To share or not to share: A behavioral perspective on human participation in security information sharing

Details

Ressource 1Download: Mermoud19JoC.pdf (396.30 [Ko])
State: Public
Version: Final published version
License: Not specified
Serval ID
serval:BIB_B9A311F41F5F
Type
Article: article from journal or magazin.
Collection
Publications
Institution
Title
To share or not to share: A behavioral perspective on human participation in security information sharing
Journal
Journal of Cybersecurity
Author(s)
Mermoud A., Keupp M., Huguenin K., Palmié M., Pércia David D.
ISSN
2057-2085
Publication state
Published
Issued date
08/2019
Peer-reviewed
Oui
Volume
5
Number
1
Pages
1-13
Language
english
Abstract
Security information sharing (SIS) is an activity whereby individuals exchange information that is relevant to analyze or prevent cybersecurity incidents. However, despite technological advances and increased regulatory pressure, individuals still seem reluctant to share security information. Few contributions have addressed this conundrum to date. Adopting an interdisciplinary approach, our study proposes a behavioral framework that theorizes how and why human behav- ior and SIS may be associated. We use psychometric methods to test these associations, analyzing a unique sample of human Information Sharing and Analysis Center members who share real se- curity information. We also provide a dual empirical operationalization of SIS by introducing the measures of SIS frequency and intensity. We find significant associations between human behavior and SIS. Thus, the study contributes to clarifying why SIS, while beneficial, is underutil- ized by pointing to the pivotal role of human behavior for economic outcomes. It therefore extends the growing field of the economics of information security. By the same token, it informs managers and regulators about the significance of human behavior as they propagate goal alignment and shape institutions. Finally, the study defines a broad agenda for future research on SIS.
Keywords
security information sharing, incentives, psychometrics, economics of information security, behavioural economics
Open Access
Yes
Create date
04/06/2019 20:48
Last modification date
01/09/2019 6:08
Usage data