Deakin University

File(s) under permanent embargo

The impact of anti-phishing laws on it and security investment

conference contribution
posted on 2022-10-18, 13:13 authored by X Wang, Wilson LiWilson Li, A C M Leung, W T Yue
Many companies have been attacked by phishing leading to serious financial loss. In the United States, 23 states have enacted anti-phishing laws to ensure information security. However, the punishment rules of each state are different and the effects of the laws vary. Therefore, it is meaningful to study what kind of laws are the most effective to motivate firms to make appropriate IT and security investment decisions against phishing. Moreover, we posit that multi-site companies that operate in both with-law state and without-law state may have different IT and security investment decisions. We have collected 530 thousand corporates' investment data from 2010 and 2017. We plan to apply propensity score matching method and difference-in-difference model to answer our research questions. We hope that we can get some insights on developing effective anti-phishing laws and provide governments and regulatory agencies with some suggestions to motivate firms to adopt better anti-phishing solutions.


Publication classification

E2.1 Full written paper - non-refereed / Abstract reviewed

Title of proceedings

Proceedings of the 23rd Pacific Asia Conference on Information Systems: Secure ICT Platform for the 4th Industrial Revolution, PACIS 2019

Usage metrics

    Research Publications


    No categories selected