Information Systems Sourcing Strategies and Organizational Cybersecurity Breaches
通过纵向实证分析,比较了不同信息系统采购策略对组织网络安全漏洞的影响,发现最佳组合策略在IT应用范围较窄时比单一采购更安全,而内部采购整体优于外包,但优势随IT应用范围扩大而减弱。
This article compares the impacts of various information systems (IS) sourcing strategies on organizational cybersecurity breaches. Through a longitudinal empirical analysis, we found that when the organization has a narrower spread of IT applications, a best of breed (BoB) strategy is less likely to cause cybersecurity breaches than a single-sourcing approach; and the difference is decreasing as its IT application spread increases. The insourcing strategy has shown a lower likelihood of organizational cybersecurity breaches than any outsourcing strategy [i.e., single-sourcing, best of suite (BoS), and BoB], which is weakened by the organization's IT application spread and is significant only when the IT application spread is relatively low. A BoS strategy has an insignificant difference in cybersecurity breaches compared to the BoB approach. However, for organizations with a broader spread of IT applications, there is no significant difference among all sourcing strategies on the likelihood of cybersecurity breaches. This research provides theoretical and practical implications for organizational cybersecurity management in IS development and interorganizational relationships.