Security screening metrics for information‐sharing partnerships

Recent history has shown both the benefits and risks of information sharing among firms. Information is shared to facilitate mutual business objectives. However, information sharing can also introduce security‐related concerns that could expose the firm to a breach of privacy, with significant econo...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Risk analysis 2024-07, Vol.44 (7), p.1560-1572
Hauptverfasser:	Yu, Wendy, Collier, Zachary A., Thekdi, Shital
Format:	Artikel
Sprache:	eng
Schlagworte:	Companies Information dissemination Information management Information processing Information sharing Mate selection Methodology Natural language processing partner selection Partnerships Policies Privacy privacy policies Research methodology risk analysis Risk assessment Security text analysis
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1572
container_issue	7
container_start_page	1560
container_title	Risk analysis
container_volume	44
creator	Yu, Wendy Collier, Zachary A. Thekdi, Shital
description	Recent history has shown both the benefits and risks of information sharing among firms. Information is shared to facilitate mutual business objectives. However, information sharing can also introduce security‐related concerns that could expose the firm to a breach of privacy, with significant economic, reputational, and safety implications. It is imperative for organizations to leverage available information to evaluate security related to information sharing when evaluating current and potential information‐sharing partnerships. The “fine print” or privacy policies of firms can provide a signal of security across a wide variety of firms being considered for new and continued information‐sharing partnerships. In this article, we develop a methodology to gauge and benchmark information security policies in the partner‐selection process that can help direct risk‐based investments in information sharing security. We develop a methodology to collect and interpret firm privacy policies, evaluate characteristics of those policies by leveraging natural language processing metrics and developing benchmarking metrics, and understand how those characteristics relate to one another in information‐sharing partnership situations. We demonstrate the methodology on 500 high‐revenue firms. The methodology and managerial insights will be of interest to risk managers, information security professionals, and individuals forming information sharing agreements across industries.
doi_str_mv	10.1111/risa.14267
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_2917555502</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2917555502</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3527-d2e4e24dd0c8b0fc7703cddc08cf253c33dd2658af98b72126e53d68f8f9f46c3</originalsourceid><addsrcrecordid>eNp90MtKAzEUBuAgiq3VjQ8gBTciTE1OZpKZZSleCoJgdR2mudiUuZnMIN35CD6jT2LqVBcuPItzNh8_hx-hU4InJMyVsz6fkBgY30NDktAsYhnE-2iIgUMUUwoDdOT9GmOCccIP0YCmEDMGfIimCy07Z9vN2EundWWrl3GpW2elH5vajW0Vdpm3tq4-3z_8Kndb0eSurbTzK9v4Y3Rg8sLrk90doeeb66fZXXT_cDufTe8jSRPgkQIda4iVwjJdYiM5x1QqJXEqDSRUUqoUsCTNTZYuORBgOqGKpSY1mYmZpCN00ec2rn7ttG9Fab3URZFXuu68gIzwJAyGQM__0HXduSp8JyjmPAGWYRLUZa-kq7132ojG2TJ3G0Gw2BYrtsWK72IDPttFdstSq1_602QApAdvttCbf6LE43wx7UO_ACvUhGY</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3077526901</pqid></control><display><type>article</type><title>Security screening metrics for information‐sharing partnerships</title><source>Wiley Online Library Journals Frontfile Complete</source><source>PAIS Index</source><creator>Yu, Wendy ; Collier, Zachary A. ; Thekdi, Shital</creator><creatorcontrib>Yu, Wendy ; Collier, Zachary A. ; Thekdi, Shital</creatorcontrib><description>Recent history has shown both the benefits and risks of information sharing among firms. Information is shared to facilitate mutual business objectives. However, information sharing can also introduce security‐related concerns that could expose the firm to a breach of privacy, with significant economic, reputational, and safety implications. It is imperative for organizations to leverage available information to evaluate security related to information sharing when evaluating current and potential information‐sharing partnerships. The “fine print” or privacy policies of firms can provide a signal of security across a wide variety of firms being considered for new and continued information‐sharing partnerships. In this article, we develop a methodology to gauge and benchmark information security policies in the partner‐selection process that can help direct risk‐based investments in information sharing security. We develop a methodology to collect and interpret firm privacy policies, evaluate characteristics of those policies by leveraging natural language processing metrics and developing benchmarking metrics, and understand how those characteristics relate to one another in information‐sharing partnership situations. We demonstrate the methodology on 500 high‐revenue firms. The methodology and managerial insights will be of interest to risk managers, information security professionals, and individuals forming information sharing agreements across industries.</description><identifier>ISSN: 0272-4332</identifier><identifier>ISSN: 1539-6924</identifier><identifier>EISSN: 1539-6924</identifier><identifier>DOI: 10.1111/risa.14267</identifier><identifier>PMID: 38246627</identifier><language>eng</language><publisher>United States: Blackwell Publishing Ltd</publisher><subject>Companies ; Information dissemination ; Information management ; Information processing ; Information sharing ; Mate selection ; Methodology ; Natural language processing ; partner selection ; Partnerships ; Policies ; Privacy ; privacy policies ; Research methodology ; risk analysis ; Risk assessment ; Security ; text analysis</subject><ispartof>Risk analysis, 2024-07, Vol.44 (7), p.1560-1572</ispartof><rights>2024 The Authors. published by Wiley Periodicals LLC on behalf of Society for .</rights><rights>2024 The Authors. Risk Analysis published by Wiley Periodicals LLC on behalf of Society for Risk Analysis.</rights><rights>2024. This article is published under http://creativecommons.org/licenses/by-nc-nd/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c3527-d2e4e24dd0c8b0fc7703cddc08cf253c33dd2658af98b72126e53d68f8f9f46c3</cites><orcidid>0000-0003-4145-508X</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.1111%2Frisa.14267$$EPDF$$P50$$Gwiley$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.1111%2Frisa.14267$$EHTML$$P50$$Gwiley$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,1416,27864,27922,27923,45572,45573</link.rule.ids><backlink>$$Uhttps://www.ncbi.nlm.nih.gov/pubmed/38246627$$D View this record in MEDLINE/PubMed$$Hfree_for_read</backlink></links><search><creatorcontrib>Yu, Wendy</creatorcontrib><creatorcontrib>Collier, Zachary A.</creatorcontrib><creatorcontrib>Thekdi, Shital</creatorcontrib><title>Security screening metrics for information‐sharing partnerships</title><title>Risk analysis</title><addtitle>Risk Anal</addtitle><description>Recent history has shown both the benefits and risks of information sharing among firms. Information is shared to facilitate mutual business objectives. However, information sharing can also introduce security‐related concerns that could expose the firm to a breach of privacy, with significant economic, reputational, and safety implications. It is imperative for organizations to leverage available information to evaluate security related to information sharing when evaluating current and potential information‐sharing partnerships. The “fine print” or privacy policies of firms can provide a signal of security across a wide variety of firms being considered for new and continued information‐sharing partnerships. In this article, we develop a methodology to gauge and benchmark information security policies in the partner‐selection process that can help direct risk‐based investments in information sharing security. We develop a methodology to collect and interpret firm privacy policies, evaluate characteristics of those policies by leveraging natural language processing metrics and developing benchmarking metrics, and understand how those characteristics relate to one another in information‐sharing partnership situations. We demonstrate the methodology on 500 high‐revenue firms. The methodology and managerial insights will be of interest to risk managers, information security professionals, and individuals forming information sharing agreements across industries.</description><subject>Companies</subject><subject>Information dissemination</subject><subject>Information management</subject><subject>Information processing</subject><subject>Information sharing</subject><subject>Mate selection</subject><subject>Methodology</subject><subject>Natural language processing</subject><subject>partner selection</subject><subject>Partnerships</subject><subject>Policies</subject><subject>Privacy</subject><subject>privacy policies</subject><subject>Research methodology</subject><subject>risk analysis</subject><subject>Risk assessment</subject><subject>Security</subject><subject>text analysis</subject><issn>0272-4332</issn><issn>1539-6924</issn><issn>1539-6924</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>24P</sourceid><sourceid>WIN</sourceid><sourceid>7TQ</sourceid><recordid>eNp90MtKAzEUBuAgiq3VjQ8gBTciTE1OZpKZZSleCoJgdR2mudiUuZnMIN35CD6jT2LqVBcuPItzNh8_hx-hU4InJMyVsz6fkBgY30NDktAsYhnE-2iIgUMUUwoDdOT9GmOCccIP0YCmEDMGfIimCy07Z9vN2EundWWrl3GpW2elH5vajW0Vdpm3tq4-3z_8Kndb0eSurbTzK9v4Y3Rg8sLrk90doeeb66fZXXT_cDufTe8jSRPgkQIda4iVwjJdYiM5x1QqJXEqDSRUUqoUsCTNTZYuORBgOqGKpSY1mYmZpCN00ec2rn7ttG9Fab3URZFXuu68gIzwJAyGQM__0HXduSp8JyjmPAGWYRLUZa-kq7132ojG2TJ3G0Gw2BYrtsWK72IDPttFdstSq1_602QApAdvttCbf6LE43wx7UO_ACvUhGY</recordid><startdate>202407</startdate><enddate>202407</enddate><creator>Yu, Wendy</creator><creator>Collier, Zachary A.</creator><creator>Thekdi, Shital</creator><general>Blackwell Publishing Ltd</general><scope>24P</scope><scope>WIN</scope><scope>NPM</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7ST</scope><scope>7TQ</scope><scope>7U7</scope><scope>7U9</scope><scope>8BJ</scope><scope>8FD</scope><scope>C1K</scope><scope>DHY</scope><scope>DON</scope><scope>FQK</scope><scope>FR3</scope><scope>H94</scope><scope>JBE</scope><scope>JQ2</scope><scope>KR7</scope><scope>M7N</scope><scope>SOI</scope><scope>7X8</scope><orcidid>https://orcid.org/0000-0003-4145-508X</orcidid></search><sort><creationdate>202407</creationdate><title>Security screening metrics for information‐sharing partnerships</title><author>Yu, Wendy ; Collier, Zachary A. ; Thekdi, Shital</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3527-d2e4e24dd0c8b0fc7703cddc08cf253c33dd2658af98b72126e53d68f8f9f46c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Companies</topic><topic>Information dissemination</topic><topic>Information management</topic><topic>Information processing</topic><topic>Information sharing</topic><topic>Mate selection</topic><topic>Methodology</topic><topic>Natural language processing</topic><topic>partner selection</topic><topic>Partnerships</topic><topic>Policies</topic><topic>Privacy</topic><topic>privacy policies</topic><topic>Research methodology</topic><topic>risk analysis</topic><topic>Risk assessment</topic><topic>Security</topic><topic>text analysis</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Yu, Wendy</creatorcontrib><creatorcontrib>Collier, Zachary A.</creatorcontrib><creatorcontrib>Thekdi, Shital</creatorcontrib><collection>Wiley-Blackwell Open Access Titles</collection><collection>Wiley Free Content</collection><collection>PubMed</collection><collection>CrossRef</collection><collection>Environment Abstracts</collection><collection>PAIS Index</collection><collection>Toxicology Abstracts</collection><collection>Virology and AIDS Abstracts</collection><collection>International Bibliography of the Social Sciences (IBSS)</collection><collection>Technology Research Database</collection><collection>Environmental Sciences and Pollution Management</collection><collection>PAIS International</collection><collection>PAIS International (Ovid)</collection><collection>International Bibliography of the Social Sciences</collection><collection>Engineering Research Database</collection><collection>AIDS and Cancer Research Abstracts</collection><collection>International Bibliography of the Social Sciences</collection><collection>ProQuest Computer Science Collection</collection><collection>Civil Engineering Abstracts</collection><collection>Algology Mycology and Protozoology Abstracts (Microbiology C)</collection><collection>Environment Abstracts</collection><collection>MEDLINE - Academic</collection><jtitle>Risk analysis</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Yu, Wendy</au><au>Collier, Zachary A.</au><au>Thekdi, Shital</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Security screening metrics for information‐sharing partnerships</atitle><jtitle>Risk analysis</jtitle><addtitle>Risk Anal</addtitle><date>2024-07</date><risdate>2024</risdate><volume>44</volume><issue>7</issue><spage>1560</spage><epage>1572</epage><pages>1560-1572</pages><issn>0272-4332</issn><issn>1539-6924</issn><eissn>1539-6924</eissn><abstract>Recent history has shown both the benefits and risks of information sharing among firms. Information is shared to facilitate mutual business objectives. However, information sharing can also introduce security‐related concerns that could expose the firm to a breach of privacy, with significant economic, reputational, and safety implications. It is imperative for organizations to leverage available information to evaluate security related to information sharing when evaluating current and potential information‐sharing partnerships. The “fine print” or privacy policies of firms can provide a signal of security across a wide variety of firms being considered for new and continued information‐sharing partnerships. In this article, we develop a methodology to gauge and benchmark information security policies in the partner‐selection process that can help direct risk‐based investments in information sharing security. We develop a methodology to collect and interpret firm privacy policies, evaluate characteristics of those policies by leveraging natural language processing metrics and developing benchmarking metrics, and understand how those characteristics relate to one another in information‐sharing partnership situations. We demonstrate the methodology on 500 high‐revenue firms. The methodology and managerial insights will be of interest to risk managers, information security professionals, and individuals forming information sharing agreements across industries.</abstract><cop>United States</cop><pub>Blackwell Publishing Ltd</pub><pmid>38246627</pmid><doi>10.1111/risa.14267</doi><tpages>13</tpages><orcidid>https://orcid.org/0000-0003-4145-508X</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 0272-4332
ispartof	Risk analysis, 2024-07, Vol.44 (7), p.1560-1572
issn	0272-4332 1539-6924 1539-6924
language	eng
recordid	cdi_proquest_miscellaneous_2917555502
source	Wiley Online Library Journals Frontfile Complete; PAIS Index
subjects	Companies Information dissemination Information management Information processing Information sharing Mate selection Methodology Natural language processing partner selection Partnerships Policies Privacy privacy policies Research methodology risk analysis Risk assessment Security text analysis
title	Security screening metrics for information‐sharing partnerships
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-14T13%3A30%3A59IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Security%20screening%20metrics%20for%20information%E2%80%90sharing%20partnerships&rft.jtitle=Risk%20analysis&rft.au=Yu,%20Wendy&rft.date=2024-07&rft.volume=44&rft.issue=7&rft.spage=1560&rft.epage=1572&rft.pages=1560-1572&rft.issn=0272-4332&rft.eissn=1539-6924&rft_id=info:doi/10.1111/risa.14267&rft_dat=%3Cproquest_cross%3E2917555502%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3077526901&rft_id=info:pmid/38246627&rfr_iscdi=true