Toggle Main Menu Toggle Search

Open Access padlockePrints

Cooperative Information Security Knowledge: Content Validation and incentives to contribute

Lookup NU author(s): Dr Simon Parkin, Professor Aad van Moorsel



The aim of this work was to examine the attitude of Chief Information Security Officers (CISOs) towards sharing knowledge with other CISOs in general and in particular the potential characteristics of a collaborative security knowledge sharing tool, which would simplify and encourage knowledge sharing. Building on this, this study intended to establish which key features such a knowledge sharing tool should provide in order to be accepted and actually used by security managers and potentially improve business performance. In this regard, content validation and incentives to contribute to such a system have been identified as key issues. They were investigated by interviewing three CISOs regarding the current state of knowledge organisation and sharing. The interviews were then transcribed and analysed using an explorative method. The analysis identified learning from each other as most important incentive for knowledge sharing and authorship as the main factor regarding credibility of contribution. From this it followed that such a sharing tool should demand users to register with the system in order to give credibility to their knowledge. However, since potentially sensitive business data would be shared, users should be given a choice of whom they would like to be able to access their contribution. Furthermore, it became clear that different levels of information detail should be provided for managers and technicians. Finally, the whole system needs to be managed in order to administrate users and maintain security and data integrity.

Publication metadata

Author(s): Stahl F, Parkin SE, van Moorsel A

Publication type: Report

Publication status: Published

Series Title: School of Computing Science Technical Report Series

Year: 2011

Pages: 21

Print publication date: 01/03/2011

Source Publication Date: March 2011

Report Number: 1241

Institution: School of Computing Science, University of Newcastle upon Tyne

Place Published: Newcastle upon Tyne