Social embeddedness and sharing security information: Bridging the cost benefit gap

S Goode; David Lacey

Back

Social embeddedness and sharing security information: Bridging the cost benefit gap

Conference paper

Open access

Peer reviewed

Social embeddedness and sharing security information: Bridging the cost benefit gap

S Goode and David Lacey

Proceedings of the 20th Australasian Conference on Information Systems, pp.671-681

Australasian Conference on Information Systems (ACIS), 20th (Melbourne, Australia, 02-Dec-2009–04-Dec-2009)

Australasian Association for Information Systems (AAIS)

2009

Files and links (2)

pdf

PDF - Published Version738.11 kBDownload View

Published VersionPDF - Published Version Open Access

url

http://aisel.aisnet.org/cgi/viewcontent.cgi?article=1065&context=acis2009View

Webpage

Abstract

embeddenesss

sharing

fraud

control

social

competition

telecommunications

Firms may collaborate in order to mitigate security risks. However, prior economic arguments about the benefits and costs of sharing security information appear inconsistent. This paper uses social embeddedness to explain how restricted approaches to information sharing support inter-firm trust, problem-solving and collaboration while unrestricted sharing approaches can obstruct relationship-building. This social embeddedness perspective is supported using a case study of a large Asia-Pacific telecommunications provider. The results demonstrate the benefits of sharing security information with competitors. Empirically, investigations involving both internal and shared information have lower exposure and loss rates than cases where only internal controls are used. The study raises implications for both theory and practice.

Details

Title: Social embeddedness and sharing security information: Bridging the cost benefit gap
Authors: S Goode (Author) - Australian National University
David Lacey (Author) - Australian National University
Contributors: H Scheepers (Editor)
M Davern (Editor)
Publication details: Proceedings of the 20th Australasian Conference on Information Systems, pp.671-681
Conference details: Australasian Conference on Information Systems (ACIS), 20th (Melbourne, Australia, 02-Dec-2009–04-Dec-2009)
Publisher: Australasian Association for Information Systems (AAIS)
Date published: 2009
Copyright note: Copyright [Sigi Goode / David Lacey] © 2009. The authors assign to ACIS and educational and non-profit institutions a non-exclusive licence to use this document for personal use and in courses of instruction provided that the article is used in full and this copyright statement is reproduced. The authors also grant a non-exclusive licence to ACIS to publish this document in full in the Conference Papers and Proceedings. Those documents may be published on the World Wide Web, CD-ROM, in printed form, and on mirror sites on the World Wide Web. Any other usage is prohibited without the express permission of the authors.
Organisation Unit: Cyber Institute; University of the Sunshine Coast, Queensland
Language: English
Record Identifier: 99448863602621
Output Type: Conference paper

Metrics

118 File views/ downloads

674 Record Views