Last update: Jan 18, 2022
In this post, I gathered recent IS publications (2010-current) on the topic of cybersecurity. It is by no means an exhaustive list of the topic. This does not cover other related topics such as privacy and ethics.
- Jacob Haislip, Jee-Hae Lim, Robert Pinsker (2021) The Impact of Executives’ IT Expertise on Reported Data Security Breaches. Information Systems Research 32(2):318-334.
- Ahmed Abbasi, David Dobolyi, Anthony Vance, Fatemeh Mariam Zahedi (2021) The Phishing Funnel Model: A Design Artifact to Predict User Susceptibility to Phishing Websites. Information Systems Research 32(2):410-436.
- (2020) Understanding Security Vulnerability Awareness, Firm Incentives, and ICT Development in Pan-Asia, Journal of Management Information Systems, 37:3, 668-693.
- Qian Tang & Andrew B. Whinston (2020) Do Reputational Sanctions Deter Negligence in Information Security Management? A Field Quasi‐Experiment, Production and Operations Management 29(2):410-427.
- Yoo, Chul & Goo, Jahyun & Rao, Raghav. (2020). Is Cybersecurity a Team Sport? A Multilevel Examination of Workgroup Information Security Effectiveness. MIS Quarterly. 44. 907-931.
- (2020) Semi-Supervised Cyber Threat Identification in Dark Net Markets: A Transductive and Deep Learning Approach, Journal of Management Information Systems, 37:3, 694-722
- (2020) The Effectiveness of Abstract Versus Concrete Fear Appeals in Information Security, Journal of Management Information Systems, 37:3, 723-757.
- (2020) Centralized IT Decision Making and Cybersecurity Breaches: Evidence from U.S. Higher Education Institutions, Journal of Management Information Systems, 37:3, 758-787.
- (2020) Impact of Cyberattacks by Malicious Hackers on the Competition in Software Markets, Journal of Management Information Systems, 37:1, 191-216
- John D’Arcy, Idris Adjerid, Corey M. Angst, Ante Glavas (2020) Too Good to Be True: Firm Social Performance and the Risk of Data Breach. Information Systems Research 31(4):1200-1223.
- Zan Zhang, Guofang Nan, Yong Tan (2020) Cloud Services vs. On-Premises Software: Competition Under Security Risk and Product Customization. Information Systems Research 31(3):848-864.
- Terrence August, Duy Dao, Kihoon Kim (2019) Market Segmentation and Software Security: Pricing Patching Rights. Management Science 65(10):4575-4597.
- Seung Hyun Kim, Juhee Kwon (2019) How Do EHRs and a Meaningful Use Initiative Affect Breaches of Patient Information?. Information Systems Research 30(4):1184-1202.
- Kai-Lung Hui, Ping Fan Ke, Yuxi Yao, Wei T. Yue (2019) Bilateral Liability-Based Contracts in Information Security Outsourcing. Information Systems Research 30(2):411-429.
- Victor Benjamin, Joseph S. Valacich, and Hsinchun Chen (2019) DICE-E: a framework for conducting darknet identification, collection, evaluation with ethics. MIS Quarterly 43(1):1–22.
- Indranil Bose and Alvin Chung Man Leung (2019) Adoption of identity theft countermeasures and its short- and long-term impact on firm value. MIS Quarterly 43(1):313–328.
- Corey M. Angst, Emily S. Block, John D’Arcy, and Ken Kelley (2017) When do IT security investments matter? Accounting for the influence of institutional factors in the context of healthcare data breaches. MIS Quarterly 41(3):893–916.
- Orcun Temizkan, Sungjune Park, Cem Saydam (2017) Software Diversity for Improved Network Security: Optimal Distribution of Software-Based Shared Vulnerabilities. Information Systems Research 28(4):828-849.
- Shu He, Gene Moo Lee, Sukjin Han, Andrew B. Whinston (2016) How Would Information Disclosure Influence Organizations’ Outbound Spam Volume? Evidence from a Field Experiment. Journal of Cybersecurity 2(1), pp. 99-118.
- Yonghua Ji, Subodha Kumar, Vijay Mookerjee (2016) When Being Hot Is Not Cool: Monitoring Hot Lists for Information Security. Information Systems Research 27(4):897-918.
- Karthik Kannan, Mohammad S. Rahman, Mohit Tawarmalani (2016) Economic and Policy Implications of Restricted Patch Distribution. Management Science 62(11):3161-3182.
- Chul Ho Lee, Xianjun Geng, Srinivasan Raghunathan (2016) Mandatory Standards and Organizational Information Security. Information Systems Research 27(1):70-86.
- Jingguo Wang, Manish Gupta, and H. Raghav Rao (2015) Insider threats in a financial institution: Analysis of attack-proneness of information systems applications. MIS Quarterly 39(1):91–112.
- Jingguo Wang, Nan Xiao, H. Raghav Rao (2015) Research Note—An Exploration of Risk Characteristics of Information Security Threats and Related Public Information Search Behavior. Information Systems Research 26(3):619-633.
- Sabyasachi Mitra, Sam Ransbotham (2015) Information Disclosure and the Diffusion of Information Security Attacks. Information Systems Research 26(3):565-584.
- Debabrata Dey, Atanu Lahiri, and Guoying Zhang (2014) Quality competition and market segmentation in the security software market. MIS Quarterly 38(2):589–606.
- Seung Hyun Kim and Byung Cho Kim (2014) Differential effects of prior experience on the malware resolution process. MIS Quarterly 38(3):655–678.
- Ryan T. Wright, Matthew L. Jensen, Jason Bennett Thatcher, Michael Dinger, Kent Marett (2014) Research Note—Influence Techniques in Phishing Attacks: An Examination of Vulnerability and Resistance. Information Systems Research 25(2):385-400.
- Asunur Cezar, Huseyin Cavusoglu, Srinivasan Raghunathan (2013) Outsourcing Information Security: Contracting Issues and Security Implications. Management Science 60(3):638-657.
- (2013) Managing Interdependent Information Security Risks: Cyberinsurance, Managed Security Services, and Risk Pooling Arrangements, Journal of Management Information Systems, 30:1, 123-152.
- Chul Ho Lee, Xianjun Geng, Srinivasan Raghunathan, (2012) Contracting Information Security in the Presence of Double Moral Hazard. Information Systems Research 24(2):295-311.
- Ransbotham, S., Mitra, S., & Ramsey, J. (2012). Are Markets for Vulnerabilities Effective? MIS Quarterly, 36(1), 43–64.
- Gupta, A., & Zhdanov, D. (2012). Growth and Sustainability of Managed Security Services Networks: An Economic Perspective. MIS Quarterly, 36(4), 1109–1130.
- (2012) Information Security Outsourcing with System Interdependency and Mandatory Security Requirement, Journal of Management Information Systems, 29:3, 117-156.
- Caliendo, M., Clement, M., Papies, D., & Scheel-Kopeinig, S. (2012). Research Note: The Cost Impact of Spam Filters: Measuring the Effect of Information System Technologies in Organizations. Information Systems Research, 23(3), 1068–1080.
- August, T., & Tunca, T. I. (2011). Who Should Be Responsible for Software Security? A Comparative Analysis of Liability Policies in Network Environments. Management Science, 57(5), 934–959.
- Chen, P., Kataria, G., & Krishnan, R. (2011). Correlated Failures, Diversification, and Information Security Risk Management. MIS Quarterly, 35(2), 397–422.
- Mookerjee, V., Mookerjee, R., Bensoussan, A., & Yue, W. T. (2011). When Hackers Talk: Managing Information Security Under Variable Attack Rates and Knowledge Dissemination. Information Systems Research, 22(3), 606–623.
- Galbreth, M. R., & Shor, M. (2010). The Impact of Malicious Agents on the Enterprise Software Industry. MIS Quarterly, 34(3), 595–612.
- Mahmood, M. A., Siponen, M., Straub, D., Rao, H. R., & Raghu, T. S. (2010). Moving Toward Black Hat Research in Information Systems Security: An Editorial Introduction to the Special Issue. MIS Quarterly, 34(3), 431–433.