Impact of Security Management Activities on Corporate Performance

The digital business environment is evolving rapidly due to the development of new information technology (IT). Consequently, information security incidents in organizations have reached a situation that threatens management. This study examines whether managers’ security management activities can serve as active innovation factors. Specifically, it analyzes their link to corporate performance, including sales, rather than viewing them merely as defensive risk management. To this end, multiple regression and moderation effect analyses were conducted. These analyses used the IS disclosure data from 545 companies reported to government agencies, along with the financial data of the sample companies. The results indicate a significant negative effect of the IT investment proportion on sales. However, possessing security management tools such as an information security management system (ISMS) positively moderates this relationship. This study provides practical guidance for managers who wish to incorporate security management activities as innovation factors in their management strategies.