Impact of Information Technology (IT) Security Information Sharing among Competing IT Firms on Firm’s Financial Performance: An Empirical Investigation

Appan, Radha; Bačić, Dinko

doi:10.17705/1cais.03912

Cited by 4 publications

(6 citation statements)

References 57 publications

(136 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the study [48] it was proven for publicly listed cyber-security and IT firms that participate in sharing IT security-related information have higher profitability and lower costs than non-participating IT firms (in short and in a long-run term). Later, the same team of researchers argued that there are few studies on how IT security strategy impacts firm performance and more investigations, in particular, theory-based empirical research, are needed, especially when the companies continue to engage in "various forms of cooperation, alliances and coopetition" [49].…”

Section: Advanced Search and Content Analysismentioning

confidence: 98%

Coopetition as an Emerging Trend in Research: Perspectives for Safety & Security

Shvindina

2019

Safety

View full text Add to dashboard Cite

The study of coopetition has been evolving with rapid growth in the number of academic publications in this field. A number of literature reviews have been published focusing on nature, antecedents of coopetition and future perspectives of its implementation. Coopetition is proved to be beneficial for joint investments and Research and development (R&D) projects, and yet competitive games take place in the global markets that may lead to safety hazards. There are few studies that investigate possible perspectives of coopetition strategy for solutions in safety and security, and therefore considering the global tendencies objective, necessity arises for a more detailed study of it. The analysis begins by identifying over 600 published studies where the terms “coopetition”, “safety”, “security” were used. Using rigorous bibliometric tools, established and emergent research clusters were identified, as well as the most influential studies, the most contributing authors and topical areas for further investigations. The systematic combination of quantitative and qualitative analytical tools helps to identify the potential directions for future research. By combining bibliometric analysis and content analysis, the main perspective areas for coopetition implementation towards safety and security were identified.

show abstract

Section: Advanced Search and Content Analysismentioning

confidence: 98%

Coopetition as an Emerging Trend in Research: Perspectives for Safety & Security

Shvindina

2019

Safety

View full text Add to dashboard Cite

show abstract

“…Moreover, the quality indicators obtained with the metrics were compared to the perceptions of quality provided by ontology engineers. The Energies 2022, 15, 2170 3 of 23 study demonstrated that quality was an essential factor for the acceptance of technologies and solutions and the usability of products. Ling et al [4] researched the use of information technologies among school educators in Malaysia.…”

Section: Applicabilitymentioning

confidence: 99%

“…Based on a game-theoretic model, the authors devised improvements to the membership policies to evade the problem of passive, advantage-taking participation and a lack of information sharing. Additionally, Appan et al [14] investigated the motivations for joining an ISAC. Their analyses focused on the Information Technology Information Sharing and Analysis Center (IT-ISAC) established by a group of IT enterprises.…”

Section: Information Sharing and Analysis Centresmentioning

confidence: 99%

“…Their analyses focused on the Information Technology Information Sharing and Analysis Center (IT-ISAC) established by a group of IT enterprises. In this context, the impact of security information sharing was also studied [15]. The research exhibited the better financial performance of ISAC's participants in comparison to their industry peers.…”

Section: Information Sharing and Analysis Centresmentioning

confidence: 99%

See 1 more Smart Citation

EE-ISAC—Practical Cybersecurity Solution for the Energy Sector

Wallis

2022

Energies

View full text Add to dashboard Cite

A recent survey of cybersecurity assessment methods proposed by the scientific community revealed that their practical adoption constitutes a great challenge. Further research that aimed at identifying the reasons for that situation demonstrated that several factors influence the applicability, including the documentation level of detail, the availability of supporting tools, and the continuity of support. This paper presents the European Energy Information Sharing and Analysis Centre (EE-ISAC)—a cybersecurity platform for the energy sector that has been adopted by multiple organisations. The platform facilitates sharing information about cybersecurity incidents, countermeasures, and assessment results. Prospectively, it is envisaged to be integrated with the threat intelligence platform that enables real-time situational awareness. By considering both fault and attack scenarios together, threat awareness can be mapped onto operational contexts to prioritise decisions and responses. This paper analyses EE-ISAC’s approach based on the conceptual applicability framework developed during the research, to improve the applicability and usefulness of this platform for energy sector participants and to identify areas that require further development.

show abstract

“…By contrast, although the financial services sector has managed to share some information, competition among firms has long retarded such efforts; it also prevents information-sharing whenever firms are faced with potential losses after a breach (interviews with Tico 2019 and Brooklyn 2019). The situation is most problematic in telecommunications and information technology, where firms not only see one another as commercial competitors (Appan and Bačić 2016) but also perceive cybersecurity itself to be a source of competitive advantage and actively market the security of their systems to customers (interview with Wilhelm 2019).…”

Section: Explaining Success Across Sectorsmentioning

confidence: 99%

An Improvised Patchwork: Success and Failure in Cybersecurity Policy for Critical Infrastructure

Atkins

Lawson

2021

Public Administration Review

View full text Add to dashboard Cite

The last two decades have revealed the vulnerability of privately owned "critical infrastructure"-the power grid, pipelines, financial networks, and other vital systems-to cyberattack. The central U.S. response to this challenge has been a series of sectoral "partnerships" with private owner-operators of critical infrastructure, involving varying degrees of regulation. Qualitative analysis based on in-depth interviews with over 40 policymakers and senior private sector managers, as well as public documents, reveals considerable variation in how well this approach has worked in practice. The main predictors of policy success appear to be (a) the nature of the cyber threat to firms' operations and (b) regulatory pressure on firms. However, other factors-such as the nature of intra-industry competition-also affect how well the current regime works in specific sectors. Our findings have implications for public administration on civilian cybersecurity, as well as ramifications for regulation in other policy domains. Evidence for Practice• Collaboration between business and government in cybersecurity is distinct from conventional publicprivate partnerships designed to address capital markets failures, in that it must be highly flexible and adaptive. • Cybersecurity policies should be tailored to critical infrastructure sectors or subsectors, to take into account the nature of industry competition, the size and complexity of the sector, and longstanding relationships between business and the government in the sector. • Government agencies that possess a strong historical relationship to their assigned sector, expertise in cyber, and resources to help firms are better able than other lead agencies to build an effective cybersecurity partnership with industry. • Irrespective of sector, collaboration between the government and private owner-operators of critical infrastructure requires a high level of trust, often built through personal relationships and then reinforced through iterated interactions.C ritical infrastructure refers to the systems that undergird modern society: the power grid that provides electricity to businesses and households, financial networks that allow the market economy to function, water and sewerage systems, and the like (Alcaraz and Zeadally 2015; CIPA 2001; DHS 2019). Because ordinary operations in these sectors are increasingly digitalized, and because the hardware and software components of these systems often have exploitable features (NIST 2019), much of this infrastructure is susceptible to cyberattack (Clinton and Perera 2016;Johnson 2015). The increasing connectivity of critical infrastructures to other networks, including the internet, has exacerbated this vulnerability (inter alia Clinton 2016; Speake 2015; Johnson 2015).Not only do attacks threaten targeted firms and sectors themselves, but they could also potentially trigger cascading failures (

show abstract

Impact of Information Technology (IT) Security Information Sharing among Competing IT Firms on Firm’s Financial Performance: An Empirical Investigation

Cited by 4 publications

References 57 publications

Coopetition as an Emerging Trend in Research: Perspectives for Safety & Security

Coopetition as an Emerging Trend in Research: Perspectives for Safety & Security

EE-ISAC—Practical Cybersecurity Solution for the Energy Sector

An Improvised Patchwork: Success and Failure in Cybersecurity Policy for Critical Infrastructure

Contact Info

Product

Resources

About