Do Data Protection Regulations Reduce Breaches? A Cross-Country Quasi-Experimental Analysis

Policy & Governance2024Information Systems Research

ByJulian Calvo, Ed.D., MBA, M.S.2024

APA Citation

Kowalczyk, A. & Martin, T. (2024). Do Data Protection Regulations Reduce Breaches? A Cross-Country Quasi-Experimental Analysis. *Information Systems Research*. https://doi.org/10.1287/isre.2024.1195

View original paper →

Research Disclaimer: This is an original summary written by DecipherU for educational purposes. We do not host or reproduce the original paper. Verify findings directly from the cited source before making career decisions.

What Did This Cybersecurity Research Find?

This cybersecurity policy effectiveness study used a quasi-experimental design to compare breach rates in countries that adopted GDPR-style regulations versus matched controls without such regulations. Cybersecurity breach reporting increased 42% in regulated countries (due to mandatory notification), but the actual incidence of large-scale breaches (1 million+ records) decreased by 18%, suggesting that the regulatory compliance overhead drove genuine security improvements.

Key Findings

1Reported breaches increased 42% in regulated countries due to mandatory notification
2Large-scale breaches (1M+ records) decreased 18% in regulated countries
3Organizations in regulated environments increased security spending by 22% post-regulation
4The breach reduction was concentrated in companies with 500+ employees
5Small organizations showed minimal security improvement despite compliance efforts

How Does This Apply to Cybersecurity Careers?

Compliance professionals can quantify the security benefits of regulatory frameworks. Policy analysts can evaluate whether regulation achieves its intended security outcomes.

Who Should Read This?

seniormanagementresearcher

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Compliance professionals can quantify the security benefits of regulatory frameworks. Policy analysts can evaluate whether regulation achieves its intended security outcomes.

Where was this cybersecurity research published?

This study was published in Information Systems Research in 2024. The DOI is 10.1287/isre.2024.1195. Access the original paper through the publisher link above.

Sources

Last verified: 2026-04-01Report an inaccuracy

Explore Related Cybersecurity Resources

Career GuidesCybersecurity career guidesSee how this research applies to specific roles LawsCybersecurity laws and regulationsExplore the regulatory context behind this research GlossaryCybersecurity glossaryLook up technical terms from this study Q&ACybersecurity career questions and answersFind practical answers informed by research

Was this page helpful?

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options

Do Data Protection Regulations Reduce Breaches? A Cross-Country Quasi-Experimental Analysis

APA Citation

Kowalczyk, A. & Martin, T. (2024). Do Data Protection Regulations Reduce Breaches? A Cross-Country Quasi-Experimental Analysis. *Information Systems Research*. https://doi.org/10.1287/isre.2024.1195

View original paper →

What Did This Cybersecurity Research Find?

Key Findings

1Reported breaches increased 42% in regulated countries due to mandatory notification
2Large-scale breaches (1M+ records) decreased 18% in regulated countries
3Organizations in regulated environments increased security spending by 22% post-regulation
4The breach reduction was concentrated in companies with 500+ employees
5Small organizations showed minimal security improvement despite compliance efforts

How Does This Apply to Cybersecurity Careers?

Compliance professionals can quantify the security benefits of regulatory frameworks. Policy analysts can evaluate whether regulation achieves its intended security outcomes.

Who Should Read This?

seniormanagementresearcher

Frequently Asked Questions

What did this cybersecurity research find?

How is this research relevant to cybersecurity careers?

Compliance professionals can quantify the security benefits of regulatory frameworks. Policy analysts can evaluate whether regulation achieves its intended security outcomes.

Where was this cybersecurity research published?

This study was published in Information Systems Research in 2024. The DOI is 10.1287/isre.2024.1195. Access the original paper through the publisher link above.

Was this page helpful?

Get cybersecurity career insights delivered weekly

Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.

Get Cybersecurity Career Intelligence

Weekly insights on threats, job trends, and career growth.

Unsubscribe anytime. More options