RUcore: Rutgers University Community Repository
Three essays on cybersecurity-related issues
Descriptive
TitleInfo
Title
Three essays on cybersecurity-related issues
Name
(type = personal)
NamePart
(type = family)
Li
NamePart
(type = given)
He
DisplayForm
He Li
Role
RoleTerm
(authority = RULIB)
author
Name
(type = personal)
NamePart
(type = family)
Vasarhelyi
NamePart
(type = given)
Miklos A
DisplayForm
Miklos A Vasarhelyi
Affiliation
Advisory Committee
Role
RoleTerm
(authority = RULIB)
chair
Name
(type = corporate)
NamePart
Rutgers University
Role
RoleTerm
(authority = RULIB)
degree grantor
Name
(type = corporate)
NamePart
Graduate School - Newark
Role
RoleTerm
(authority = RULIB)
school
TypeOfResource
Text
Genre
(authority = marcgt)
theses
OriginInfo
DateCreated
(qualifier = exact)
2017
DateOther
(qualifier = exact);
(type = degree)
2017-10
CopyrightDate
(encoding = w3cdtf);
(qualifier = exact)
2017
Place
PlaceTerm
(type = code)
xx
Language
LanguageTerm
(authority = ISO639-2b);
(type = code)
eng
Abstract
(type = abstract)
This dissertation consists of three essays that examine cybersecurity-related matters. In the first essay, I investigate whether external auditors respond to cyber incidents by charging higher audit fees and whether they price cybersecurity risk before the actual event happens when there is no explicit requirement from the regulators. Findings in the essay suggest that cyber incidents lead to increase in audit fees, and the increase is smaller for firms with prior cybersecurity risk disclosures. In addition, firms with repeated cyber incidents or cyber incidents that involve intellectual property experience larger increases in audit fees. However, auditor’s concern over cyber incidents is mitigated by monitoring from large and sophisticated external stakeholders. The second essay examines the informativeness of cybersecurity risk disclosure and provides three main results. First, both the presence and length of cybersecurity risk disclosure are informative of future reported cyber incidents. Second, market participants are using information conveyed by the presence of cybersecurity risk disclosure, but not the information content which is measured by the adjusted length of the disclosure. Third, the presence of cybersecurity risk disclosure is no longer significantly associated with subsequently reported cyber incidents after the passage of cybersecurity disclosure guidance. However, the essay fails to find a significant association between firm-specific disclosure and cyber incidents. In the third essay, issues regarding assurance on cybersecurity are discussed. In particular, I argue that data analytics should be an integral part of cybersecurity assurance, and introduce a process of using data analytics in testing cybersecurity controls. Illustrative examples of the process using synthetic data are provided to demonstrate that data analytics is a well-suited approach for providing assurance on cybersecurity. A set of critical challenges for applying data analytics in the assurance engagement are also discussed.
Subject
(authority = RUETD)
Topic
Management
Subject
(authority = ETD-LCSH)
Topic
Computer security
RelatedItem
(type = host)
TitleInfo
Title
Rutgers University Electronic Theses and Dissertations
Identifier
(type = RULIB)
ETD
Identifier
ETD_8358
PhysicalDescription
Form
(authority = gmd)
electronic resource
InternetMediaType
application/pdf
InternetMediaType
text/xml
Extent
1 online resource (x, 144 p. : ill.)
Note
(type = degree)
Ph.D.
Note
(type = bibliography)
Includes bibliographical references
Note
(type = statement of responsibility)
by He Li
RelatedItem
(type = host)
TitleInfo
Title
Graduate School - Newark Electronic Theses and Dissertations
Identifier
(type = local)
rucore10002600001
Location
PhysicalLocation
(authority = marcorg);
(displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier
(type = doi)
doi:10.7282/T3J67M1P
Genre
(authority = ExL-Esploro)
ETD doctoral
Back to the top
Rights
RightsDeclaration
(ID = rulibRdec0006)
The author owns the copyright to this work.
RightsHolder
(type = personal)
Name
FamilyName
Li
GivenName
He
Role
Copyright Holder
RightsEvent
Type
Permission or license
DateTime
(encoding = w3cdtf);
(qualifier = exact);
(point = start)
2017-09-18 00:05:57
AssociatedEntity
Name
HE LI
Role
Copyright holder
Affiliation
Rutgers University. Graduate School - Newark
AssociatedObject
Type
License
Name
Author Agreement License
Detail
I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.
Copyright
Status
Copyright protected
Availability
Status
Open
Reason
Permission or license
Back to the top
Technical
RULTechMD
(ID = TECHNICAL1)
ContentModel
ETD
OperatingSystem
(VERSION = 5.1)
windows xp
CreatingApplication
Version
1.7
ApplicationName
Microsoft® Word 2016
DateCreated
(point = end);
(encoding = w3cdtf);
(qualifier = exact)
2017-09-19T13:48:11
DateCreated
(point = end);
(encoding = w3cdtf);
(qualifier = exact)
2017-09-19T13:48:11
Back to the top
Statistical Profile