发布者：管理科学与工程系 时间：2023-07-23 阅读次数：614
报告题目：How Mergers and Acquisitions Increase Data Breaches: A Complexity Perspective
Huigang Liang is FedEx Chair of Excellence and professor in Information Systems at the University of Memphis. His research focuses on socio-behavioral, managerial, and strategic IT issues at both individual and organizational levels in a variety of contexts such as AI, cybersecurity, and healthcare. His work has appeared in MISQ, ISR, JMIS, JAIS, among others. His research has been supported by grants from FedEx, NIH, Sloan Foundation, and others. He is currently Associate Editor for ISR and Senior Editor for JAIS.
This study examines how the M&As of a firm influence its number of data breaches. Drawing from complexity theory and matching theory, we propose that M&As increase data breaches and this effect is contingent on the M&A diversity (dissimilarity between the parent and target firms). Based on the 18-year panel data (2004-2021) of 5072 public firms in the United States, we find that more M&As by a firm lead to more data breaches. Moreover, we reveal that the number of data breaches increases even more when the parent and target firms operate in different business domains. This finding is confirmed when we operationalize M&A diversity as size discrepancy between the parent and target firms or strategic type difference (vertical vs. horizontal M&A). Furthermore, based on routine activity theory, we explore two additional moderating mechanisms through which M&As influence data breaches: M&A media publicity and target vulnerability. Our analyses demonstrate that M&As with higher media publicity experience more data breaches than those with lower media publicity, but M&As involving a more vulnerable target firm lead to fewer data breaches than those involving a less vulnerable target firm. This study not only confirms the impact of M&As on data breach recurrence but also unveils various underlying mechanisms of this impact, thus making a significant contribution to both research and practice in information systems.