{"id":"https://openalex.org/W2001566875","doi":"https://doi.org/10.1108/09685220310468646","title":"Quantifying the financial impact of IT security breaches","display_name":"Quantifying the financial impact of IT security breaches","publication_year":2003,"publication_date":"2003-04-25","ids":{"openalex":"https://openalex.org/W2001566875","doi":"https://doi.org/10.1108/09685220310468646","mag":"2001566875"},"language":"en","primary_location":{"id":"doi:10.1108/09685220310468646","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685220310468646","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048509087","display_name":"Ashish Garg","orcid":"https://orcid.org/0000-0001-8589-9067"},"institutions":[{"id":"https://openalex.org/I4210112894","display_name":"Ernst & Young (United States)","ror":"https://ror.org/02c00bp33","country_code":"US","type":"company","lineage":["https://openalex.org/I4210108721","https://openalex.org/I4210112894"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ashish Garg","raw_affiliation_strings":["Senior Manager, Economics and Business Analytics, Ernst & Young LLP, New York, USA","(Senior Manager, Economics and Business Analytics, Ernst & Young LLP, New York, USA)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Senior Manager, Economics and Business Analytics, Ernst & Young LLP, New York, USA","institution_ids":["https://openalex.org/I4210112894"]},{"raw_affiliation_string":"(Senior Manager, Economics and Business Analytics, Ernst & Young LLP, New York, USA)","institution_ids":["https://openalex.org/I4210112894"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5083304435","display_name":"Jeffrey Curtis","orcid":null},"institutions":[{"id":"https://openalex.org/I4210112894","display_name":"Ernst & Young (United States)","ror":"https://ror.org/02c00bp33","country_code":"US","type":"company","lineage":["https://openalex.org/I4210108721","https://openalex.org/I4210112894"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jeffrey Curtis","raw_affiliation_strings":["Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA","(Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA","institution_ids":["https://openalex.org/I4210112894"]},{"raw_affiliation_string":"(Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA)","institution_ids":["https://openalex.org/I4210112894"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5035703478","display_name":"Hilary Halper","orcid":null},"institutions":[{"id":"https://openalex.org/I4210112894","display_name":"Ernst & Young (United States)","ror":"https://ror.org/02c00bp33","country_code":"US","type":"company","lineage":["https://openalex.org/I4210108721","https://openalex.org/I4210112894"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Hilary Halper","raw_affiliation_strings":["Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA","(Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA","institution_ids":["https://openalex.org/I4210112894"]},{"raw_affiliation_string":"(Senior Consultant, Economics and Business Analytics, Ernst & Young LLP, New York, USA)","institution_ids":["https://openalex.org/I4210112894"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":14.2804,"has_fulltext":false,"cited_by_count":252,"citation_normalized_percentile":{"value":0.98272236,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":100},"biblio":{"volume":"11","issue":"2","first_page":"74","last_page":"83"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12276","display_name":"Risk Management in Financial Firms","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1402","display_name":"Accounting"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T12276","display_name":"Risk Management in Financial Firms","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1402","display_name":"Accounting"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9933000206947327,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10081","display_name":"Auditing, Earnings Management, Governance","score":0.9811999797821045,"subfield":{"id":"https://openalex.org/subfields/1402","display_name":"Accounting"},"field":{"id":"https://openalex.org/fields/14","display_name":"Business, Management and Accounting"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/credibility","display_name":"Credibility","score":0.6275177597999573},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.5968754291534424},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.5796458125114441},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5023818016052246},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4810200333595276},{"id":"https://openalex.org/keywords/stock-market","display_name":"Stock market","score":0.4673970341682434},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.45565155148506165},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.432280570268631},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3481450378894806},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3005370497703552},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.23039445281028748},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.12724635004997253},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.09598883986473083}],"concepts":[{"id":"https://openalex.org/C2780224610","wikidata":"https://www.wikidata.org/wiki/Q1530061","display_name":"Credibility","level":2,"score":0.6275177597999573},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.5968754291534424},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.5796458125114441},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5023818016052246},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4810200333595276},{"id":"https://openalex.org/C2780299701","wikidata":"https://www.wikidata.org/wiki/Q475000","display_name":"Stock market","level":3,"score":0.4673970341682434},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.45565155148506165},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.432280570268631},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3481450378894806},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3005370497703552},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.23039445281028748},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.12724635004997253},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.09598883986473083},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C2780762169","wikidata":"https://www.wikidata.org/wiki/Q5905368","display_name":"Horse","level":2,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1108/09685220310468646","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685220310468646","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4300000071525574,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":7,"referenced_works":["https://openalex.org/W1559424115","https://openalex.org/W1727893148","https://openalex.org/W2066778800","https://openalex.org/W2110321237","https://openalex.org/W3125546130","https://openalex.org/W4236158753","https://openalex.org/W4240307802"],"related_works":["https://openalex.org/W2953227786","https://openalex.org/W2508914475","https://openalex.org/W2033357182","https://openalex.org/W2120971814","https://openalex.org/W2092708554","https://openalex.org/W2065250680","https://openalex.org/W4293770853","https://openalex.org/W2349271268","https://openalex.org/W2793054839","https://openalex.org/W2356973015"],"abstract_inverted_index":{"Internet":[0],"security":[1,19,101,148,167],"is":[2,109,145],"a":[3,34,48,120],"pervasive":[4],"concern":[5],"for":[6,140],"all":[7],"companies.":[8,170],"However,":[9],"developing":[10],"the":[11,30,42,96,107,110,113,129,155],"business":[12],"case":[13],"to":[14,40,99,115],"support":[15],"investments":[16],"in":[17,27,50,61,85,161],"IT":[18,51,86,100,142,147,166],"has":[20,59,90,158],"been":[21],"particularly":[22],"challenging":[23],"because":[24],"of":[25,33,44,65,83,106,112,123,131,134,164],"difficulties":[26],"precisely":[28],"quantifying":[29],"economic":[31],"impact":[32],"breach.":[35],"Previous":[36],"studies":[37],"have":[38],"attempted":[39],"quantify":[41],"magnitude":[43],"losses":[45],"resulting":[46],"from":[47],"breach":[49],"security,":[52],"but":[53],"reliance":[54],"on":[55],"self\u2010reported":[56],"company":[57],"data":[58],"resulted":[60],"widely":[62],"varying":[63],"estimates":[64],"limited":[66],"credibility.":[67],"Employing":[68],"an":[69,76],"event":[70],"study":[71,74,108],"methodology,":[72],"this":[73],"offers":[75],"alternative":[77],"approach":[78],"and":[79,119,127,153],"more":[80],"rigorous":[81],"evaluation":[82],"breaches":[84,149],"security.":[87],"This":[88],"attempt":[89],"revealed":[91],"several":[92],"new":[93],"perspectives":[94],"concerning":[95],"market":[97,124,157],"reaction":[98],"breaches.":[102],"A":[103],"final":[104],"component":[105],"extension":[111],"analysis":[114],"incorporate":[116],"eSecurity":[117],"vendors":[118],"fuller":[121],"exploration":[122],"reactions":[125],"before":[126],"after":[128],"denial":[130],"service":[132],"attacks":[133],"February":[135],"2000.":[136],"The":[137],"key":[138],"takeaway":[139],"corporate":[141],"decision":[143],"makers":[144],"that":[146,154],"are":[150],"extremely":[151],"costly,":[152],"stock":[156],"already":[159],"factored":[160],"some":[162],"level":[163],"optimal":[165],"investment":[168],"by":[169]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":16},{"year":2023,"cited_by_count":9},{"year":2022,"cited_by_count":15},{"year":2021,"cited_by_count":17},{"year":2020,"cited_by_count":15},{"year":2019,"cited_by_count":12},{"year":2018,"cited_by_count":16},{"year":2017,"cited_by_count":10},{"year":2016,"cited_by_count":16},{"year":2015,"cited_by_count":7},{"year":2014,"cited_by_count":16},{"year":2013,"cited_by_count":9},{"year":2012,"cited_by_count":12}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}