Investigating Data Breach Factors Through the Lens of Modern Crime Theory: A Structural Equation Modeling Perspective

Abstract

The increasing frequency and severity of data breaches have been of great concern to both individuals and organizations. With the evolution of technology, the query is what is becoming an endemic issue with data breaches. This study aims to examine drivers of data breaches applying modern crime theory by the Structural Equation Modeling (SEM) method. The research tests prominent predictors such as opportunity, motivation, and rational choice that have been hypothesized by contemporary criminological theory and how they result in data breach crimes. Information on employee behavior, in-house security practices, outside attacks, and firm culture was collected in a random sample of the firms victimized by data breaches. The SEM model was employed to test the interaction between these factors and direct or indirect effects on breach probability. The findings indicate that while technological vulnerabilities remain the prime determinant, human behavior, organizational culture, and environmental threat settings have a strong influence on the incidence of data breaches. The study suggests the integration of criminological theory into cyber security frameworks to enhance them in terms of more effective design of deterrents. The policy implications, risk management, and future research areas are discussed.