Abstract
Information fraud is a significant problem for modern firms. Firms may share information about vulnerabilities, but prior research into sharing has delivered mixed results. Most prior research work has examined sharing at the organizational level and we know little of the role of interpersonal relationships in security information sharing. This paper uses a case study of a large Asia-Pacific telecommunications provider to develop theory about interpersonal security information sharing. The results suggest that sharing is promoted by trust, risk and uncertainty, knowledge management and relationship factors. Investigators shared information partly to overcome tensions with other business areas and to ameliorate operational risk perceptions. Interpersonal relationships allowed sharers to benefit from complementary and specialist knowledge in other firms, thereby translating the meaning of fraud information between business environments.
Recommended Citation
Goode, Sigi and Lacey, David, "Exploring Interpersonal Relationships in Security Information Sharing" (2011). ICIS 2011 Proceedings. 7.
https://aisel.aisnet.org/icis2011/proceedings/ISsecurity/7
Exploring Interpersonal Relationships in Security Information Sharing
Information fraud is a significant problem for modern firms. Firms may share information about vulnerabilities, but prior research into sharing has delivered mixed results. Most prior research work has examined sharing at the organizational level and we know little of the role of interpersonal relationships in security information sharing. This paper uses a case study of a large Asia-Pacific telecommunications provider to develop theory about interpersonal security information sharing. The results suggest that sharing is promoted by trust, risk and uncertainty, knowledge management and relationship factors. Investigators shared information partly to overcome tensions with other business areas and to ameliorate operational risk perceptions. Interpersonal relationships allowed sharers to benefit from complementary and specialist knowledge in other firms, thereby translating the meaning of fraud information between business environments.