Social Embeddedness and Sharing Security Information: Bridging the Cost Benefit Gap

Authors

Sigi Goode, School of Accounting and Business Information Systems, College of Business and Economics, The Australian National UniversityFollow
David Lacey, School of Accounting and Business Information Systems, College of Business and Economics, The Australian National University

Abstract

Firms may collaborate in order to mitigate security risks. However, prior economic arguments about the benefits and costs of sharing security information appear inconsistent. This paper uses social embeddedness to explain how restricted approaches to information sharing support inter-firm trust, problem-solving and collaboration while unrestricted sharing approaches can obstruct relationship-building. This social embeddedness perspective is supported using a case study of a large Asia-Pacific telecommunications provider. The results demonstrate the benefits of sharing security information with competitors. Empirically, investigations involving both internal and shared information have lower exposure and loss rates than cases where only internal controls are used. The study raises implications for both theory and practice.

Recommended Citation

Goode, Sigi and Lacey, David, "Social Embeddedness and Sharing Security Information: Bridging the Cost Benefit Gap" (2009). ACIS 2009 Proceedings. 39.
https://aisel.aisnet.org/acis2009/39