Academic Research on the Role of Corporate Governance and IT Expertise in Addressing Cybersecurity Breaches: Implications for Practice, Policy, and Research-Reference-Cited by-同舟云学术

Academic Research on the Role of Corporate Governance and IT Expertise in Addressing Cybersecurity Breaches: Implications for Practice, Policy, and Research

Published:2021-04-21 Issue:2 Volume:15 Page:A9-A23
ISSN:1936-1270
Container-title:Current Issues in Auditing
language:en
Short-container-title:

Author:

Hartmann Caroline C¹^ORCID,Carmenate Jimmy²^ORCID

Affiliation:

1. Texas A&M University–Commerce

2. Florida International University

Abstract

SUMMARY Frequent cyber-attacks on organizations in the last decade have caught the attention of practitioners and governance bodies, who have called for boards to take a more active role in managing and preventing future cyber risks. Governance surveys, however, find that boards are not sufficiently prepared to address cybersecurity risks due to a lack of IT expertise. Firms have begun appointing technology experts, creating board-level technology (IT) committees and delegating responsibilities to the audit committee as a means of managing cybersecurity risk. With the aim of understanding the current and future role of governance mechanisms in managing cybersecurity risks, this paper reviews the existing cybersecurity guidelines and regulations, and summarizes the empirical research related to corporate governance, security breaches, and IT expertise in overseeing cyber risks. Finally, we discuss implications for practice, policy, and researchers.

Publisher

American Accounting Association

Subject

Accounting

Link

http://meridian.allenpress.com/cia/article-pdf/15/2/A9/2900757/i1936-1270-15-2-a9.pdf

Reference47 articles.

1. Aguilar, L.A. 2014. Board of Directors Corporate Governance and Cyber-Risks: Sharpening the Focus. Cyber Risks in the Boardroom Conference, New York Stock Exchange (June 10). New York, NY: SEC. Available at: https://www.sec.gov/news/speech/2014-spch061014laa

2. Armstrong, C., and SambamurthyV. 1999. Information technology assimilation in firms: The influence of senior leadership and IT infrastructure. Information Systems Research10 ( 4): 304– 327. https://doi.org/10.1287/isre.10.4.304

3. Banker, R. D., and FengC. 2019. The impact of information security breach incidents on CIO turnover. Journal of Information Systems33 ( 3): 309– 329. https://doi.org/10.2308/isys-52532

4. Bassellier, G., Benbasat I., and ReichH. 2003. The influence of business managers' IT competence on championing IT. Information Systems Research14 ( 4): 317– 336. https://doi.org/10.1287/isre.14.4.317.24899

5. Becerra, X. 2020. California Consumer Privacy Act (CCPA). Xavier Becerra Attorney General. Sacramento, CA: California Department of Justice. Available at: https://oag.ca.gov/privacy/ccpa

Cited by 14 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. The audit committee’s IT expertise and its impact on the disclosure of cybersecurity risk;Research in International Business and Finance;2025-01

2. The Role of IT Governance Risk and Compliance (IT GRC) in Modern Organizations;International Journal of Latest Technology in Engineering Management & Applied Science;2024-07-13

3. Corporate communication and likelihood of data breaches;International Review of Economics & Finance;2024-07

4. Corporate social irresponsibility and the occurrence of data breaches: A stakeholder management perspective;International Journal of Accounting Information Systems;2024-06

5. Unravelling the three lines model in cybersecurity: a systematic literature review;Computers & Security;2024-04