自從2016年銀行業發生震驚全台的盜領事件,使我國政府及企業須迫切正視資訊安全防護的重要性,在資安即國安的新施政方針之領導下,強化資安機制與提升資訊安全風險管理,成為企業經營管理階層所需擔負的職責。本研究以我國2006年至2017年的上市櫃公司為樣本,蒐集媒體網路新聞及金管會裁罰案件中的資訊安全事件,探討影響資訊安全事件之決定因素:家族企業、家族持股比例以及董事會成員背景。實證結果顯示:(1)控制型態為家族企業對資訊安全事件的發生呈現負向顯著影響,尤其更不容易發生的事件類型為內部資訊安全事件;(2)高家族持股比例對資訊安全事件的發生呈現負向顯著影響,特別是內部資訊安全事件比外部資訊安全事件更不容易發生;(3)董事會中具有資安背景專長的成員能有效降低資訊安全事件的發生,其中對於減少外部資訊安全事件的發生呈現顯著影響。;The banking industry has been shocked by the First bank theft incident in 2016, which has caused the government and companies to urgently address the importance of information security. The government of Taiwan has said that information security is the level of national security, which has raised the security awareness among companies. Information risk management has become the responsibility of the corporate management. This study discusses the determinants of information security breaches: family businesses, family-controlled shareholding and board members background. The study uses the listed and over-the-counter companies in Taiwan from 2006 to 2017 as a sample to collect information security breaches in media network and the Financial Supervisory Commission’s (FSC) penalty cases. The empirical results show that:(1) the impact of the family businesses on the occurrence of information security breaches is negative and significant, and especially lower the possibility to occur internal information security breaches; (2) the impact of high family-controlled shareholdings on information security breaches is negative and significant, and the occurrence of internal information security breaches are less; (3) the board members who specialize in information security can effectively reduce the occurrence of information security incidents, particularly it can reduce the occurrence of external information security breaches significantly.
