EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Information security outsourcing in a resource-sharing environment: The impacts of attack modes

Xing Gao, Siyu Gong, Ying Wang and Yanfang Zhang

Journal of the Operational Research Society, 2024, vol. 75, issue 6, 1092-1110

Abstract: Information security outsourcing has become an emerging trend in the operations of information security, but the relation between information assets of firms and attack modes of hackers have failed to be considered. Through building a game-theoretic model, this article analyzes security outsourcing of two firms who share their information resource with each other and are confronted with opportunistic attacks and targeted attacks. We find that in the case of security decisions in-house, the firms may obtain a lower expected cost and the hacker may derive a lower expected benefit under targeted attacks than under opportunistic attacks, even though targeted attacks are widely deemed to be more harmful to the firms. When outsourcing security operations to a MSSP (Managed Security Service Provider), we reveal that under targeted attacks the MSSP can reap a higher expected benefit and the hacker can still derive a lower expected benefit. Finally, we examine the effects of key security elements and find some interesting results. In particular, the MSSP may or may not benefit from the degree of resource sharing, and the hacker may suffer from its learning ability.

Date: 2024
References: Add references at CitEc
Citations:

Downloads: (external link)
http://hdl.handle.net/10.1080/01605682.2023.2233550 (text/html)
Access to full text is restricted to subscribers.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:taf:tjorxx:v:75:y:2024:i:6:p:1092-1110

Ordering information: This journal article can be ordered from
http://www.tandfonline.com/pricing/journal/tjor20

DOI: 10.1080/01605682.2023.2233550

Access Statistics for this article

Journal of the Operational Research Society is currently edited by Tom Archibald

More articles in Journal of the Operational Research Society from Taylor & Francis Journals
Bibliographic data for series maintained by Chris Longhurst ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:taf:tjorxx:v:75:y:2024:i:6:p:1092-1110