PACIS 2020 Proceedings


Firms with high penetration of Information Technology are facing security issues from vulnerabilities in information systems. Better understanding vulnerabilities, from perspectives of both technology and risk levels, are critical issues for firms to make quick and right responses. This study aims to understand the characteristics of vulnerabilities and associated solutions from the topic modeling approach. We first build a framework to automatically evaluate risk levels of vulnerabilities to help firms’ decision making. Then we identify key topics for (1) vulnerabilities in various types and (2) associated solutions by topic analysis, which could serve as guidance for firms to address vulnerabilities. This research contributes to security literature by gaining a deeper understanding of characteristics of vulnerabilities and suggested solutions. Firms could apply this framework in operation protection.



When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.