IDEAS home Printed from https://ideas.repec.org/a/spr/elcore/v23y2023i4d10.1007_s10660-022-09558-4.html
   My bibliography  Save this article

A competitive analysis of software quality investment with technology diversification and security concern

Author

Listed:
  • Xing Gao

    (Southeast University)

Abstract

Once installed by a larger population of consumers, software products become appealing targets for malicious agents and thus consumers’ security concern increases. Software vendors must balance quality investment for demand improvement and resulting security anxiety, particularly when deciding whether to choose diversified or similar technology with competitors. Technology choice becomes challengeable in that choosing similar technologies can increase the degree of technology spillovers, which, on the other hand, leads to more software vulnerabilities that are shared among vendors’ software products. Considering these elements, this paper analyzes two competitive software vendors’ quality investment for heterogeneous markets composed of a high-end market with particular quality requirement and a low-end market. I reveal that whether vendors target the high-end market or the low-end market, they may benefit from the risk of security threat because it may soften their price competition. An increase in the maximal potential of technology spillovers may harm the high-quality vendor even though it benefits the low-quality vendor. The high-quality vendor always benefits from the degree of technology diversification while the low-quality vendor benefits only if the risk of security is rather high. Meanwhile, I find the two competitive vendors may target the high-end market and the low-end market respectively even though they are symmetric. Furthermore, I show that compared with optimal industry market strategies, the vendors seem reluctant to be aggressive. Hence, the widely discussed argument that aggressive market strategies should be inhibited because of the resulting serious security concern is not always logical.

Suggested Citation

  • Xing Gao, 2023. "A competitive analysis of software quality investment with technology diversification and security concern," Electronic Commerce Research, Springer, vol. 23(4), pages 2691-2712, December.
  • Handle: RePEc:spr:elcore:v:23:y:2023:i:4:d:10.1007_s10660-022-09558-4
    DOI: 10.1007/s10660-022-09558-4
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10660-022-09558-4
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.

    File URL: https://libkey.io/10.1007/s10660-022-09558-4?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Sanjay Jain, 2008. "Digital Piracy: A Competitive Analysis," Marketing Science, INFORMS, vol. 27(4), pages 610-626, 07-08.
    2. Kai-Lung Hui & Ping Fan Ke & Yuxi Yao & Wei T. Yue, 2019. "Bilateral Liability-Based Contracts in Information Security Outsourcing," Information Systems Research, INFORMS, vol. 30(2), pages 411-429, June.
    3. Amir, Rabah & Wooders, John, 2000. "One-Way Spillovers, Endogenous Innovator/Imitator Roles, and Research Joint Ventures," Games and Economic Behavior, Elsevier, vol. 31(1), pages 1-25, April.
    4. Chul Ho Lee & Xianjun Geng & Srinivasan Raghunathan, 2013. "Contracting Information Security in the Presence of Double Moral Hazard," Information Systems Research, INFORMS, vol. 24(2), pages 295-311, June.
    5. Terrence August & Tunay I. Tunca, 2011. "Who Should Be Responsible for Software Security? A Comparative Analysis of Liability Policies in Network Environments," Management Science, INFORMS, vol. 57(5), pages 934-959, May.
    6. Kamien, Morton I. & Zang, Israel, 2000. "Meet me halfway: research joint ventures and absorptive capacity," International Journal of Industrial Organization, Elsevier, vol. 18(7), pages 995-1012, October.
    7. Esther Gal-Or & Anindya Ghose, 2005. "The Economic Incentives for Sharing Security Information," Information Systems Research, INFORMS, vol. 16(2), pages 186-208, June.
    8. Xing Gao & Weijun Zhong, 2015. "Information security investment for competitive firms with hacker behavior and security requirements," Annals of Operations Research, Springer, vol. 235(1), pages 277-300, December.
    9. Derrick Huang, C. & Hu, Qing & Behara, Ravi S., 2008. "An economic analysis of the optimal information security investment in the case of a risk-averse firm," International Journal of Production Economics, Elsevier, vol. 114(2), pages 793-804, August.
    10. Cho, Won-Young & Ahn, Byong-Hun, 2010. "Versioning of information goods under the threat of piracy," Information Economics and Policy, Elsevier, vol. 22(4), pages 332-340, December.
    11. Atanu Lahiri & Debabrata Dey, 2013. "Effects of Piracy on Quality of Information Goods," Management Science, INFORMS, vol. 59(1), pages 245-264, June.
    12. Vijay Mookerjee & Radha Mookerjee & Alain Bensoussan & Wei T. Yue, 2011. "When Hackers Talk: Managing Information Security Under Variable Attack Rates and Knowledge Dissemination," Information Systems Research, INFORMS, vol. 22(3), pages 606-623, September.
    13. Rabah Amir & John Wooders, 1999. "Effects of One‐Way Spillovers on Market Shares, Industry Price, Welfare, and R & D Cooperation," Journal of Economics & Management Strategy, Wiley Blackwell, vol. 8(2), pages 223-249, June.
    14. Huang, C. Derrick & Behara, Ravi S., 2013. "Economics of information security investment in the case of concurrent heterogeneous attacks with budget constraints," International Journal of Production Economics, Elsevier, vol. 141(1), pages 255-268.
    15. Tridib Bandyopadhyay & Dengpan Liu & Vijay S. Mookerjee & Allen W. Wilhite, 2014. "Dynamic competition in IT security: A differential games approach," Information Systems Frontiers, Springer, vol. 16(4), pages 643-661, September.
    16. Xing Gao & Weijun Zhong & Shue Mei, 2014. "A game-theoretic analysis of information sharing and security investment for complementary firms," Journal of the Operational Research Society, Palgrave Macmillan;The OR Society, vol. 65(11), pages 1682-1691, November.
    17. Novos, Ian E & Waldman, Michael, 1984. "The Effects of Increased Copyright Protection: An Analytic Approach," Journal of Political Economy, University of Chicago Press, vol. 92(2), pages 236-246, April.
    18. Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.
    19. Alfredo Garcia & Yue Sun & Joseph Shen, 2014. "Dynamic Platform Competition with Malicious Users," Dynamic Games and Applications, Springer, vol. 4(3), pages 290-308, September.
    20. Terrence August & Duy Dao & Kihoon Kim, 2019. "Market Segmentation and Software Security: Pricing Patching Rights," Management Science, INFORMS, vol. 65(10), pages 4575-4597, October.
    21. Orcun Temizkan & Sungjune Park & Cem Saydam, 2017. "Software Diversity for Improved Network Security: Optimal Distribution of Software-Based Shared Vulnerabilities," Information Systems Research, INFORMS, vol. 28(4), pages 828-849, December.
    22. Gordon, Lawrence A. & Loeb, Martin P. & Lucyshyn, William, 2003. "Sharing information on computer systems security: An economic analysis," Journal of Accounting and Public Policy, Elsevier, vol. 22(6), pages 461-485.
    23. Terrence August & Marius Florin Niculescu & Hyoduk Shin, 2014. "Cloud Implications on Software Network Structure and Security Risks," Information Systems Research, INFORMS, vol. 25(3), pages 489-510, September.
    24. Belleflamme, Paul, 1998. "Adoption of network technologies in oligopolies," International Journal of Industrial Organization, Elsevier, vol. 16(4), pages 415-444, July.
    25. Devavrat Purohit, 1994. "What Should You Do When Your Competitors Send in the Clones?," Marketing Science, INFORMS, vol. 13(4), pages 392-411.
    26. Asunur Cezar & Huseyin Cavusoglu & Srinivasan Raghunathan, 2014. "Outsourcing Information Security: Contracting Issues and Security Implications," Management Science, INFORMS, vol. 60(3), pages 638-657, March.
    27. Wiethaus, Lars, 2005. "Absorptive capacity and connectedness: Why competing firms also adopt identical R&D approaches," International Journal of Industrial Organization, Elsevier, vol. 23(5-6), pages 467-481, June.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.
    2. Yong Wu & Gengzhong Feng & Richard Y. K. Fung, 2018. "Comparison of information security decisions under different security and business environments," Journal of the Operational Research Society, Taylor & Francis Journals, vol. 69(5), pages 747-761, May.
    3. Yong Wu & Junlin Duan & Tao Dai & Dong Cheng, 2020. "Managing Security Outsourcing in the Presence of Strategic Hackers," Decision Analysis, INFORMS, vol. 17(3), pages 235-259, September.
    4. Xing Gao & Siyu Gong, 2022. "An economic analysis of information security outsourcing with competitive firms," Managerial and Decision Economics, John Wiley & Sons, Ltd., vol. 43(7), pages 2748-2758, October.
    5. Yong Wu & Mengyao Xu & Dong Cheng & Tao Dai, 2022. "Information Security Strategies for Information-Sharing Firms Considering a Strategic Hacker," Decision Analysis, INFORMS, vol. 19(2), pages 99-122, June.
    6. Xing Gao & Weijun Zhong, 2016. "Economic incentives in security information sharing: the effects of market structures," Information Technology and Management, Springer, vol. 17(4), pages 361-377, December.
    7. Kjell Hausken, 2017. "Security Investment, Hacking, and Information Sharing between Firms and between Hackers," Games, MDPI, vol. 8(2), pages 1-23, May.
    8. Xinbao Liu & Xiaofei Qian & Jun Pei & Panos M. Pardalos, 2018. "Security investment and information sharing in the market of complementary firms: impact of complementarity degree and industry size," Journal of Global Optimization, Springer, vol. 70(2), pages 413-436, February.
    9. Nie, Jiajia & Zhong, Ling & Li, Gendao & Cao, Kuo, 2022. "Piracy as an entry deterrence strategy in software market," European Journal of Operational Research, Elsevier, vol. 298(2), pages 560-572.
    10. Xing Gao, 2020. "Open Source or Closed Source? A Competitive Analysis with Software Security," Decision Analysis, INFORMS, vol. 17(1), pages 56-73, March.
    11. Kjell Hausken, 2017. "Information Sharing Among Cyber Hackers in Successive Attacks," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 19(02), pages 1-33, June.
    12. Guang Zhu & Hu Liu & Mining Feng, 2018. "Sustainability of Information Security Investment in Online Social Networks: An Evolutionary Game-Theoretic Approach," Mathematics, MDPI, vol. 6(10), pages 1-19, September.
    13. Xing Gao & Weijun Zhong, 2015. "Information security investment for competitive firms with hacker behavior and security requirements," Annals of Operations Research, Springer, vol. 235(1), pages 277-300, December.
    14. Xiaofei Qian & Jun Pei & Xinbao Liu & Mi Zhou & Panos M. Pardalos, 2019. "Information security decisions for two firms in a market with different types of customers," Journal of Combinatorial Optimization, Springer, vol. 38(4), pages 1263-1285, November.
    15. Xiaotong Li, 2022. "An evolutionary game‐theoretic analysis of enterprise information security investment based on information sharing platform," Managerial and Decision Economics, John Wiley & Sons, Ltd., vol. 43(3), pages 595-606, April.
    16. Guang Zhu & Hu Liu & Mining Feng, 2018. "An Evolutionary Game-Theoretic Approach for Assessing Privacy Protection in mHealth Systems," IJERPH, MDPI, vol. 15(10), pages 1-27, October.
    17. Yosra Miaoui & Noureddine Boudriga, 2019. "Enterprise security investment through time when facing different types of vulnerabilities," Information Systems Frontiers, Springer, vol. 21(2), pages 261-300, April.
    18. Xing Gao & Weijun Zhong & Shue Mei, 2015. "Security investment and information sharing under an alternative security breach probability function," Information Systems Frontiers, Springer, vol. 17(2), pages 423-438, April.
    19. Xiaotong Li & Qianyao Xue, 2021. "An economic analysis of information security investment decision making for substitutable enterprises," Managerial and Decision Economics, John Wiley & Sons, Ltd., vol. 42(5), pages 1306-1316, July.
    20. Yosra Miaoui & Noureddine Boudriga, 0. "Enterprise security investment through time when facing different types of vulnerabilities," Information Systems Frontiers, Springer, vol. 0, pages 1-40.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:elcore:v:23:y:2023:i:4:d:10.1007_s10660-022-09558-4. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.