Assessing Cybersecurity Risk for Oil &amp; Gas Mergers and Acquisitions

Hosseini, Kayvon; Paul, Donald L.

doi:10.2118/185626-ms

Cited by 4 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…acquisition activities exhibit inherent cybersecurity risk (Hosseini & Paul, 2017). Ultimately, we control for the number of employees (EMPLOYEES) as the weakest link in a rm's cybersecurity is human (Gozon et al, 2021).…”

Section: Empirical Modelmentioning

confidence: 99%

US-Russia Geopolitical Risk and Corporate Cybersecurity Risk: Evidence from 10-K Reports

Nguyen

2024

SSRN Journal

View full text Add to dashboard Cite

Section: Empirical Modelmentioning

confidence: 99%

US-Russia Geopolitical Risk and Corporate Cybersecurity Risk: Evidence from 10-K Reports

Nguyen

2024

SSRN Journal

View full text Add to dashboard Cite

“…Although numerous empirical research has been conducted to explore the determinants of firm-level cybersecurity risk as well as its impact on other corporate decisions (e.g., Aldasoro et al, 2022;Crosignani et al, 2023;Florackis et al, 2023;Hoang, 2023;Jamilov et al, 2020;Jiang et al, 2022;Nguyen & Hoang, 2023), none of them digs into the impact of M&A on firm-level cybersecurity risk. Hosseini and Paul (2017) show interest in this connection, but their research is in the form of a discussion paper and is limited to the oil and gas industry. Sun (2021) and Sun et al (2023), though also pay attention to data security and M&A, study the impact of the adoption of the Data Breach Notification Law on M&A intensity across US states.…”

Section: Introductionmentioning

confidence: 99%

Merger and acquisition, firm‐level cybersecurity risk, and research and development intensity

Vu,

Hoang,

Hoang

2024

Manage Decis Econ

View full text Add to dashboard Cite

This paper investigates the relationship between firm‐level cybersecurity risk and merger and acquisition (M&A) activities of firms in the United States from 2007 to 2018. Using a novel measure of firm‐level cybersecurity risk and the multivariate regression analysis, we find empirical evidence of a positive association between M&A and cybersecurity risk. Interestingly, cybersecurity risk only increases with intangible assets acquisitions, but not with tangible assets acquisitions. Further empirical analysis shows that the impact of M&A on cybersecurity risk is moderated by technological intensity, with firms that have higher levels of research and development (R&D) intensity facing less pronounced cybersecurity risk. Our findings are robust to different variable measurements and endogeneity diagnoses. Our results deliver important implications for practitioners and policymakers and make a valuable contribution to the literature by providing a more comprehensive understanding of the relationship between M&A and cybersecurity risk and by highlighting the role of corporate innovation in mitigating this risk.

show abstract

Cybersecurity for railways – A maturity model

Kour

Karim

Thaduri

2019

Proceedings of the Institution of Mechanical Engineers, Part F:

View full text Add to dashboard Cite

With the advancements in and widespread adoption of information and communication technologies in infrastructures, cyber-attacks are becoming more frequent and more severe. Advanced cybersecurity threats with automated capabilities are increasing in such sectors as finance, health, grid, retail, government, telecommunications, transportation, etc. Cyber-attacks are also increasing in railways with an impact on railway stakeholders, e.g. threat to the safety of employees, passengers, or the public in general; loss of sensitive railway information; reputational damage; monetary loss; erroneous decisions; loss of dependability, etc. There is a need to move towards advanced security analytics and automation to identify, respond to, and prevent such security breaches. The objective of this research is to reduce cyber risks and vulnerabilities and to improve the cybersecurity capabilities of railways by evaluating their cybersecurity maturity levels and making recommendations for improvements. After assessing various cybersecurity maturity models, the Cybersecurity Capability Maturity Model (C2M2) was selected to assess the cybersecurity capabilities of railway organizations. The contributions of this research are as follows. First, a new maturity level MIL4 (Maturity Indicator Level 4) is introduced in the C2M2 model. Second, the C2M2 model is adapted by adding advanced security analytics and threat intelligence to develop the Railway-Cybersecurity Capability Maturity Model (R-C2M2). The cybersecurity maturity of three railway organizations is evaluated using this model. Third, recommendations and available standards & guidelines are provided to the three railway organizations to improve maturity levels within different domains. In addition, they are given an action plan to implement the recommendations in a streamlined way. The application of this model will allow railway organizations to improve their capability to reduce the impacts of cyber-attacks and eradicate vulnerabilities. The approach can also be extended to other infrastructures with necessary adaptations.

show abstract

Assessing Cybersecurity Risk for Oil & Gas Mergers and Acquisitions

Cited by 4 publications

References 0 publications

US-Russia Geopolitical Risk and Corporate Cybersecurity Risk: Evidence from 10-K Reports

US-Russia Geopolitical Risk and Corporate Cybersecurity Risk: Evidence from 10-K Reports

Merger and acquisition, firm‐level cybersecurity risk, and research and development intensity

Cybersecurity for railways – A maturity model

Contact Info

Product

Resources

About