The following paper has been accepted for publication in JISSec:
The Intangible Cost of Information Security Breaches: A State of the Art Analysis
In: Journal of Information System Security (2015), Vol. 11, No. 2, pp. 111–130.
Abstract: Information security breaches constitute a major concern for businesses in today's interconnected digital economy. Practice and previous research mention that security breaches have various tangible and intangible consequences on organizations. Decreased sales and lost revenue are tangible effects, while loss of investors' confidence, reputation damage, loss of competitiveness and loss of consumer trust are intangible costs. In contrast to the tangible costs of security breaches, the quantification of the intangible costs is not straightforward, therefore this literature review study focuses on the intangible costs of security breaches. The analysis reveals that while certain costs, such as loss of investors' confidence, have received considerable attention in research, others, such as reputation damage or loss of consumer trust remain barely explored and require further inquiry. In addition, several studies show a lack of theory, as they do not build upon specific reference theories to address their research objectives.