Access Journal

Access to Science, Business, Innovation in the Digital Economy
The journal uses continuous publication model. Current issue is in progress.
Published Online: Nov 3, 2025

Assessing information leakage risks in Japanese enterprises: strategic management and corporate attributes

Published Online: Nov 3, 2025

Takaaki ISHIKAWA

Email: t.ishikawa1106@gmail.com
Graduate School of Technology Management (MOT), Ritsumeikan University, Osaka, Japan

Hiroyuki SUZUKI

Email: hsuzuki@singleid.jp
Single ID K.K., Tokyo, Japan

Kiminori GEMBA

Email: gemba@hosei.ac.jp
Hosei Business School of Innovation Management, Hosei University, Tokyo, Japan

Tetsuaki ODA

Email: odatetsuaki@gmail.com
Graduate School of Technology Management (MOT), Ritsumeikan University, Osaka, Japan
Views: 262
Downloads: 12
Download PDF
Abstract:
As cybersecurity threats intensify, understanding the organizational drivers of information leakage has become a critical priority, especially in the context of Japanese enterprises where structural and technological legacies often persist. This study provides empirical insight into how corporate attributes shape data leakage risks, particularly focusing on email-related incidents that pose significant reputational and financial consequences. Objectives: The objective of this study is to examine how specific organizational characteristics—such as the number of affiliated sites, site density, presence of legacy systems, and employee-induced leakage frequency—influence the risk of information leakage in Japanese firms operating in an increasingly digitized environment. Methods/Approach: The study uses a dataset of 399 Japanese enterprises collected from both public databases and private sources. Multiple regression analysis is employed to evaluate the impact of these attributes on the frequency of email leakage incidents, allowing for quantifiable insights into structural vulnerabilities and organizational exposure. Results: The findings show that firms with a higher number of affiliated sites are more susceptible to data leaks, whereas those with denser site distributions experience lower risks. The presence of legacy systems, especially in older firms, significantly increases vulnerability. Furthermore, a higher frequency of employee-induced incidents highlights gaps in internal governance and employee awareness. Conclusions: Information leakage risks are strongly influenced by structural and organizational factors rather than being random occurrences. These results underscore the importance of tailoring cybersecurity strategies to firm-specific attributes. The study offers a novel contribution by empirically linking corporate structure to data security outcomes, bridging strategic management and cybersecurity as an emerging interdisciplinary challenge in the digital era.
Keywords:
Information leakage, cybersecurity, Corporate attributes, Japanese enterprises, Legacy systems, risk management, Organizational structure
Pages:
43-60
JEL Classification:
L86, M15, D22
DOI:
https://doi.org/10.46656/access.2026.7.1(3)
How to cite:
Ishikawa, T., Suzuki, H., Gemba, K., Oda, T. (2026). Assessing information leakage risks in Japanese enterprises: strategic management and corporate attributes. Access to science, business, innovation in digital economy, ACCESS Press, 7(1), 43-60, https://doi.org/10.46656/access.2026.7.1(3)
References:
  • Abrahams, T. O., Ewuga, S. K., Dawodu, S. O., Adegbite, A. O., & Hassan, A. O. (2024). A review of cybersecurity strategies in modern organizations: Examining the evolution and effectiveness of cybersecurity measures for data protection. Computer Science & IT Research Journal, 5(1), 1–25. https://doi.org/10.51594/csitrj.v5i1.699
  • Adewusi, A. O., Chiekezie, N. R., & Eyo-Udo, N. L. (2022). Cybersecurity threats in agriculture supply chains: A comprehensive review. World Journal of Advanced Research and Reviews, 15(3), 490–500. https://doi.org/10.30574/wjarr.2022.15.3.0888
  • Alahmari, A. A., & Duncan, R. A. (2021). Towards cybersecurity risk management investment: A proposed encouragement factors framework for SMEs. 2021 IEEE International Conference on Computing (ICOCO). https://doi.org/10.1109/ICOCO53166.2021.9673554
  • Alahmari, A., & Duncan, B. (2020). Cybersecurity risk management in small and medium-sized enterprises: A systematic review of recent evidence. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). https://doi.org/10.1109/CyberSA49311.2020.9139638
  • Albert, D. (2024). What do you mean by organizational structure? Acknowledging and harmonizing differences and commonalities in three prominent perspectives. Journal of Organization Design, 13, 1–11. https://doi.org/10.1007/s41469-023-00152-y
  • Ambreen, L., Jain, M., Yadav, R. K., & Loonkar, S. (2023). Effective cybersecurity risk management practices for small and medium-sized enterprises: A comprehensive review. Multidisciplinary Reviews, 6, e2023ss080. https://doi.org/10.31893/multirev.2023ss080
  • Anwar, G., & Abdullah, N. N. (2021). The impact of human resource management practices on organizational performance. International Journal of Engineering, Business and Management, 5(1), 35–46. https://doi.org/10.22161/ijebm.5.1.4
  • Ansari, M. F., Sharma, P., & Dash, B. (2022). Prevention of phishing attacks using AI-based cybersecurity awareness training. International Journal of Smart Sensor and Adhoc Network, 3(3), 61–72. https:/doi.org/10.47893/ijssan.2022.1221
  • Ashley, C., & Preiksaitis, M. (2022). Strategic cybersecurity risk management practices for information in small and medium enterprises. Business Management Research and Applications: A Cross-Disciplinary Journal, 1(2), 109–157. Retrieved from https://bmrajournal.columbiasouthern.edu/index.php/bmra/article/view/3421
  • Aslan, Ö., Aktuğ, S. S., Özkan-Okay, M., Yılmaz, A. A., & Akın, E. (2023). A comprehensive review of cybersecurity vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1–42. https://doi.org/10.3390/electronics12061333
  • Bade, C., Olsacher, A., Boehme, P., Truebel, H., Bürger, L., & Fehring, L. (2024). Sustainability in the pharmaceutical industry: An assessment of sustainability maturity and effects of sustainability measure implementation on supply chain security. Corporate Social Responsibility and Environmental Management, 31(1), 224–242. https://doi.org/10.1002/csr.2564
  • Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523–548. https://doi.org/10.2307/25750690
  • Dash, B., & Ansari, M. F. (2022). An effective cybersecurity awareness training model: First defense of an organizational security strategy. International Research Journal of Engineering and Technology, 9(4), 2002. Retrieved from https://ssrn.com/abstract=4335361
  • Fadziso, T., Ballamudi, V. K. R., Desamsetti, H., Thaduri, U. R., & Dekkati, S. (2023). Evolution of the cybersecurity threat: An overview of the scale of cyber threat. Digitalization & Sustainability Review, 3(1), 1–12. https://doi.org/10.6084/m9.figshare.24189921.v1
  • George, A. S., Baskar, T., & Srikaanth, P. B. (2024). Cyber threats to critical infrastructure: Assessing vulnerabilities across key sectors. Partners Universal International Innovation Journal (PUIIJ), 2(1), 51–75. https://doi.org/10.5281/zenodo.10639463
  • Georgiadou, A., Mouzakitis, S., & Askounis, D. (2021). Assessing MITRE ATT&CK risk using a cyber-security culture framework. Sensors, 21(9), 2–14. https://doi.org/10.3390/s21093267
  • Georgiadou, A., Mouzakitis, S., & Askounis, D. (2022). Working from home during COVID-19 crisis: A cyber security culture assessment survey. Security Journal, 35, 486–505. https://doi.org/10.1057/s41284-021-00286-2
  • Hughes-Lartey, K., Li, M., Botchey, F. E., & Qin, Z. (2021). Human factor, a critical weak point in the information security of an organization's Internet of Things. Heliyon, 7(3), e06522. https://doi.org/10.1016/j.heliyon.2021.e06522
  • Jiang, H., Li, J., Zhao, P., Zeng, F., Xiao, Z., & Iyengar, A. (2020). Location privacy-preserving mechanisms in location-based services: A comprehensive survey. ACM Computing Surveys, 54(1), 1–36. https://doi.org/10.1145/3423165
  • Kävrestad, J., Nilsson, P., & Smith, L. (2024). A taxonomy of factors that contribute to organizational cybersecurity awareness (CSA). Information and Computer Security. https://doi.org/10.1108/ICS-11-2023-0209
  • Kiruthiga, T., Vaniprabha, A., & Sutharsan, M. (2021). An improved intelligence approach to handling data leakage risks in the corporate information security process. BOHR International Journal of Smart Computing and Information Technology, 2(1), 39–45. https://doi.org/10.54646/bijscit.2021.17
  • Lee, I. (2021). Cybersecurity: Risk management framework and investment cost analysis. Business Horizons, 64(5), 659–671. https://doi.org/10.1016/j.bushor.2021.02.022
  • Lehto, M., & Limnéll, J. (2021). Strategic leadership in cybersecurity: Case Finland. Information Security Journal: A Global Perspective, 30(3), 139–148. https://doi.org/10.1080/19393555.2020.1813851
  • Mughal, A. A. (2022). Well-architected wireless network security. Journal of Humanities and Applied Science Research, 5(1), 32–41. Retrieved from https://journals.sagescience.org/index.php/JHASR/article/view/52
  • Nawaz, H., Sethi, M. S., Nazir, S. S., & Jamil, U. (2024). Enhancing national cybersecurity and operational efficiency through legacy IT modernization and cloud migration: A US perspective. Journal of Computing & Biomedical Informatics, 7(2). https://doi.org/10.56979/702/2024. Article ID: 536-0702/2024.
  • Neri, M., Niccolini, R., & Martino, G. (2024). Organizational cybersecurity readiness in the ICT sector: A quanti-qualitative assessment. Information and Computer Security, 32(1), 38–52. https://doi.org/10.1108/ICS-05-2023-0084
  • Obioha-Val, O., Kolade, T. M., Gbadebo, M. O., Selesi-Aina, O., Olateju, O. O., & Olaniyi, O. O. (2024). Strengthening cybersecurity measures for the defense of critical infrastructure in the United States. Asian Journal of Research in Computer Science, 17(11), 25–45. https://doi.org/10.9734/ajrcos/2024/v17i11517
  • Pang, M.-S., & Tanriverdi, H. (2022). Strategic roles of IT modernization and cloud migration in reducing cybersecurity risks of organizations: The case of U.S. federal government. The Journal of Strategic Information Systems, 31(1), 1–40. https://doi.org/10.1016/j.jsis.2022.101707
  • Patel, N. (2024). Secure access service edge (SASE): Evaluating the impact of converged network security architectures in cloud computing. Journal of Emerging Technologies and Innovative Research, 11(3), e703–e714
  • Ponnusamy, S., & Eswararaj, D. (2023). Navigating the modernization of legacy applications and data: Effective strategies and best practices. Asian Journal of Research in Computer Science, 16(4), 239–256. https://doi.org/10.9734/AJRCOS/2023/v16i4386
  • Rao, F. A., Dominic, P. D. D., Ali, S. E. A., Rehman, M., & Sohail, A. (2021). Information security behavior and information security policy compliance: A systematic literature review for identifying the transformation process from noncompliance to compliance. Applied Sciences, 11(8), 2–38. https://doi.org/10.3390/app11083383
  • Riahi, S., & Islam, M. (2024). Employees’ information security awareness (ISA) in public organisations: Insights from cross-cultural studies in Sweden, France, and Tunisia. Journal of Information Security and Privacy, 12(1), 45–67. https://doi.org/10.1080/0144929X.2024.2311734
  • Saeidian, S., Cervia, G., Oechtering, T. J., & Skoglund, M. (2021). Quantifying membership privacy via information leakage. IEEE Transactions on Information Forensics and Security, 16, 3096–3109. https://doi.org/10.1109/TIFS.2021.3073804
  • Savin, V. D., & Năstase Anysz, R. (2021). Cybersecurity threats and vulnerabilities of critical infrastructures. American Research Journal of Humanities and Social Science, 4(7), 90–96. http://www.arjhss.com
  • Schatz, D., Bashroush, R., & Wall, J. (2017). Towards a more representative definition of cyber security. Journal of Digital Forensics, Security and Law, 12(2), Article 8. https://doi.org/10.15394/jdfsl.2017.1476
  • Vallabhaneni, R., Vaddadi, S. A., Pillai, S. E. V. S., Addula, S. R., & Bhuvanesh, A. (2024).MobileNet-based secured compliance through open web application security projects in cloud system. Indonesian Journal of Electrical Engineering and Computer Science, 35(3), 1661–1669. https://doi.org/10.11591/ijeecs.v35.i3.pp1661-1669
  • Van Haastrecht, M., Sarhan, I., Shojaifar, A., Baumgartner, L., Mallouli, W., & Spruit, M. (2021). A threat-based cybersecurity risk assessment approach addressing SME needs. ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security, 158, 1–12. https://doi.org/10.1145/3465481.3469199
  • Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102. https://doi.org/10.1016/j.cose.2013.04.004
  • Zafarovich, K. R., & Sabirkhoja ugli, S. M. (2024). Information security in the era of the digital economy: Challenges and strategies. Journal of Economics and Business Management, 7(4), 50–59. https://doi.org/10.5281/zenodo.11082055
  • Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H. N. (2020). Cybersecurity awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems, 62(1), 82–97. https://doi.org/10.1080/08874417.2020.1712269


0.6
journal impact factor™ (2024)
0.2
journal citation indicator™ (2024)


Call for papers: OPEN

Submit Article

We use continuous publication model:
3 times on the year (January / May / September)


The National Reference List (NRL) of contemporary Bulgarian scientific publications with scientific review, maintained by the Minister of Education and Science through the National Center for Information and Documentation (Ref №: 3818)

The journal is included in the official list of peer-reviewed scientific journals of the Ministry of Education and Science of Poland from July 17, 2023. (Ref №: 31621)
ErihPlus DOAJ VIEW INDEXES

Our proposal

Check out our proposal if you wish to be part of "ACCESS: Access to science, business, innovation in digital economy" Journal

View Proposal

Special issues

From our latest issue

Archive

View full archive

Keywords

riskefficiencymanagementmodelconsumer behaviorEntrepreneurshipmachine learninginvestmentdevelopmentartificial intelligenceinnovationseconomic developmentsystematic literature reviewgreen economysustainabilitysustainable developmentSocial entrepreneurshiptourismeconomic growthinnovation

Indexes

Zenodo
Google Scholar
Web Of Science
DOAJ
ErihPlus
Publons
RePEc
EconPapers
ELibrary.Ru
Index Copernicus International - World of Journals
Polska Bibliographia Naukowa
DRJI
ESJI
RootIndexing
ResearchBib
Base
International Services for Impact factor and indexing
WorldCat
Europub
Advanced Science Index

Publish your science journal

If you like ACCESS journals system, you can publish your journal with us at a reasonable price

Contact ACCESS PRESS!