ABSTRACT
This research examines how organizational cybersecurity responses become isomorphic over time. Drawing on institutional theory, this study theorizes that mimetic pressures, normative pressures, and coercive pressures impact cybersecurity responses. Using the textual data gathered from the annual 10-K reports published by 87 large organizations and their competitors, topic modeling was employed to assess the cybersecurity responses and institutional pressures. Linear regression was applied to the resultant topic weights. Findings show that mimetic pressures were significant over time while coercive pressures were significant in the near-term and normative pressures were significant in the long-term. Implications for research and practice are discussed.
Notes
Additional information
Notes on contributors
Anand Jeyaraj
Anand Jeyaraj is Professor of Information Systems in the RajSoin College of Business at Wright State University and holds a PhD in Business Administration with emphasis in Information Systems. His research interests include the diffusion and adoptionof information systems; success and payoff of information systems; and methodologies. His research has been published in journals such as MIS Quarterly, Management Science, Information & Management, Communications of the ACM, and Journal of Information Technology.
Amir Zadeh
Amir Zadeh is an Associate Professor of Management Information Systems at Wright State University. He received his Ph.D. in Management Science and Information Systems from Oklahoma State University. His research interests include business analytics, machine learning, artificial intelligence, big data, decision support, and enterprise systems and applications. His research has been published in journals such as Decision Support Systems, Information & Management, Information Systems Frontiers, Production Planning & Control, Journal of Business Analytics, Journal of Cases in Information Technology, Expert Systems with Applications among others.