The Influence of Ethical Beliefs and Attitudes, Norms, and Prior Outcomes on Cybersecurity Investment Decisions

Recent data breaches underscore the importance of organizational cybersecurity. However, the high costs of such security can force chief financial officers (CFOs) to make difficult financial and ethical trade-offs that have both business and societal implications. We employ a 2 × 2 randomized experi...

Full description

Saved in:
Bibliographic Details
Published in:Business & society 2023-03, Vol.62 (3), p.488-529
Main Authors: Fleischman, Gary M., Valentine, Sean R., Curtis, Mary B., Mohapatra, Partha S.
Format: Article
Language:English
Subjects:
Decision making
Ethics
Investments
Managers
Peers
Security
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Recent data breaches underscore the importance of organizational cybersecurity. However, the high costs of such security can force chief financial officers (CFOs) to make difficult financial and ethical trade-offs that have both business and societal implications. We employ a 2 × 2 randomized experiment that varies both an observed scenario CFO’s investment decision (invest/not invest in security) and organizational outcomes (positive/negative) to investigate these trade-offs. Participant managers assess the observed CFO’s investment behavior and indicate their own intentions to invest. Results indicate that when the observed scenario CFO invests in security, managers primarily follow their peers when making investment decisions. However, when the observed CFO does not invest in security, managers make their own decisions by engaging in more in-depth reasoning that includes assessment of the seriousness of consequences, as well as the ethical and societal considerations. Moderated mediation findings further deconstruct and corroborate these relationships.
ISSN:0007-6503
1552-4205
DOI:10.1177/00076503221110156