Which Came First? Contribution Dynamics in Online Production Communities

While considerable research investigates collaboration in online production communities, particularly how and why people join these communities, little research considers the dynamics of the collaborative behavior. This paper explores one such dynamic, the relationship between viewing and contributing. Building on established theories of community involvement, this paper argues that a recursive relationship exists, resulting in a mutually reinforcing cycle where more contributors lead to more viewers and, in turn, more viewers lead to more contributors. We also analyze the effect of time and anonymity within this dynamic relationship. This paper offers guidance for research into online production communities that builds on the large behavioral data these communities generate

Should people who discover a software vulnerability make the information public?

Full disclosure leads to attacks, but attack activity ends sooner, write Sam Ransbotham and Sabyasachi Mitr

Acquisition and diffusion of technology innovation

In the first essay, I examine value created through external acquisition of nascent technology innovation. External acquisition of new technology is a growing trend in the innovation process, particularly in high technology industries, as firms complement internal efforts with aggressive acquisition programs. Yet, despite its importance, there is little empirical research on the timing of acquisition decisions in high technology environments. I examine the impact of target age on value created for the buyer. Applying an event study methodology to technology acquisitions in the telecommunications industry from 1995 to 2001, empirical evidence supports acquiring early in the face of uncertainty. The equity markets reward the acquisition of younger companies. In sharp contrast to the first essay, the second essay examines the diffusion of negative innovations. While destruction can be creative, certainly not all destruction is creative. Some is just destruction. I examine two fundamentally different paths to information security compromise an opportunistic path and a deliberate path. Through a grounded approach using interviews, observations, and secondary data, I advance a model of the information security compromise process. Using one year of alert data from intrusion detection devices, empirical analysis provides evidence that these paths follow two distinct, but interrelated diffusion patterns. Although distinct, I find empirical evidence that these paths both converge and escalate. Beyond the specific findings in the Internet security context, the study leads to a richer understanding of the diffusion of negative technological innovation. In the third essay, I build on the second essay by examining the effectiveness of reward-based mechanisms in restricting the diffusion of negative innovations. Concerns have been raised that reward-based private infomediaries introduce information leakage which decreases social welfare. Using two years of alert data, I find evidence of their effectiveness despite any leakage which may be occurring. While reward-based disclosures are just as likely to be exploited as non-reward-baed disclosures, exploits from reward-based disclosures are less likely to occur in the first week after disclosure. Further the overall volume of alerts is reduced. This research helps determine the effectiveness of reward mechanisms and provides guidance for security policy makers.Ph.D.Committee Chair: Sabyasachi Mitra; Committee Member: Frank Rothaermel; Committee Member: Sandra Slaughter; Committee Member: Sridhar Narasimhan; Committee Member: Vivek Ghosa

Are Markets for Vulnerabilities Effective?

Security vulnerabilities are inextricably linked to information systems. Unable to eliminate these vulnerabilities, the security community is left to minimize their impact. Unfortunately, current reward structures may be skewed towards benefiting nefarious usage of vulnerability information rather than responsible disclosure. Recently suggested market-based mechanisms offer some hope by providing incentives to responsible security researchers. However, concerns exist that any benefits gained through increased incentives may be more than lost through information leakage. Using two years of security alert data, we examine the effectiveness of market-based mechanisms. While market-mechanisms do not reduce the likelihood that a vulnerability will be exploited, we find evidence that markets increase the time to vulnerability exploit and decrease the overall volume of alerts

DOES INFORMATION TECHNOLOGY INCREASE OR DECREASE HOSPITALS’ RISK? AN EMPIRICAL EXAMINATION OF COMPUTERIZED PHYSICIAN ORDER ENTRY AND MALPRACTICE CLAIMS

Information technology (IT) has significant potential to improve the quality of patient care, to lower costs, and to improve efficiency. However, IT leaves an electronic paper trail that may demonstrate negligence and thereby create legal risk. Emerging research suggests that this fear of electronic discovery is delaying IT adoption, thereby perpetuating inefficiencies. Is this fear founded? If it is, then policy changes are needed to remove this obstacle to streamlining the healthcare system. If not, then healthcare providers should move ahead to realize IT benefits without being stymied by irrational fears. We examined the relationship between Computerized Physician Order Entry (CPOE) and malpractice claims against hospitals in Florida between 1999 and 2006. CPOE reduces the number, severity, and disposition time of claims, while having no effect on the amounts paid. This indicates that CPOE reduces hospital legal risk, suggesting that fears of increased legal risk due to IT are unfounded

How can SMEs benefit from big data? Challenges and a path forward

Big data is big news, and large companies in all sectors are making significant advances in their customer relations, product selection and development and consequent profitability through using this valuable commodity. Small and medium enterprises (SMEs) have proved themselves to be slow adopters of the new technology of big data analytics and are in danger of being left behind. In Europe, SMEs are a vital part of the economy, and the challenges they encounter need to be addressed as a matter of urgency. This paper identifies barriers to SME uptake of big data analytics and recognises their complex challenge to all stakeholders, including national and international policy makers, IT, business management and data science communities. The paper proposes a big data maturity model for SMEs as a first step towards an SME roadmap to data analytics. It considers the ‘state-of-the-art’ of IT with respect to usability and usefulness for SMEs and discusses how SMEs can overcome the barriers preventing them from adopting existing solutions. The paper then considers management perspectives and the role of maturity models in enhancing and structuring the adoption of data analytics in an organisation. The history of total quality management is reviewed to inform the core aspects of implanting a new paradigm. The paper concludes with recommendations to help SMEs develop their big data capability and enable them to continue as the engines of European industrial and business success. Copyright © 2016 John Wiley & Sons, Ltd.Peer ReviewedPostprint (author's final draft

The structure of Organizational Virtual Social Networks

Organizational virtual social networks (OVSN) reshape social structures due to their ability to strengthen social ties, to change power relations and to enable new forms of cooperation. Research in Information and Communication Technologies (ICT) has led to various approaches that analyze the impact of OVSN on organizations in terms of structure and behavior. Our study aims to analyze important features related to the structure of OVSN. It also aims to strengthen a network approach to analyze organizational phenomena such as working groups and connected individuals, as well as the impact of online networks in organizations. This study was based on the lines of approach described by Oinas-Kukkonen et al. (2010) and on the research carried out by Bobsin & Hoppen (2012) to understand the process of structuring OVSN. Our main results are an OVSN structure consisting of actors and roles, interactions, operating elements and articulating goals. We also analyzed some structural elements of networks which may contribute to the development of a network based approach to study organizational phenomena

“The Sum of All Human Knowledge”: A Systematic Review of Scholarly Research on the Content of Wikipedia

Wikipedia might possibly be the best-developed attempt thus far of the enduring quest to gather all human knowledge in one place. Its accomplishments in this regard have made it an irresistible point of inquiry for researchers from various fields of knowledge. A decade of research has thrown light on many aspects of the Wikipedia community, its processes, and content. However, due to the variety of the fields inquiring about Wikipedia and the limited synthesis of the extensive research, there is little consensus on many aspects of Wikipedia’s content as an encyclopedic collection of human knowledge. This study addresses the issue by systematically reviewing 110 peer-reviewed publications on Wikipedia content, summarizing the current findings, and highlighting the major research trends. Two major streams of research are identified: the quality of Wikipedia content (including comprehensiveness, currency, readability and reliability) and the size of Wikipedia. Moreover, we present the key research trends in terms of the domains of inquiry, research design, data source, and data gathering methods. This review synthesizes scholarly understanding of Wikipedia content and paves the way for future studies