Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SMEs’ Confidentiality Concerns for Security Information Sharing
FHNW, CHE.
Blekinge Institute of Technology, Faculty of Computing, Department of Software Engineering. Utrecht University, NLD.ORCID iD: 0000-0001-7368-4448
2020 (English)In: IFIP Advances in Information and Communication Technology / [ed] Clarke N.,Furnell S., Springer Science and Business Media Deutschland GmbH , 2020, Vol. 593, p. 289-299Conference paper, Published paper (Refereed)
Abstract [en]

Small and medium-sized enterprises (SME) are considered an essential part of the EU economy; however, highly vulnerable to cyber-attacks. SMEs have specific characteristics which separate them from large companies and influence their adoption of good cybersecurity practices. To mitigate the SMEs’ cybersecurity adoption issues and raise their awareness of cyber threats, we have designed a self-paced security assessment and capability improvement method, CYSEC. CYSEC is a security awareness and training method that utilises self-reporting questionnaires to collect companies’ information about cybersecurity awareness, practices, and vulnerabilities to generate automated recommendations for counselling. However, confidentiality concerns about cybersecurity information have an impact on companies’ willingness to share their information. Security information sharing decreases the risk of incidents and increases users’ self-efficacy in security awareness programs. This paper presents the results of semi-structured interviews with seven chief information security officers (CISOs) of SMEs to evaluate the impact of online consent communication on motivation for information sharing. The results were analysed in respect of the Self-Determination Theory (SDT). The findings demonstrate that online consent with multiple options for indicating a suitable level of agreement improved motivation for information sharing. This allows many SMEs to participate in security information sharing activities and supports security experts to have a better overview of common vulnerabilities. © 2020, IFIP International Federation for Information Processing.

Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2020. Vol. 593, p. 289-299
Series
IFIP Advances in Information and Communication Technology
Keywords [en]
Confidentiality concerns, Cybersecurity, Information sharing, Online consent, Small and medium-sized enterprises, Information analysis, Motivation, Network security, Surveys, Capability improvement, Chief information security officers, Security assessment, Self-determination theories, Semi structured interviews, Small- and medium-sized enterprise, Willingness to share, Information dissemination
National Category
Computer Sciences Other Civil Engineering
Identifiers
URN: urn:nbn:se:bth-20903DOI: 10.1007/978-3-030-57404-8_22Scopus ID: 2-s2.0-85098143343ISBN: 9783030574031 (print)OAI: oai:DiVA.org:bth-20903DiVA, id: diva2:1516068
Conference
14th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2020, Mytilene, Greece; 8 July 2020 through 10 July 2020
Funder
EU, Horizon 2020, 740787, 883588
Note

open access

Available from: 2021-01-11 Created: 2021-01-11 Last updated: 2021-01-11Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopusarXiv.org

Authority records

Fricker, Samuel

Search in DiVA

By author/editor
Fricker, Samuel
By organisation
Department of Software Engineering
Computer SciencesOther Civil Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 74 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf