Description

Subsidiaries of multinational enterprises (MNEs) are vulnerable to cyber-attacks because they operate in diverse environments that are different from the contexts in the home countries. After they get legitimacy in the host countries, subsidiaries not only receive isomorphic pressure, but also gain protection from the local institutional environments, specifically legal protection. In recent years, information security breaches perpetrated by insiders become more common among MNEs. Directed by the General Deterrence Theory, this paper explores whether the legal protection in host-countries deters employees’ information leaking behavior in MNE subsidiaries. In particular, this paper proposes that the rule of law and the efficiency of the judicial system in a host-country negatively influence MNE subsidiaries’ employees’ information leaking behaviors. In terms of law original, this paper proposes that MNE subsidiaries located in common-law countries experience fewer information security breaches than those located in civil-law countries. In addition, this paper argues that the level of income in a host-country is negatively related with the amount of information security breaches that MNE subsidiaries experience.

Share

COinS
 
Aug 10th, 12:00 AM

Does Legal Protection from Host-countries Mitigates Information Security Risk in Multinational Enterprise Subsidiaries

Subsidiaries of multinational enterprises (MNEs) are vulnerable to cyber-attacks because they operate in diverse environments that are different from the contexts in the home countries. After they get legitimacy in the host countries, subsidiaries not only receive isomorphic pressure, but also gain protection from the local institutional environments, specifically legal protection. In recent years, information security breaches perpetrated by insiders become more common among MNEs. Directed by the General Deterrence Theory, this paper explores whether the legal protection in host-countries deters employees’ information leaking behavior in MNE subsidiaries. In particular, this paper proposes that the rule of law and the efficiency of the judicial system in a host-country negatively influence MNE subsidiaries’ employees’ information leaking behaviors. In terms of law original, this paper proposes that MNE subsidiaries located in common-law countries experience fewer information security breaches than those located in civil-law countries. In addition, this paper argues that the level of income in a host-country is negatively related with the amount of information security breaches that MNE subsidiaries experience.