Competition and patching of security vulnerabilities: An empirical analysis

Arora, A and Forman, C and Nandkumar, A and Telang, R (2010) Competition and patching of security vulnerabilities: An empirical analysis. Information Economics and Policy, 22 (2). 164 - 177.

Full text not available from this repository. (Request a copy)

Abstract

We empirically estimate the effect of competition on vendor patching of software defects by exploiting variation in number of vendors that share a common flaw or common vulnerabilities. We distinguish between two effects: the direct competition effect when vendors in the same market share a vulnerability, and the indirect effect, which operates through non-rivals that operate in different markets but nonetheless share the same vulnerability. Using time to patch as our measure of quality, we find empirical support for both direct and indirect effects of competition. Our results show that ex-post product quality in software markets is not only conditioned by rivals that operate in the same product market, but by also non-rivals that share the same common flaw.

Affiliation: Indian School of Business
ISB Creators:
ISB CreatorsORCiD
Nandkumar, AUNSPECIFIED
Item Type: Article
Uncontrolled Keywords: Information security, Competition, Software quality, Vulnerabilities
Subjects: Information Systems
Depositing User: Ilayaraja M
Date Deposited: 03 Jul 2019 17:47
Last Modified: 03 Jul 2019 17:47
URI: http://eprints.exchange.isb.edu/id/eprint/1225
Publisher URL: https://doi.org/10.1016/j.infoecopol.2009.10.002
Publisher OA policy: http://sherpa.ac.uk/romeo/issn/0167-6245/
Related URLs:

Actions (login required)

View Item View Item
Statistics for DESI ePrint 1225 Statistics for this ePrint Item