Share these talks and lectures with your colleagues
Invite colleaguesResearch paper
The financial impact of cyberattacks: Comparative study of the manufacturing and service industry
Cyber Security: A Peer-Reviewed Journal,
8
(4),
375-391
(2025)
Abstract
This paper utilises event study methodology to better understand the economic implications from disruptions to critical supply chain infrastructure resulting from targeted cyberattacks. More specifically, the paper examines in depth the financial impact on an organisation’s stock market value stemming from cyber security breach incidents to organisational assets. While supply chain attacks have the potential to disrupt critical supply networks, compromise product integrity and negatively affect critical infrastructure, these attacks continue to occur with increasing frequency. One main reason is a lack of accountability to organisations tasked with implementing embedded cyber security controls to thwart attacks. Financial analysis was conducted on supply chain security breach events and attacks during a five-year period, January 2017–December 2023, using event study analysis. As this research investigation extends previous work, this paper focuses specifically on comparing new security breach events from the two most targeted Standard Industrial Classification (SIC) divisions as identified by Security Exchange Commission (SEC) classification — Division I (Services) and Division D (Manufacturing). Once identified, the collected previously not studied data was then compared to assess the individual organisational economic impact relative to the overall sample identified. Results indicating the realised economic impact on corporations are presented using both parametric and non-parametric statistical testing and showcase in numerical values the financial results of the security breach. Results from this study contribute to the extant body of literature across multiple disciplines, including cyber security, supply chain, critical infrastructure and event study methodology. The updated research investigation assesses the financial impact from data and cyber security breach events on additional industries not examined in previous research. This new resultant data yields not only contributes to advancing our understanding of the financial impact from security breach events, but better provides more information about why companies in specific industries and domains are, or are not, investing in cyber security defensive strategies.
Keywords: event study methodology; cyber security; information security threats; manufacturing; services
The full article is available to subscribers to the journal.
Author's Biography
Joseph Squillace , PhD, is an Assistant Teaching Professor of Cybersecurity at Penn State University. He received his PhD in information systems (DISS) with a concentration in information security from the College of Engineering and Computing at Nova Southeastern University (NSU). Joseph’s research interests include cyberbullying, cyber security, privacy, cyber security in artificial intelligence (AI), secure supply chain, data integrity, economics of privacy and information security breaches. He has previously published scholarly research in cyber security, AI, privacy, information systems, computer science, the Internet of Things (IoT) and climate change domains. Joseph remains engaged in ongoing research with the Department of Justice (DOJ) and the National Science Foundation (NSF), and is an active member of international research teams from Europe, including the Czech Republic and Hungary.
Justice Cappella is a Graduate Research Assistant. She received her BSc degree in business management and marketing with a minor in project supply chain management from Penn State University. Justice’s research interests include business, (secure) supply chain management, marketing, cyberbullying, cybercrime and climate change. While continuing her graduate education, Justice remains committed to research collaboration on multiple studies with Penn State Schuylkill, the Department of Justice (DOJ) and the National Science Foundation (NSF), and is an active member of several international research teams from both the Czech Republic and Hungary.
Ahmet Doğuhan Altaş PhD, is a graphic designer, educator and researcher in İzmir, Turkey. He holds a BA in Visual Communication Design and an MA in Arts and Design from Yaşar University. His research on retro game design and augmented reality (AR) addresses the growing popularity of video games and the potential of AR to enhance the gaming experience. Ahmet’s work has been exhibited in national exhibitions, demonstrating his ability to communicate his ideas to a variety of audiences. He has received recognition for his design work. His commitment to sharing his knowledge with others is evident through his research and contributions to the field. Ahmet completed his doctorate in Arts and Design at Yaşar University in 2024. His research interests include typography, game design and AR. His master’s thesis, ‘The Use of 3D Modeling in Contemporary Typography’, explored three-dimensional (3D) modelling for creating typographic designs. His doctoral dissertation, ‘The Reinterpretation of Retro Game Designs in Augmented Reality: A Case Study of Tetris’, investigates using AR to reimagine video games.
