Search results

In the face of information leakage, this study aims to demonstrate pathways to supply chain resilience (SCR) during information sharing by deploying organizational ethical climate (OEC) and information security culture (ISC) as non-punitive mitigation approaches.

This empirical study was conducted to verify the framework using a questionnaire distributed to Malaysian multinational corporations (MNCs) of the manufacturing sector. The data were analysed using structural equation modeling (SEM) techniques with the AMOS software.

This study has confirmed the adverse impact of intentional and unintentional leakages on information sharing effectiveness. The findings showed ISC could reduce the impact of information leakage, but an OCE could not. This study provides evidence that information sharing effectiveness could impact SCR. The former is a mediator between information leakage and SCR, with information leakage moderated by information security culture. These findings convey that multinationals should set up an ISC to reduce information leakage and enhance their SCR.

Prior studies lacked the explanation of the impact of mitigating factors on information leakage in information sharing effectiveness affecting SCR. A framework that explains the relationships add value to organizations making available strategic decisions to curb information leakage and manage SCR.

In the era of big data, people are more likely to pay attention to privacy protection with facing the risk of personal information leakage while enjoying the convenience brought by big data technology. Furthermore, people’s views on personal information leakage and privacy protection are varied, playing an important role in the legal process of personal information protection. Therefore, this paper aims to propose a semi-qualitative method based framework to reveal the subjective patterns about information leakage and privacy protection and further provide  practical implications for interested party.

Q method is a semi-qualitative methodology which is designed for identifying typologies of perspectives. In order to have a comprehensive understanding of users’ viewpoints, this study incorporates LDA & TextRank method and other information extraction technologies to capture the statements from large-scale literature, app reviews, typical cases and survey interviews, which could be regarded as the resource of the viewpoints.

By adopting the Q method that aims for studying subjective thought patterns to identify users’ potential views, the authors have identified three categories of stakeholders’ subjectivities: macro-policy sensitive, trade-offs and personal information sensitive, each of which perceives different risk and affordance of information leakage and importance and urgency of privacy protection. All of the subjectivities of the respondents reflect the awareness of the issue of information leakage, that is, the interested parties like social network sites are unable to protect their full personal information, while reflecting varied resistance and susceptibility of disclosing personal information for big data technology applications.

The findings of this study provide an overview of the subjective patterns on the information leakage issue. Being the first to incorporate the Q method to study the views of personal information leakage and privacy protection, the research not only broadens the application field of the Q method but also enriches the research methods for personal information protection. Besides, the proposed LDA & TextRank method in this paper alleviates the limitation of statements resource in the Q method.

Any computing architecture cannot be designed with complete confidentiality. As a result, at any point, it may leak the information. So, it is important to decide leakage threshold in any computing architecture. To prevent leakage more than the predefined threshold, quantitative analysis is helpful. This paper aims to provide a method to quantify information leakage in service-oriented architecture (SOA)-based Web services.

To visualize the dynamic binding of SOA components, first, the orchestration of components is modeled. The modeling helps to information-theoretically quantify information leakage in SOA-based Web services. Then, the paper considers the non-interference policy in a global way to quantify information leakage. It considers not only variables which interfere with security sensitive content but also other architectural parameters to quantify leakage in Web services. To illustrate the attacker’s ability, a strong threat model has been proposed in the paper.

The paper finds that information leakage can be quantified in SOA-based Web services by considering parameters that interfere with security sensitive content and information theory. A hypothetical case study scenario of flight ticket booking Web services has been considered in the present paper in which leakage of 18.89 per cent information is calculated.

The paper shows that it is practically possible to quantify information leakage in SOA-based Web services. While modeling the SOA-based Web services, it will be of help to architects to identify parameters which may cause the leakage of secret contents.

The purpose of this paper is to analyse incidents of personal information leakage in Japan based on Japanese socio‐cultural characteristics of information privacy and to consider how best to develop an effective personal information protection policy that conforms to Japanese situations as well as to the global requirement of personal information protection.

After describing recent incidents of personal information leakage in Japan, the paper examines the defects of the Act on Protection of Personal Information (APPI) that permit these incidents to continue. Subsequently, these incidents and the responses of the Japanese people in a manner that reflects the unique Japanese socio‐cultural characteristics of information privacy are analysed. Finally, the paper proposes a revision of APPI that conforms to these Japanese socio‐cultural characteristics as well as to the global requirement for personal information protection.

Personal information leakage cases and social responses in Japan reflect three Japanese socio‐cultural characteristics: Uchi/Soto awareness, insular collectivism and Hon'ne/Tatemae tradition. An effective law protecting personal information in Japan's cultural environment cannot be made simply by copying the privacy protection laws in western nations. Instead, legal protection of personal information should be drafted that reflects and takes into account these socio‐cultural characteristics.

This paper conducts analysis of incidents of personal information leakage in Japan based on Japanese socio‐cultural characteristics. A revision of APPI is proposed on the basis of the analysis. The paper's analysis and proposal would provide a good clue to develop effective measures to protect personal information and the right to information privacy in the global, multicultural information society.

The purpose of this paper is to provide a model for quantitatively analyzing the security profile of an organization’s IT environment. The model considers the security risks associated with stored data, as well as services and devices that can act as channels for data leakages. The authors propose a sensitive information (SI) leakage vulnerability model.

Factors identified as having an impact on the security profile are identified, and scores are assigned based on detailed criteria. These scores are utilized by mathematical models that produce a vulnerability index, which indicates the overall security vulnerability of the organization. In this chapter, the authors verify the model result extracted from SI leakage vulnerability weak index by applying the proposed model to an actual incident that occurred in South Korea in January 2014.

The paper provides vulnerability result and vulnerability index. They are depends on SI state in information systems.

The authors identify and define four core variables related to SI leakage: SI, security policy, and leakage channel and value of SI. The authors simplify the SI leakage problem. The authors propose a SI leakage vulnerability model.

The purpose of this paper is to explore the human factors triggering information leakage and investigate how companies mitigate insider threat for information sharing integrity.

The methodology employed is multiple case studies approach with in-depth interviews with five multinational enterprises (MNEs)/multinational corporations (MNCs).

The findings reveal that information leakage can be approached with human governance mechanism such as organizational ethical climate and information security culture. Besides, higher frequency of leakages negatively affects information sharing integrity. Moreover, this paper also contributes to a research framework which could be a guide to overcome information leakage issue in information sharing.

The current study involved MNCs/MNEs operating in Malaysia, while companies in other countries may have different ethical climate and information sharing culture. Thus, for future research, it will be good to replicate the study in a larger geographic region to verify the findings and insights of this research.

This research contributes to the industry and business that are striving toward solving the mounting problem of information leakage by raising awareness of human factors and to take appropriate mitigating governance strategies to pre-empt information leakage. This paper also contributes to a novel theoretical model that characterizes the iniquities of humans in sharing information, and suggests measures which could be a guide to avert disruptive leakages.

This paper is likely an unprecedented research in molding human governance in the domain of information sharing and its Achilles’ heel which is information leakage.

This study investigates information quality, information security technology and information sharing with moderation by information security culture and information leakage and how they all play out to influence supply chain performance for contract suppliers (Contract), noncontract suppliers (Noncontract) and pooled suppliers (Contract and Noncontract combined).

Multigroup analysis was deployed to compare the impact on Contract and Noncontract.

The finding on pooled suppliers confirmed the hypothesis that, in the multigroup analysis, information security culture negatively impacted the information quality–information sharing relationship of Contract.

The practical learning point is that Noncontract could still share information and perform and in some instances better than Contract. Noncontract suppliers are still workable.

Information security culture motivated Noncontract to share and perform better than Contract. This result presents a dilemma.

To draw attention to a particular outsourcing risk that has not yet been adequately addressed in the literature, namely information leakage arising from acts of accidental disclosure or even purposeful betrayal by consultants that work for several client firms at the same time.

A review of the literature.

It illustrates how specialist IT service providers are playing pivotal roles in determining the extent to which unique firm specific skills and core competencies are being transferred to the wider industry context (via leakage) and becoming standard practices. It is shown that consultants face a dilemma as they are expected to spread cutting edge level expertise to their respective client firms, yet at the same time honour confidentiality commitments.

Conceptual rather than empirical.

A management tool is developed for managers to aid decision making.

A critique of the outsourcing literature and a warning to managers to be aware of the risk of information leakage.

The purpose of this paper is to examine the impact of regulatory changes by the US Securities and Exchange Commission in 2000 on private information leakage prior to merger announcements.

Using a sample of 5,045 merger announcements between 1990 and 2008, the authors examine differences in information leakage between the pre- and post-regulation period merger announcements for acquirers using regression analysis.

The results suggest that regulatory changes have been effective in preventing private information leakage in merger announcements for large- and medium-sized firms, for high-tech firms, and for stock deals. The authors find that abnormal trading volume due to differences in information quality is reduced post-regulation for stock deals, high-tech firms, large- and medium-sized bidders, indicating less leakage of information after the new regulations. The authors find higher announcement returns post-regulation for the entire sample and for all subsamples except stock deals, small firms, and public targets. Higher announcement returns indicate that merger announcements are a greater surprise to the market due to a reduction in leaked private information after the regulatory changes.

The results have implications on future rule changes, on refinements of insider trading rules, regulation fair disclosure, and regulation M-A. The authors leave for future research why certain types of firms or deals are not impacted by regulatory changes.

Examine the effect of changes in information environment on merger announcements for acquirers because the impact likely has greater significance on acquirers than that on targets. Past studies have examined only targets.

This paper aims to investigate pre-disclosure information leakage by block traders and market reactions to disclosures of off-hours block trading compared to off-market trading.

Stock responses were analyzed based on timely disclosures regarding Korean firms’ decisions to dispose of their own shares to improve their financial structures.

The results showed that pre-disclosure abnormal returns were generated in off-hours block trading. In contrast, on disclosure days, the returns for off-hours block trading were significantly lower than those for off-market trading. It was consistent with prior studies, indicating that block traders were related to information leakage and caused moral hazard problems.

The comparison between off-hours block trading and off-market trading provides important insights regarding block traders’ behavior. This study’s findings on the leakage of information from block traders indicate the need for firms to exercise caution when using block traders.