, Vol. 13, No. 4, pp. 49-72, 2003.
  15. Smith, D. M., "The Cost of Lost Data," The George L. Graziadio School of Business and Management Report, Pepperdine University, 2003.
  16. Yoo, J. H., Jie, S. H., and Lim, J. I., "Estimating Direct Costs of Enterprises by Personal Information Security Breaches," Journal of Korea Institute of Information Security and Cryptology, Vol. 19, No. 4, pp. 63-75, 2009.
  17. Yoo, J. H., Gee, S. H., Song, H. I., Chung, K. H., and Lim, J. I., "Estimating Economic Damages from Internet Incidents," National Information Society Agency, Vol. 15, No. 1, pp. 3-18, 2008.

Cited by

  1. Business Performance Impact Caused by Display Restriction of Customer Information Identifier: Focusing on Domestic Securities Business vol.22, pp.4, 2013, https://doi.org/10.5859/KAIS.2013.22.4.49
  2. 개인정보 유출의 정보전이 효과 vol.27, pp.1, 2013, https://doi.org/10.5859/kais.2018.27.1.193
  3. A Study on Impact of Information Security Management on Sales Performance and the Value of Corporate: Focusing on Information Security Management System(ISMS) vol.20, pp.8, 2013, https://doi.org/10.9728/dcs.2019.20.8.1567
  4. Stock market reactions to favorable and unfavorable information security events: A systematic literature review vol.110, pp.None, 2021, https://doi.org/10.1016/j.cose.2021.102451