Please use this identifier to cite or link to this item:
https://hdl.handle.net/20.500.11851/7482
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Cezar, Asunur | - |
dc.contributor.author | Çavuşoğlu, Hüseyin | - |
dc.contributor.author | Raghunathan, Şrinivaşan | - |
dc.date.accessioned | 2021-09-11T15:57:18Z | - |
dc.date.available | 2021-09-11T15:57:18Z | - |
dc.date.issued | 2017 | en_US |
dc.identifier.issn | 1059-1478 | - |
dc.identifier.issn | 1937-5956 | - |
dc.identifier.uri | https://doi.org/10.1111/poms.12681 | - |
dc.identifier.uri | https://hdl.handle.net/20.500.11851/7482 | - |
dc.description.abstract | Firms are increasingly outsourcing information security operations to managed security service providers (MSSPs). Cost reduction and quality (security) improvement are often mentioned as motives for outsourcing information security, and these are also the frequently cited reasons for outsourcing traditional information technology (IT) functions, such as software development and maintenance. In this study, we present a different explanation-one based on interdependent risks and competitive externalities associated with IT security-for firms' decisions to outsource security. We show that in the absence of competitive externalities and interdependent risks, a firm will outsource security if and only if the MSSP offers a quality advantage over in-house operations, which is consistent with the conventional explanation for security outsourcing. However, when security risks are interdependent and breaches impose competitive externalities, although firms still have stronger incentive to outsource security if the MSSP offers a higher quality in terms of preventing breaches than in-house management, a quality advantage of MSSP over in-house management is neither a prerequisite for a firm to outsource security nor a guarantee that a firm will. In addition to MSSP quality, the type of externality (positive or negative), the degree of externality, whether outsourcing increases or decreases risk interdependency, and the breach characteristics determine firms' sourcing decisions. When security breaches impose a positive externality, the incentive to outsource is enhanced if the MSSP decreases the risk interdependency and diminished if the MSSP increases this interdependency. A negative externality has the opposite effect on firms' incentives to outsource. A high demand spill-over to a competitor, together with a high loss in industry demand because of a security breach, enhances these incentives to outsource security operations when the externality is negative. Finally, we extend our base model in several dimensions and show that our main results regarding the impact of interdependent risks and competitive externalities on sourcing decisions are robust and generalizable to different specifications. | en_US |
dc.language.iso | en | en_US |
dc.publisher | Wiley | en_US |
dc.relation.ispartof | Production And Operations Management | en_US |
dc.rights | info:eu-repo/semantics/closedAccess | en_US |
dc.subject | managed security services | en_US |
dc.subject | outsourcing | en_US |
dc.subject | information security | en_US |
dc.subject | risk management | en_US |
dc.subject | interdependent risks | en_US |
dc.title | Sourcing Information Security Operations: the Role of Risk Interdependency and Competitive Externality in Outsourcing Decisions | en_US |
dc.type | Article | en_US |
dc.department | Faculties, Faculty of Economics and Administrative Sciences, Department of Management | en_US |
dc.department | Fakülteler, İktisadi ve İdari Bilimler Fakültesi, İşletme Bölümü | tr_TR |
dc.identifier.volume | 26 | en_US |
dc.identifier.issue | 5 | en_US |
dc.identifier.startpage | 860 | en_US |
dc.identifier.endpage | 879 | en_US |
dc.authorid | 0000-0001-8010-064X | - |
dc.authorid | 0000-0002-7982-3602 | - |
dc.identifier.wos | WOS:000400986400006 | en_US |
dc.identifier.scopus | 2-s2.0-85011697844 | en_US |
dc.institutionauthor | Cezar, Asunur | - |
dc.identifier.doi | 10.1111/poms.12681 | - |
dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
dc.identifier.scopusquality | Q1 | - |
item.openairetype | Article | - |
item.languageiso639-1 | en | - |
item.grantfulltext | none | - |
item.fulltext | No Fulltext | - |
item.openairecristype | http://purl.org/coar/resource_type/c_18cf | - |
item.cerifentitytype | Publications | - |
Appears in Collections: | İşletme Bölümü / Department of Management Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection |
CORE Recommender
SCOPUSTM
Citations
17
checked on Dec 21, 2024
WEB OF SCIENCETM
Citations
38
checked on Dec 21, 2024
Page view(s)
114
checked on Dec 23, 2024
Google ScholarTM
Check
Altmetric
Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.