23 research outputs found

    Will the Information Security Industry Die? Applying Social Network Analysis to Sturdy Industry Convergence

    Get PDF
    In this paper, we first analyze the trends in mergers and acquisitions (M&As) activities among information security firms and other information technology (IT) firms in the US over the period 1996 to 2008. We then use social network analysis to investigate the characteristics and underlying dynamics of these M&As activities. Our results reveal an increase in cohesiveness of 200% in the network linking the information security firms and the IT firms considered in our analysis. This, in turn, implies a move towards industry convergence. In particular, we show that acquisitions of identity and access management (IAM) firms have become more central to M&As by IT firms in the US since 2004, reflecting an increasing trend among IT firms to integrate IAM technologies within their products

    An Empirical Investigation of Knowledge-Based Authentication

    Get PDF

    Has Decreasing Innovation Hurt the Stock Price of Information Security Firms? A Time Series Analysis

    Get PDF
    Prior research has shown that information security breaches are beneficial to the stock price of information security firms, around the time that these security breaches are announced. We, however, show that the overall trend in the market value of information security firms has actually been stagnating, despite an increasing number of security threats that exploit vulnerabilities in information systems. We attribute this decrease in the stock price of information security firms, after controlling for overall market conditions, to insufficient innovation on the part of information security firms. We apply time series regression methods to analyze the relationship between R&D intensity and the stock price of information security firms. This empirical work provides a plausible explanation for the decrease in the stock price of information security firms, despite high demand for their products and services

    Web Accessibility as a Barrier to Successful Digital Governance: A Case Study of the Arabian Gulf Region

    Get PDF
    Conformance to web accessibility standards is crucial to successful digital governance. Examining the state of Web accessibility compliance in the state of Qatar, a fast growing digital economy with the world\u27s highest per capita GDP has many lessons for emerging economies. Our audit of a selected sample of websites across government and other sectors suggests the need to raise awareness among executives and other key stakeholders regarding Web accessibility and to develop best practices and an improved policy framework. To better understand the barriers to adoption of Web accessibility standards in the country, we interviewed 30 CIOs and senior information technology managers. The results suggest a need for stronger regulations, since organizations will not otherwise comply due to concerns that enforcement of accessibility standards results in increased website development time and costs and undermines usable website design and management, particularly with multilingual websites

    Human Error and Privacy Breaches in Healthcare Organizations: Causes and Management Strategies

    Get PDF
    We apply Reason’s GEMS typology to study privacy breach incidents in healthcare organizations. An interpretive analysis of transcripts of interviews with privacy officers of healthcare organizations in the U.S. Midwest helps discern the underlying causes of human error and develop a framework for error management. The study finds that organizational factors causing human error constitute a greater impediment to HIPAA Privacy Rule compliance than do human factors

    Applying the Cox Model to Study Online Gambling Behavior

    Get PDF
    Although a key objective of Internet gambling service providers is player retention, there is a concomitant need to reduce the social costs of gambling. Our study shows how habit and prospect theories help build an integrative framework for decision support in regulated Internet gambling environments. To illustrate the practical implication of this framework, we applied the Cox model with time-dependent covariates on real gambling data collected from 4,222 users of a gambling website. The results help establish the positive association of key indicators such as the prior outcomes on the activity lifespan of an Internet gambler and the moderating effect of gambling frequency on the positive association between prior outcomes and gambling lifespan. This research is expected to contribute to the literatures on IT adoption and diffusion in general, and IT-based addictive behavior in particular

    Scaffolding Case Analysis Writing: A Collaboration between Information Systems and Writing Faculty

    Get PDF
    In this paper, we present a collaboration between writing professors and an information systems (IS) professor to scaffold case analysis writing at an American English-medium branch campus in the Middle East. We describe our process for revising the professor’s writing assignment to make his expectations more explicit and for creating scaffolding materials that we delivered in classroom workshops to assist students’ pre-writing. We provide insights about the positive impact of the writing workshops on students’ writing from an end-of-semester interview with the professor and from interviews with students about their perceptions of the workshops and the personalized feedback they received

    Valuing the flexibility of investing in security process innovations

    No full text
    In this paper, we develop a decision model of a firm's optimal strategy for investment in security process innovations (SPIs) when confronted with a sequence of malicious attacks. The model incorporates real options as a methodology to capture the flexibility embedded in such investment decisions. SPIs, when seamlessly integrated with the organization's overall business dynamics, induce organizational learning and provide the flexibility of switching to more suitable technologies as the environment of malicious attacks changes. The theoretical contribution of this paper is a mathematical model of the invest-to-learn and switching options generated upon early investment in flexible SPIs. The practical significance of the paper is the application of a binomial lattice model to approximate the continuous-time model, resulting in an easy to use decision aid for managers.Information security Investment analysis Cost-benefit analysis Real options theory Dynamic programming Security process innovations

    Modeling Attitude to Risk in Human Decision Processes: An Application of Fuzzy Measures

    No full text
    Several models of the human decision process have been proposed, classical examples of which are utility theory and prospect 11 theory. In recent times, the theory of fuzzy measures and integrals has emerged as an alternative meriting further investigation. Specifically, we are interested in the degrees of disjunction and conjunction and the veto and favor indices that represent the 13 tolerance measure of the decision maker. Though several theoretical expositions have appeared in contemporary literature, empirical studies applying these concepts to the realworld are scarce. In this paper,we adopt a model of strategic telecommunication investment 15 decisions from a research work involving a survey of executives. In our first study, we built fuzzy models corresponding to each individual decision maker and grouped the results based on the decision makers’ propensity to risk determined by their degrees of 17 disjunction.We then pooled the data sets from each group and analyzed the Shapley indices and the interaction effects. To contrast our approach to those of conventional nomothetic comparisons of decision policies, we grouped the decision makers based on a 19 clustering analysis of the individual linear regression models. For each cluster we pooled the data and analyzed the fuzzy measures learned from the data set. Our study not only serves as a demonstration of fuzzy measure analysis as a viable approach to studying 21 qualitative decision making but also provides useful methodological insights into applying fuzzy measures to strategic investment decisions under risk
    corecore