You are on page 1of 3

Do Geopolitical Risk Factors Influence Whether a Corporation Is the Victim of a Cyber Exploit, Intrusion, or Breach?

Brent M. Eastwood, PhD

Introduction

In 2016, 237 companies in six countries suffered some form of cyber-crime, according to a report from the Poneman Institute. 1 Each cyber intrusion that year resulted in an average loss of $9.5 million for the targeted company. 2 The “Breached Database Directory” from Vigilante.pw indicates that so far in 2017, 35 different web sites have been the target of database breaches an average of about three per week. 3 These web site databases are owned by corporations in industry sectors such as software, healthcare, telecommunications, and e-commerce. 4

Research Questions and Theory

Does a corporation’s international presence affect whether it is at risk for a cyber intrusion? If so, do multinational corporations doing business in countries with known geopolitical risk factors have a greater chance of becoming the target of a data breach? I theorize that countries with active cyber-criminal organizations such as Russia, China, and Nigeria, could place companies in more danger of cyber-crime if they do business there. I also postulate that multinationals with revenue coming from countries that are state-sponsors of terror, could have a higher probability of cyber exploits. In addition, I theorize that multinationals operating in countries with fragile, unstable, or corrupt governments, could have a higher risk of cyber breaches.

Methodology

The statistical/mathematical model for this study requires a binary response. This means that the “estimate response probabilities are strictly between zero and one.” 5 Thus, the dependent variable is dichotomous and the graph of the plotted function is a non-linear S-shaped curve. Examples of these dichotomous dependent variables include whether an individual is “married or non-married” and whether a person has “health insurance or no health insurance.” For this study on the probability of a corporation being a cyber-victim, the binary response is “data breach or no data breach.”

The best way to estimate this binary outcome is with the use of logit and probit models. Logit and probit models differ in the following way. According to Jeremy Albright of Methods Consultants, “The logit model uses something called the cumulative distribution function of the logistic distribution. The probit model uses something called the cumulative distribution function of the standard normal distribution.” 6 Both models are intuitively appealing to test the hypotheses on whether geopolitical risk factors influence cyber intrusions at companies.

The indicator function of the dependent variable “data breach/ no data breach” (0 or 1) is:

1 “2016 Cost of Cyber Crime Study and the Risk of Business Innovation.” Poneman Institute, October 2016.

2 Ibid 3 “The Breached Database Directory.” Vigilante.pw. https://vigilante.pw/ accessed March 21, 2017. 4 Ibid

5 Wooldridge Jeffrey M. 2003. Introductory Econometrics: A Modern Approach. Mason, Ohio: South-Wester Thomson South- Western. Pp. 554-564.

6 Albright, Jeremy. 2015. “What is the Difference Between Logit and Probit Models?” Methods Consultants. https://www.methodsconsultants.com/tutorial/what-is-the-difference-between-logit-and-probit-models/ accessed March 21, 2017.

P(Y = 1|z)

So that in Logit: P(Y=1|z) = [1+e−X′β]−1Pr(Y=1 |z)=[1+e−X′β]−1

So that in Probit: P(Y=1 |z) = Φ(X′β)

For this study, the explanatory variable is “Geopolitical Risk.” Companies that take on geopolitical risk factors when doing business overseas have a higher probability of being the victim of cyber intrusions. Specific explanatory variables in this category include whether the corporation has revenue from foreign countries; what percentage of its revenue comes from overseas; whether the company does business in Russia, China or Nigeria; whether the company does business in countries that are current state-sponsors of terror or have sponsored terror in the past; and whether the company operates in a fragile state with poor governance.

I control for many other independent variables such as biographical information about the CEO: whether the corporation is publicly-traded; the size of the company, the legal structure of the company; its amount of earnings, its business sectors; and the company’s level of research and development efforts.

Logit Model

P(Databreach y = 1|x) = [1+e - β₀ + β₁Geopolitical + β₂CEO + β₃Traded + β₄Size + β₅Profit + β₆Structure + β₇Sector + β₈R&D]-1

Probit Model

P(Databreach y = 1|x) = Φ(β₀ + β₁Geopolitical + β₂CEO + β₃Traded + β₄Size + β₅Profit + β₆Structure + β₇Sector + β₈R&D) + e

The following table explains the variables in more detail. Hypotheses are included:

Type of

Category

Description of

Hypothesis and Type of Relationship

Data Source

Variable

of Variable

Variable

Dependent

Corporation

One of 7,000 publicly- traded companies

Data Breach or No Breach

Exchange Data

International

 

Geopolitical

Does Business in foreign countries (dummy)

Breach more

S&P Global

Explanatory

Risk

likely

FactSet

Explanatory

Geopolitical

Percentage of revenue from foreign countries

Breach more

S&P Global

Risk

likely

FactSet

 

(positive)

Explanatory

Geopolitical

Does business in Russia (dummy)

Breach more

S&P Global

Risk

likely

FactSet

Explanatory

Geopolitical

Does business in China (dummy)

Breach more

S&P Global

Risk

likely

FactSet

Explanatory

Geopolitical

Does business in Nigeria (dummy)

Breach more

S&P Global

Risk

likely

FactSet

Explanatory

Geopolitical

Does business in State- sponsor of terror (dummy)

Breach more

S&P Global

Risk

likely

FactSet

Explanatory

Geopolitical

Extracts natural

Breach more

S&P Global

Risk

resources overseas

likely

FactSet

(dummy)

Explanatory

Geopolitical

Does business in fragile or corrupt states (dummy)

Breach more

Freedom House

Risk

likely

Transparency

International

Independent

CEO

Length of Tenure

Breach less

Yahoo Finance

likely

(negative)

Independent

CEO

Is a software engineer (dummy)

Breach less

Yahoo Finance

likely

Independent

CEO

Was once CTO (dummy)

Breach less

Yahoo Finance

likely

Independent

Publicly-

Company listed on S&P500, DJIA, Russell 3000 (dummy)

Breach more

Bloomberg

Traded

likely

Independent

Size

Amount of market capitalization

$

Breach more

Yahoo Finance

likely

 

(positive)

Independent

Size

Number of employees

Breach more

Yahoo Finance

likely

(positive)

Independent

Annual

Amount of annual (EBITDA)

$

Breach more

Yahoo Finance

Earnings

likely

 

(positive)

Independent

Legal

Whether company is LLC, C-Corp, Delaware C-Corp. (dummy)

LLC is more

Yahoo Finance

Structure

likely to have

a

breach

Independent

Business

Financial, Software, Healthcare, E-commerce, Retail, Energy, Telecom (dummy)

These sectors

Yahoo Finance

Sector

are more

likely to have

a

breach

Independent

Research and

Annual number of patents granted

More likely to have breach (positive)

USPTO

Development

Independent

Research and

$

Amount annually

More likely to have breach (positive)

Bloomberg

Development

spent on research and development

Conclusion

Interpretation is difficult in logit and probit models. In order to interpret the fit of the model and to determine the level of the variable coefficients, analysts often use “percent correctly predicted” as a goodness of fit measure. 7 However, a high percentage of correct predictions in the model does not always mean the explanatory variables are an “accurate predictor.” 8 The sources of data are mostly available for this study, but monetary subscriptions are needed for research firms such as FactSet or Bloomberg. Acquiring the data for the models for approximately thousands of corporations would be time consuming and a fairly-large data team would be needed to compile the data. Once that phase is complete, running the regressions and conducting regression diagnostics would be straightforward working in IDEs that I use such as R Studio or the IDE for Python called Spyder.

7 Wooldridge Jeffrey M. 2003. Introductory Econometrics: A Modern Approach. Mason, Ohio: South-Wester Thomson South- Western. Pp. 554-564. 8 Ibid