Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.11851/7482
Full metadata record
DC FieldValueLanguage
dc.contributor.authorCezar, Asunur-
dc.contributor.authorÇavuşoğlu, Hüseyin-
dc.contributor.authorRaghunathan, Şrinivaşan-
dc.date.accessioned2021-09-11T15:57:18Z-
dc.date.available2021-09-11T15:57:18Z-
dc.date.issued2017en_US
dc.identifier.issn1059-1478-
dc.identifier.issn1937-5956-
dc.identifier.urihttps://doi.org/10.1111/poms.12681-
dc.identifier.urihttps://hdl.handle.net/20.500.11851/7482-
dc.description.abstractFirms are increasingly outsourcing information security operations to managed security service providers (MSSPs). Cost reduction and quality (security) improvement are often mentioned as motives for outsourcing information security, and these are also the frequently cited reasons for outsourcing traditional information technology (IT) functions, such as software development and maintenance. In this study, we present a different explanation-one based on interdependent risks and competitive externalities associated with IT security-for firms' decisions to outsource security. We show that in the absence of competitive externalities and interdependent risks, a firm will outsource security if and only if the MSSP offers a quality advantage over in-house operations, which is consistent with the conventional explanation for security outsourcing. However, when security risks are interdependent and breaches impose competitive externalities, although firms still have stronger incentive to outsource security if the MSSP offers a higher quality in terms of preventing breaches than in-house management, a quality advantage of MSSP over in-house management is neither a prerequisite for a firm to outsource security nor a guarantee that a firm will. In addition to MSSP quality, the type of externality (positive or negative), the degree of externality, whether outsourcing increases or decreases risk interdependency, and the breach characteristics determine firms' sourcing decisions. When security breaches impose a positive externality, the incentive to outsource is enhanced if the MSSP decreases the risk interdependency and diminished if the MSSP increases this interdependency. A negative externality has the opposite effect on firms' incentives to outsource. A high demand spill-over to a competitor, together with a high loss in industry demand because of a security breach, enhances these incentives to outsource security operations when the externality is negative. Finally, we extend our base model in several dimensions and show that our main results regarding the impact of interdependent risks and competitive externalities on sourcing decisions are robust and generalizable to different specifications.en_US
dc.language.isoenen_US
dc.publisherWileyen_US
dc.relation.ispartofProduction And Operations Managementen_US
dc.rightsinfo:eu-repo/semantics/closedAccessen_US
dc.subjectmanaged security servicesen_US
dc.subjectoutsourcingen_US
dc.subjectinformation securityen_US
dc.subjectrisk managementen_US
dc.subjectinterdependent risksen_US
dc.titleSourcing Information Security Operations: the Role of Risk Interdependency and Competitive Externality in Outsourcing Decisionsen_US
dc.typeArticleen_US
dc.departmentFaculties, Faculty of Economics and Administrative Sciences, Department of Managementen_US
dc.departmentFakülteler, İktisadi ve İdari Bilimler Fakültesi, İşletme Bölümütr_TR
dc.identifier.volume26en_US
dc.identifier.issue5en_US
dc.identifier.startpage860en_US
dc.identifier.endpage879en_US
dc.authorid0000-0001-8010-064X-
dc.authorid0000-0002-7982-3602-
dc.identifier.wosWOS:000400986400006en_US
dc.identifier.scopus2-s2.0-85011697844en_US
dc.institutionauthorCezar, Asunur-
dc.identifier.doi10.1111/poms.12681-
dc.relation.publicationcategoryMakale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanıen_US
dc.identifier.scopusqualityQ1-
item.openairetypeArticle-
item.languageiso639-1en-
item.grantfulltextnone-
item.fulltextNo Fulltext-
item.openairecristypehttp://purl.org/coar/resource_type/c_18cf-
item.cerifentitytypePublications-
Appears in Collections:İşletme Bölümü / Department of Management
Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
WoS İndeksli Yayınlar Koleksiyonu / WoS Indexed Publications Collection
Show simple item record



CORE Recommender

SCOPUSTM   
Citations

17
checked on Dec 21, 2024

WEB OF SCIENCETM
Citations

38
checked on Dec 21, 2024

Page view(s)

114
checked on Dec 23, 2024

Google ScholarTM

Check




Altmetric


Items in GCRIS Repository are protected by copyright, with all rights reserved, unless otherwise indicated.