Best Security Measures to Reduce Cyber-Incident and Data Breach Risks

Hiroaki Kikuchi, Michihiro Yamada, Kazuki Ikegami, Koji Inui

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Corporations plan to adopt appropriate combinations of data privacy managements to mitigate the risk of data breach. Examples of such well-established measures include the certification of an information security management system, a periodic security auditing, and dedicated positions such as a Chief Information Officer (CIO). However, the effectiveness of introducing each of these measures to reduce the risk of data breach is unclear. To assess the effective risk reduction, this work combines the big data of cyber incidents with the attributes of corporations and computes the relative risk with respect to these security measures. Our analysis of five-year data from about 6,000 corporations reveals a negative effect for most measures. The results must be biased by industry characteristics associated with the risk of cyber incidents such as business style and company scale, which are known confounding factors. After investigating company attributes individually, we identify the significant confounding factors that represent obstacles to risk analysis. Using hypothesis testing and multiple logistic regression analysis, we adjust odds ratios for 17 security measures, social responsibilities, environmental conditions, and employment arrangements. The results confirm that an environmental auditing reduces the risk by one-third at a statistically significant level.

Original languageEnglish
Title of host publicationData Privacy Management, Cryptocurrencies and Blockchain Technology - ESORICS 2021 International Workshops, DPM 2021 and CBT 2021, Revised Selected Papers
EditorsJoaquin Garcia-Alfaro, Jose Luis Muñoz-Tapia, Guillermo Navarro-Arribas, Miguel Soriano
PublisherSpringer Science and Business Media Deutschland GmbH
Pages3-19
Number of pages17
ISBN (Print)9783030939434
DOIs
Publication statusPublished - 2022
Event16th International Workshop on Data Privacy Management, DPM 2021, and 5th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2021 held in conjunction with ESORICS 2021 - Virtual, Online
Duration: 8 Oct 20218 Oct 2021

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume13140 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference16th International Workshop on Data Privacy Management, DPM 2021, and 5th International Workshop on Cryptocurrencies and Blockchain Technology, CBT 2021 held in conjunction with ESORICS 2021
CityVirtual, Online
Period8/10/218/10/21

Fingerprint

Dive into the research topics of 'Best Security Measures to Reduce Cyber-Incident and Data Breach Risks'. Together they form a unique fingerprint.

Cite this