Blame Distribution Following Information Security Breaches Emergent Research Forum

People distribute blame to the parties they feel responsible in information security breaches. This paper provides propositions of blame distribution based on (a) the source of the breach, (b) the classification of the information that was vulnerable and (c) the classification of stakeholder, and is motivated by gaps in academic literature concerning blame distribution after a breach. The propositions in this paper are grounded in the attribution theory and previous research on institutional trust. Future research methods are discussed, including the data collection. Future research ideas are discussed in this paper.