Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective
This paper investigates the relationship between Information Systems (IS) integration and the use of cybersecurity countermeasures using an adapted exposure to risk perspective which considers both the probability of a risk through vulnerability points theory and the impact of the risk if it occurs....
| Main Authors: | , , |
|---|---|
| Format: | Journal Article |
| Published: |
2018
|
| Online Access: | http://hdl.handle.net/20.500.11937/66396 |
| _version_ | 1848761311681314816 |
|---|---|
| author | Baskerville, Richard Rowe, F. Wolff, F. |
| author_facet | Baskerville, Richard Rowe, F. Wolff, F. |
| author_sort | Baskerville, Richard |
| building | Curtin Institutional Repository |
| collection | Online Access |
| description | This paper investigates the relationship between Information Systems (IS) integration and the use of cybersecurity countermeasures using an adapted exposure to risk perspective which considers both the probability of a risk through vulnerability points theory and the impact of the risk if it occurs. Based on an econometric analysis of a survey sample of 9,721 French firms, the study finds that higher degrees of system integration entail higher degrees of cybersecurity usage. Whereas previously it was thought that systems integration reduces the number of vulnerabilities and thus the need for cybersecurity countermeasures, we find that the more the system is integrated, the greater the use of self-protective cybersecurity countermeasures. We theorize that this finding comes from the elimination of many uncontrollable vulnerabilities and the presence of fewer, but controllable, vulnerability points. This finding holds both for internal and external integration but is stronger in the latter case. Moreover, results show that internal dynamism is positively correlated with cybersecurity countermeasures. Our reasoning applies to cybersecurity in terms of self-protective security measures but not necessarily to risk-transfer security measures. |
| first_indexed | 2025-11-14T10:29:40Z |
| format | Journal Article |
| id | curtin-20.500.11937-66396 |
| institution | Curtin University Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-14T10:29:40Z |
| publishDate | 2018 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | curtin-20.500.11937-663962018-04-30T02:48:45Z Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective Baskerville, Richard Rowe, F. Wolff, F. This paper investigates the relationship between Information Systems (IS) integration and the use of cybersecurity countermeasures using an adapted exposure to risk perspective which considers both the probability of a risk through vulnerability points theory and the impact of the risk if it occurs. Based on an econometric analysis of a survey sample of 9,721 French firms, the study finds that higher degrees of system integration entail higher degrees of cybersecurity usage. Whereas previously it was thought that systems integration reduces the number of vulnerabilities and thus the need for cybersecurity countermeasures, we find that the more the system is integrated, the greater the use of self-protective cybersecurity countermeasures. We theorize that this finding comes from the elimination of many uncontrollable vulnerabilities and the presence of fewer, but controllable, vulnerability points. This finding holds both for internal and external integration but is stronger in the latter case. Moreover, results show that internal dynamism is positively correlated with cybersecurity countermeasures. Our reasoning applies to cybersecurity in terms of self-protective security measures but not necessarily to risk-transfer security measures. 2018 Journal Article http://hdl.handle.net/20.500.11937/66396 10.1145/3184444.3184448 restricted |
| spellingShingle | Baskerville, Richard Rowe, F. Wolff, F. Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective |
| title | Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective |
| title_full | Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective |
| title_fullStr | Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective |
| title_full_unstemmed | Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective |
| title_short | Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective |
| title_sort | integration of information systems and cybersecurity countermeasures: an exposure to risk perspective |
| url | http://hdl.handle.net/20.500.11937/66396 |