{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T14:32:54Z","timestamp":1774449174911,"version":"3.50.1"},"reference-count":65,"publisher":"Emerald","issue":"9","license":[{"start":{"date-parts":[[2020,8,13]],"date-time":"2020-08-13T00:00:00Z","timestamp":1597276800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IMDS"],"published-print":{"date-parts":[[2020,8,13]]},"abstract":"Purpose<\/jats:title>The objective of this paper is to investigate how firms react to cybersecurity information sharing environment where government organizations disseminate cybersecurity threat information gathered by individual firms to the private entities. The overall impact of information sharing on firms' cybersecurity investment decision has only been game-theoretically explored, not giving practical implication. The authors therefore leverage the Cybersecurity Information Sharing Act of 2015 (CISA) to observe firms' attitudinal changes toward investing in cybersecurity.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>The authors design a quasi-experiment where they set US cybersecurity firms as an experimental group (a proxy for total investment in cybersecurity) and nonsecurity firms as a control group to measure the net effect of CISA on overall cybersecurity investment. To enhance the robustness of the authors\u2019 difference-in-difference estimation, the authors employed propensity score matched sample test and reduced sample test as well.<\/jats:p><\/jats:sec>Findings<\/jats:title>For the full sample, the authors\u2019 empirical findings suggest that US security firms' overall performance (i.e. Tobin's Q) improved following the legislation, which indicates that more investment in cybersecurity was followed by the formation of information sharing environment. Interestingly, big cybersecurity firms are beneficiaries of the CISA when the full samples are divided into small and large group. Both Tobin's Q and sales growth rate increased for big firms after CISA.<\/jats:p><\/jats:sec>Research limitations\/implications<\/jats:title>The authors\u2019 findings shed more light on the research stream of cybersecurity and information sharing, a research area only explored by game-theoretical approaches. Given that the US government has tried to enforce cybersecurity defensive measures by building cooperative architecture such as CISA 2015, the policy implication of this study is far-reaching.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>The authors\u2019 study contributes to the research on the economic benefits of sharing cybersecurity information by finding the missing link (i.e. empirical evidence) between \u201csharing\u201d and \u201ceconomic impact.\u201d This paper confirms that CISA affects the cybersecurity industry unevenly by firm size, a previously unidentified relationship.<\/jats:p><\/jats:sec>","DOI":"10.1108\/imds-10-2019-0536","type":"journal-article","created":{"date-parts":[[2020,8,13]],"date-time":"2020-08-13T12:45:55Z","timestamp":1597322755000},"page":"1777-1794","source":"Crossref","is-referenced-by-count":15,"title":["The impact of information sharing legislation on cybersecurity industry"],"prefix":"10.1108","volume":"120","author":[{"given":"Agnes","family":"Yang","sequence":"first","affiliation":[]},{"given":"Young Jin","family":"Kwon","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1937-3144","authenticated-orcid":false,"given":"Sang-Yong Tom","family":"Lee","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2020090709493928900_ref001","article-title":"Is there a cost to privacy breaches? An event study","year":"2006"},{"issue":"2","key":"key2020090709493928900_ref002","doi-asserted-by":"crossref","first-page":"258","DOI":"10.1111\/poms.12417","article-title":"Customer\u2010base concentration and inventory efficiencies: evidence from the manufacturing sector","volume":"25","year":"2016","journal-title":"Production and Operations Management"},{"issue":"5","key":"key2020090709493928900_ref003","first-page":"350","article-title":"Does information security attack frequency increase with vulnerability disclosure? An empirical analysis","volume":"8","year":"2006","journal-title":"Information Systems Frontiers"},{"issue":"1","key":"key2020090709493928900_ref004","doi-asserted-by":"crossref","first-page":"115","DOI":"10.1287\/isre.1080.0226","article-title":"An empirical analysis of software vendors patch release behavior: impact of vulnerability disclosure","volume":"21","year":"2010","journal-title":"Information Systems Research"},{"key":"key2020090709493928900_ref005","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1561\/104.00000036","article-title":"Shock-based causal inference in corporate finance and accounting research","volume":"5","year":"2016","journal-title":"Critical Finance Review"},{"issue":"3","key":"key2020090709493928900_ref006","doi-asserted-by":"crossref","first-page":"399","DOI":"10.1080\/00273171.2011.568786","article-title":"An introduction to propensity score methods for reducing the effects of confounding in observational studies","volume":"46","year":"2011","journal-title":"Multivariate Behavioral Research"},{"key":"key2020090709493928900_ref007","volume-title":"CBEST Intelligence-Led Testing: Understanding Cyber Threat Intelligence Operations","author":"Bank of England","year":"2016"},{"issue":"2","key":"key2020090709493928900_ref008","doi-asserted-by":"crossref","first-page":"315","DOI":"10.1287\/isre.2017.0714","article-title":"Real options models for proactive uncertainty-reducing mitigations and applications in cybersecurity investment decision making","volume":"29","year":"2018","journal-title":"Information Systems Research"},{"issue":"7","key":"key2020090709493928900_ref009","doi-asserted-by":"crossref","first-page":"1008","DOI":"10.1287\/mnsc.45.7.1008","article-title":"Information technology effects on firm performance as measured by Tobins q","volume":"45","year":"1999","journal-title":"Management Science"},{"issue":"3","key":"key2020090709493928900_ref010","doi-asserted-by":"crossref","first-page":"637","DOI":"10.1086\/260062","article-title":"The pricing of options and corporate liabilities","volume":"81","year":"1973","journal-title":"Journal of Political Economy"},{"issue":"1","key":"key2020090709493928900_ref011","doi-asserted-by":"crossref","first-page":"313","DOI":"10.25300\/MISQ\/2019\/14192","article-title":"Adoption of identity theft countermeasures and its short-and long-term impact on firm value","volume":"43","year":"2019","journal-title":"MIS Quarterly"},{"key":"key2020090709493928900_ref012","doi-asserted-by":"crossref","first-page":"138","DOI":"10.1057\/9780230523210_7","article-title":"Externality","volume-title":"Classic Papers in Natural Resource Economics","year":"1962"},{"issue":"12","key":"key2020090709493928900_ref013","doi-asserted-by":"crossref","first-page":"5497","DOI":"10.1287\/mnsc.2017.2916","article-title":"Can you gig it? An empirical examination of the gig economy and entrepreneurial activity","volume":"64","year":"2018","journal-title":"Management Science"},{"issue":"3","key":"key2020090709493928900_ref014","doi-asserted-by":"crossref","first-page":"431","DOI":"10.3233\/JCS-2003-11308","article-title":"The economic cost of publicly announced information security breaches: empirical evidence from the stock market","volume":"11","year":"2003","journal-title":"Journal of Computer Security"},{"issue":"1","key":"key2020090709493928900_ref015","doi-asserted-by":"crossref","first-page":"70","DOI":"10.1080\/10864415.2004.11044320","article-title":"The effect of internet security breach announcements on market value: capital market reactions for breached firms and internet security developers","volume":"9","year":"2004","journal-title":"International Journal of Electronic Commerce"},{"issue":"2","key":"key2020090709493928900_ref016","doi-asserted-by":"crossref","first-page":"281","DOI":"10.2753\/MIS0742-1222250211","article-title":"Decision-theoretic and game-theoretic approaches to IT security investment","volume":"25","year":"2008","journal-title":"Journal of Management Information Systems"},{"issue":"4","key":"key2020090709493928900_ref017","doi-asserted-by":"crossref","first-page":"651","DOI":"10.1016\/j.dss.2010.08.017","article-title":"Firms information security investment decisions: stock market evidence of investors behavior","volume":"50","year":"2011","journal-title":"Decision Support Systems"},{"key":"key2020090709493928900_ref018","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1007\/978-3-642-39498-0_2","article-title":"To invest or not to invest? Assessing the economic viability of a policy and security configuration management tool","volume-title":"The Economics of Information Security and Privacy","year":"2013"},{"issue":"2","key":"key2020090709493928900_ref019","first-page":"660","article-title":"Environmental benefits of internet-enabled C2C closed-loop supply chains: a quasi-experimental study of craigslist","volume":"65","year":"2018","journal-title":"Management Science"},{"key":"key2020090709493928900_ref020","volume-title":"Investment Under Uncertainty","year":"1994"},{"key":"key2020090709493928900_ref021","first-page":"189","article-title":"Marketing secrets: a conceptual model and quasi-experimental study: an abstract,","year":"2018"},{"key":"key2020090709493928900_ref022","doi-asserted-by":"crossref","unstructured":"Fleming, M.H. and Goldstein, E. (2012), \u201cMetrics for measuring the efficacy of critical-infrastructure-centric cybersecurity information sharing efforts\u201d, available at: https:\/\/ssrn.com\/abstract=2201033 (accessed 5 May 2018).","DOI":"10.2139\/ssrn.2201033"},{"issue":"2","key":"key2020090709493928900_ref023","doi-asserted-by":"crossref","first-page":"367","DOI":"10.2307\/1885531","article-title":"Incentives for information production and disclosure in a duopolistic environment","volume":"99","year":"1984","journal-title":"Quarterly Journal of Economics"},{"issue":"2","key":"key2020090709493928900_ref024","doi-asserted-by":"crossref","first-page":"186","DOI":"10.1287\/isre.1050.0053","article-title":"The economic incentives for sharing security information","volume":"16","year":"2005","journal-title":"Information Systems Research"},{"issue":"2","key":"key2020090709493928900_ref025","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1093\/cybsec\/tyx009","article-title":"Strategic news bundling and privacy breach disclosures","volume":"3","year":"2017","journal-title":"Journal of Cybersecurity"},{"key":"key2020090709493928900_ref026","first-page":"95","article-title":"Expenditures on competitor analysis and information security","volume":"95","year":"2003","journal-title":"Management Accounting in the Digital Economy"},{"issue":"2","key":"key2020090709493928900_ref027","first-page":"1","article-title":"Information security expenditures and real options: a wait-and-see approach","volume":"19","year":"2003","journal-title":"Computer Security Journal"},{"issue":"6","key":"key2020090709493928900_ref028","doi-asserted-by":"crossref","first-page":"461","DOI":"10.1016\/j.jaccpubpol.2003.09.001","article-title":"Sharing information on computer systems security: an economic analysis","volume":"22","year":"2003","journal-title":"Journal of Accounting and Public Policy"},{"issue":"5","key":"key2020090709493928900_ref029","doi-asserted-by":"crossref","first-page":"509","DOI":"10.1016\/j.jaccpubpol.2015.05.001","article-title":"The impact of information sharing on cybersecurity underinvestment: a real options perspective","volume":"34","year":"2015","journal-title":"Journal of Accounting and Public Policy"},{"issue":"1","key":"key2020090709493928900_ref030","doi-asserted-by":"crossref","first-page":"163","DOI":"10.25300\/MISQ\/2017\/41.1.08","article-title":"Show me the way to go home: an empirical investigation of ride-sharing and alcohol related motor vehicle fatalities","volume":"41","year":"2017","journal-title":"MIS Quarterly"},{"issue":"6","key":"key2020090709493928900_ref031","doi-asserted-by":"crossref","first-page":"639","DOI":"10.1016\/j.jaccpubpol.2007.10.001","article-title":"Information sharing among firms and cyberattacks","volume":"26","year":"2007","journal-title":"Journal of Accounting and Public Policy"},{"issue":"2","key":"key2020090709493928900_ref032","doi-asserted-by":"crossref","first-page":"215","DOI":"10.1111\/risa.12878","article-title":"Perspectives on cybersecurity information sharing among Multiple stakeholders using a decision\u2010theoretic approach","volume":"38","year":"2018","journal-title":"Risk Analysis"},{"issue":"2","key":"key2020090709493928900_ref033","first-page":"313","article-title":"Varieties of selection bias","volume":"80","year":"1990","journal-title":"The American Economic Review"},{"issue":"1","key":"key2020090709493928900_ref034","doi-asserted-by":"crossref","first-page":"30","DOI":"10.1162\/003465304323023660","article-title":"Using matching, instrumental variables, and control functions to estimate economic choice models","volume":"86","year":"2004","journal-title":"Review of Economics and Statistics"},{"issue":"3","key":"key2020090709493928900_ref035","doi-asserted-by":"crossref","first-page":"337","DOI":"10.2753\/MIS0742-1222250310","article-title":"Investments in information security: a real options perspective with bayesian post audit","volume":"25","year":"2008","journal-title":"Journal of Management Information Systems"},{"issue":"3","key":"key2020090709493928900_ref036","doi-asserted-by":"crossref","first-page":"606","DOI":"10.1287\/isre.2015.0580","article-title":"Research note\u2014migration of service to the internet: evidence from a federal natural experiment","volume":"26","year":"2015","journal-title":"Information Systems Research"},{"issue":"5","key":"key2020090709493928900_ref037","doi-asserted-by":"crossref","first-page":"710","DOI":"10.1287\/mksc.2018.1092","article-title":"Online MAP enforcement: evidence from a quasi-experiment","volume":"37","year":"2018","journal-title":"Marketing Science"},{"issue":"12","key":"key2020090709493928900_ref038","doi-asserted-by":"crossref","first-page":"2065","DOI":"10.1111\/poms.12596","article-title":"Operational productivity, corporate social performance, financial performance, and risk in manufacturing firms","volume":"25","year":"2016","journal-title":"Production and Operations Management"},{"issue":"1","key":"key2020090709493928900_ref039","doi-asserted-by":"crossref","first-page":"69","DOI":"10.2753\/JEC1086-4415120103","article-title":"Market reactions to information security breach announcements: an empirical analysis","volume":"12","year":"2007","journal-title":"International Journal of Electronic Commerce"},{"issue":"1","key":"key2020090709493928900_ref040","doi-asserted-by":"crossref","first-page":"138","DOI":"10.2307\/2555403","article-title":"Trade associations as information exchange mechanisms","volume":"19","year":"1988","journal-title":"The Rand Journal of Economics"},{"key":"key2020090709493928900_ref041","volume-title":"Cybersecurity information sharing incentives and barriers","year":"2017"},{"key":"key2020090709493928900_ref042","first-page":"31","article-title":"Mandatory security information sharing with authorities: implications on investments in internal controls","year":"2015"},{"issue":"5","key":"key2020090709493928900_ref043","doi-asserted-by":"crossref","first-page":"1046","DOI":"10.1108\/IMDS-10-2018-0453","article-title":"Information sharing, coordination and supply chain performance: the moderating effect of demand uncertainty","volume":"119","year":"2019","journal-title":"Industrial Management and Data Systems"},{"issue":"1","key":"key2020090709493928900_ref044","doi-asserted-by":"crossref","first-page":"95","DOI":"10.1016\/j.dss.2011.05.007","article-title":"Knowledge sharing and investment decisions in information security","volume":"52","year":"2011","journal-title":"Decision Support Systems"},{"key":"key2020090709493928900_ref045","doi-asserted-by":"crossref","unstructured":"Loderer, C. and Waelchli, U. (2010), \u201cFirm age and performance\u201d, available at: https:\/\/ssrn.com\/abstract=1342248 (accessed 13 February 2018).","DOI":"10.2139\/ssrn.1342248"},{"issue":"4","key":"key2020090709493928900_ref046","doi-asserted-by":"crossref","first-page":"707","DOI":"10.2307\/1884175","article-title":"The value of waiting to invest","volume":"101","year":"1986","journal-title":"Quarterly Journal of Economics"},{"issue":"1","key":"key2020090709493928900_ref047","doi-asserted-by":"crossref","first-page":"223","DOI":"10.25300\/MISQ\/2016\/40.1.10","article-title":"How information technology strategy and investments influence firm performance: conjecture and empirical evidence","volume":"40","year":"2016","journal-title":"MIS Quarterly"},{"issue":"4","key":"key2020090709493928900_ref048","doi-asserted-by":"crossref","first-page":"623","DOI":"10.2307\/2555461","article-title":"Diversification, ricardian rents, and Tobins q","volume":"19","year":"1988","journal-title":"The RAND Journal of Economics"},{"key":"key2020090709493928900_ref049","first-page":"45","article-title":"The impact of public information on phishing attack and defense","volume":"81","year":"2011","journal-title":"Communications and Strategies"},{"issue":"2","key":"key2020090709493928900_ref050","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1016\/0304-405X(77)90015-0","article-title":"Determinants of corporate borrowing","volume":"5","year":"1977","journal-title":"Journal of Financial Economics"},{"key":"key2020090709493928900_ref051","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1016\/j.cose.2017.02.005","article-title":"Data-driven analytics for cyber-threat intelligence and information sharing","volume":"67","year":"2017","journal-title":"Computers and Security"},{"issue":"2","key":"key2020090709493928900_ref052","first-page":"53","article-title":"Towards a more representative definition of cyber security","volume":"12","year":"2017","journal-title":"Journal of Digital Forensics, Security and Law"},{"issue":"3","key":"key2020090709493928900_ref053","doi-asserted-by":"crossref","first-page":"433","DOI":"10.2307\/2297638","article-title":"Exchange of cost information in oligopoly","volume":"53","year":"1986","journal-title":"The Review of Economic Studies"},{"key":"key2020090709493928900_ref054","first-page":"65","article-title":"Data quality challenges and future research directions in threat intelligence sharing practice","year":"2016"},{"key":"key2020090709493928900_ref055","doi-asserted-by":"crossref","first-page":"154","DOI":"10.1016\/j.cose.2016.04.003","article-title":"A problem shared is a problem halved: a survey on the dimensions of collective cyber defense through security information sharing","volume":"60","year":"2016","journal-title":"Computers and Security"},{"issue":"4","key":"key2020090709493928900_ref056","first-page":"1","article-title":"Privacy and information sharing in the war on terrorism","volume":"51","year":"2006","journal-title":"Villanova Law Review"},{"issue":"2","key":"key2020090709493928900_ref057","first-page":"410","article-title":"Do reputational sanctions deter negligence in information security management? A field quasi\u2010experiment","volume":"29","year":"2019","journal-title":"Production and Operations Management"},{"key":"key2020090709493928900_ref058","doi-asserted-by":"crossref","first-page":"211","DOI":"10.1007\/978-1-4419-6967-5_11","article-title":"Optimal timing of information security investment: a real options approach","volume-title":"Economics of Information Security and Privacy","year":"2010"},{"issue":"8","key":"key2020090709493928900_ref059","doi-asserted-by":"crossref","first-page":"544","DOI":"10.1109\/TSE.2007.70712","article-title":"An empirical analysis of the impact of software vulnerability announcements on firm stock price","volume":"33","year":"2007","journal-title":"IEEE Transactions on Software Engineering"},{"key":"key2020090709493928900_ref060","first-page":"49","article-title":"Misp: the design and implementation of a collaborative threat intelligence sharing platform","year":"2016"},{"issue":"2","key":"key2020090709493928900_ref061","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1287\/isre.1120.0437","article-title":"The association between the disclosure and the realization of information security risk factors","volume":"24","year":"2013","journal-title":"Information Systems Research"},{"issue":"6","key":"key2020090709493928900_ref062","doi-asserted-by":"crossref","first-page":"1242","DOI":"10.1108\/IMDS-12-2018-0546","article-title":"Human factors in information leakage: mitigation strategies for information sharing integrity","volume":"119","year":"2019","journal-title":"Industrial Management and Data Systems"},{"issue":"2","key":"key2020090709493928900_ref063","doi-asserted-by":"crossref","first-page":"509","DOI":"10.2307\/41703465","article-title":"Efficiency or innovation: how do industry environments moderate the effects of firms IT asset portfolios?","volume":"36","year":"2012","journal-title":"MIS Quarterly"},{"issue":"3","key":"key2020090709493928900_ref064","doi-asserted-by":"crossref","first-page":"639","DOI":"10.1108\/IMDS-03-2018-0124","article-title":"Strategic information sharing and competition under cap-and-trade regulation","volume":"119","year":"2019","journal-title":"Industrial Management and Data Systems"},{"issue":"5","key":"key2020090709493928900_ref065","doi-asserted-by":"crossref","first-page":"687","DOI":"10.1509\/jmr.15.0204","article-title":"The rise of the sharing economy: estimating the impact of airbnb on the hotel industry","volume":"54","year":"2017","journal-title":"Journal of Marketing Research"}],"container-title":["Industrial Management & Data Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/IMDS-10-2019-0536\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/IMDS-10-2019-0536\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T21:53:48Z","timestamp":1753394028000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/imds\/article\/120\/9\/1777-1794\/391028"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,8,13]]},"references-count":65,"journal-issue":{"issue":"9","published-print":{"date-parts":[[2020,8,13]]}},"alternative-id":["10.1108\/IMDS-10-2019-0536"],"URL":"https:\/\/doi.org\/10.1108\/imds-10-2019-0536","relation":{},"ISSN":["0263-5577"],"issn-type":[{"value":"0263-5577","type":"print"}],"subject":[],"published":{"date-parts":[[2020,8,13]]}}}