The price of insecurity: spillover effects of data breach in business-to-government markets
Data breaches can be more than simply a headline, as they can threaten critical government partnerships. This thesis explores the spillover effects of data breaches within the business-to-government (B2G) market, specifically examining how a data breach at one government contractor influences other non-breached contractors in this market. Using data breach incidents from the Privacy Rights Clearinghouse, the Identity Theft Resource Center, and web search engines, the findings suggest that a data breach at one government contractor adversely influences the market value of other non-breached contractors. This impact is more substantial for contractors with prior internal control weaknesses (ICWs), highlighting the importance of internal controls in the government supply chain. Moreover, breaches intensify government scrutiny of data security, increasing termination risks for non-breached contractors identified as having ICWs following data breaches. The main results are robust to additional tests, including subsamples excluding industry peers, the Global Financial Crisis (GFC) period, financial firms, and IT firms. In addition to these tests, this thesis applies an alternative model and an alternative estimation window to validate the event study findings, and the results confirm their robustness. Finally, this thesis also introduces non-contractor industry peers to compare the impact of ICWs on relationship termination between these peers and non-breached contractors following data breaches, underscoring the significant role of ICWs in relationship termination for non-breached contractors.