The Role of Enterprise Systems Sourcing on Cybersecurity Breaches

Abstract

This study examines the relationship between enterprise systems (ES) sourcing and cyber breaches. We argue that the greater degree of compatibility resulting from sourcing ES modules from fewer vendors (i.e., higher ES standardization) enables easier management of the implemented modules and reduces cybersecurity risks. We find that ES standardization is negatively related to cyber breach occurrence. When analyzing different breach types, we find that ES standardization is negatively related to both cyber breaches caused by external perpetrators and those caused by organizational insiders. While there is no conclusive evidence to suggest whether sourcing ES modules from fewer vendors is generally advantageous or disadvantageous, our findings indicate that it is advantageous from a cybersecurity standpoint.