Reporting a Cyber Security Breach: How Organizations Respond-Reference-Cited by-同舟云学术

Reporting a Cyber Security Breach: How Organizations Respond

Published:2024-03-11 Issue: Volume: Page:
ISSN:2329-4884
Container-title:International Journal of Business Communication
language:en
Short-container-title:International Journal of Business Communication

Author:

Naidoo Jef¹,Dulek Ron¹^ORCID,Butler Seth¹^ORCID,Baily Brooke¹

Affiliation:

1. The University of Alabama, Tuscaloosa, AL, USA

Abstract

Cyber breaches and ransomware attacks now occur so frequently that they have become facets of organizational life. These breaches are unique in that they are initially silent; a limited number of organizational members know about the incident so firms usually have ample time to prepare a Cyber Breach Revelation (CBR). This study analyzes 378 press releases acknowledging a cyber security breach. It finds four response clusters that highlight how compromised organizations reveal cyberattacks to external stakeholders: (1) empathetic acknowledgment; (2) assurance of the organization’s breach-handling capability; (3) restoration of confidence; and, (4) re-establishment of trust and loyalty. These clusters provide meaningful insights as to how firms reveal cyber breaches to their stakeholders and, equally as important, open the door for further studies as to the effectiveness and sequencing of these approaches.

Publisher

SAGE Publications

Link

http://journals.sagepub.com/doi/pdf/10.1177/23294884241236201

Reference53 articles.

1. CEO Rhetorical Communication Strategies Following Large-Scale Data Breaches

2. Do firms underreport information on cyber-attacks? Evidence from capital markets

3. Can Shareholders Benefit from Consumer Protection Disclosure Mandates? Evidence from Data Breach Disclosure Laws

4. The Impact of CEO Ethnicity and Language Choice on Crisis Communication in Japan