Description
Subsidiaries of multinational enterprises (MNEs) are vulnerable to cyber-attacks because they operate in diverse environments that are different from the contexts in the home countries. After they get legitimacy in the host countries, subsidiaries not only receive isomorphic pressure, but also gain protection from the local institutional environments, specifically legal protection. In recent years, information security breaches perpetrated by insiders become more common among MNEs. Directed by the General Deterrence Theory, this paper explores whether the legal protection in host-countries deters employees’ information leaking behavior in MNE subsidiaries. In particular, this paper proposes that the rule of law and the efficiency of the judicial system in a host-country negatively influence MNE subsidiaries’ employees’ information leaking behaviors. In terms of law original, this paper proposes that MNE subsidiaries located in common-law countries experience fewer information security breaches than those located in civil-law countries. In addition, this paper argues that the level of income in a host-country is negatively related with the amount of information security breaches that MNE subsidiaries experience.
Recommended Citation
Chen, Hong and Chen, Yong, "Does Legal Protection from Host-countries Mitigates Information Security Risk in Multinational Enterprise Subsidiaries" (2017). AMCIS 2017 Proceedings. 10.
https://aisel.aisnet.org/amcis2017/InformationSystems/Presentations/10
Does Legal Protection from Host-countries Mitigates Information Security Risk in Multinational Enterprise Subsidiaries
Subsidiaries of multinational enterprises (MNEs) are vulnerable to cyber-attacks because they operate in diverse environments that are different from the contexts in the home countries. After they get legitimacy in the host countries, subsidiaries not only receive isomorphic pressure, but also gain protection from the local institutional environments, specifically legal protection. In recent years, information security breaches perpetrated by insiders become more common among MNEs. Directed by the General Deterrence Theory, this paper explores whether the legal protection in host-countries deters employees’ information leaking behavior in MNE subsidiaries. In particular, this paper proposes that the rule of law and the efficiency of the judicial system in a host-country negatively influence MNE subsidiaries’ employees’ information leaking behaviors. In terms of law original, this paper proposes that MNE subsidiaries located in common-law countries experience fewer information security breaches than those located in civil-law countries. In addition, this paper argues that the level of income in a host-country is negatively related with the amount of information security breaches that MNE subsidiaries experience.