SIG SEC - Information Security and Privacy
Loading...
Paper Type
Complete
Paper Number
1625
Description
The escalating information security threats and their impacts have made firms pay careful attention to potential risks they face and the actions they can take to mitigate such risks. We explore if and how the information security risk perceptions of firms shape their boundary-changing behaviors. We argue that organizations have risk transfer, risk avoidance, risk reduction, risk acceptance options, and combine these options in their attempts to reduce the perceived effects of information security risks. Organizations through risk transfer could transfer some effects of information security risks to third parties, while boundary changing behaviors could alter the potential vulnerabilities of a firm, and hence decisions to alter firm boundaries are likely to be shaped by risk perceptions. By fine-tuning 11 state-of-the-art NLP models with causal extraction, we find that organizations’ information security risk perception is positively associated with their information security risk transfer behavior, and less-risky boundary changing actions.
Recommended Citation
Pataci, Hilal and Ravichandran, T., "INFORMATION SECURITY RISK AND BOUNDARY CHANGING BEHAVIOR" (2022). AMCIS 2022 Proceedings. 2.
https://aisel.aisnet.org/amcis2022/sig_sec/sig_sec/2
INFORMATION SECURITY RISK AND BOUNDARY CHANGING BEHAVIOR
The escalating information security threats and their impacts have made firms pay careful attention to potential risks they face and the actions they can take to mitigate such risks. We explore if and how the information security risk perceptions of firms shape their boundary-changing behaviors. We argue that organizations have risk transfer, risk avoidance, risk reduction, risk acceptance options, and combine these options in their attempts to reduce the perceived effects of information security risks. Organizations through risk transfer could transfer some effects of information security risks to third parties, while boundary changing behaviors could alter the potential vulnerabilities of a firm, and hence decisions to alter firm boundaries are likely to be shaped by risk perceptions. By fine-tuning 11 state-of-the-art NLP models with causal extraction, we find that organizations’ information security risk perception is positively associated with their information security risk transfer behavior, and less-risky boundary changing actions.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIG SEC