Abstract
ABSTRACT This study examines whether a firm’s business strategy is an underlying determinant of cybersecurity breach likelihood. Based on organizational theory, firm strategy can focus on innovation or efficiency, with innovative strategy firms being more likely to have weaker, decentralized control systems, multiple technologies, and greater risk than firms with an efficiency-focused strategy. Following the Miles and Snow (1978) strategy topology, we predict and find that the prospector business strategy is associated with greater breach likelihood. We further explore IT awareness within the firm. Ex ante, it is unclear whether strategic IT policy formation is impounded into a firm’s strategy or can be impacted by individual executives and nonstrategy firm characteristics. We find that IT understanding at the executive or firm level can affect the relationship between strategy and breach likelihood. Collectively, our results indicate that business strategy is a useful indicator in evaluating firms’ cybersecurity activities.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
