Trust in Security as a Service: A Theoretical Model
Issues in Information Systems, 21 (2), pp 64-74, 2020
Thomas L. Ngo-Ye, Derek L. Nazareth, and Jae J. Choi
In the escalating cyber threat environment, limited in-house cybersecurity expertise and resources are prompting organizations to look to security as a service (SECaaS) providers to tackle and manage their security needs, particularly in the cloud-based environment. Given the sensitive nature of the business relationship between customer organizations and SECaaS providers, trust becomes a critical issue for successful SECaaS adoption. In order to succeed in the marketplace, SECaaS providers need to formulate strategies that establish and maintain trust with customers. In this paper, we provide a theoretical analysis of the antecedents of trust in the SECaaS relationship by integrating formal frameworks of interpersonal trust, organizational trust, trust in business relationships, and trust in e-commerce, supplementing it through anecdotal evidence from the literature. This paper advances a conceptual model of the trust formulation in the context of SECaaS adoption. We argue that the successful adoption of SECaaS is dependent on the level of relevant trusting beliefs and attitude in the trust formation process. This paper has implications for theory and highlights the role of trust in the adopting of SECaaS in the cloud computing era.