and Thomas W. Leigh (1993), An Exploration Of high-Risk Leisure Consumption Through Skydiving, Journal of Consumer Research, Volume 20, Issue 1, pp. 1-23.10.
and long term and manage the risks. The results of the questionnaire and interview deliver that the company size is an essential factor to distinguish the sophistication of Romania innovation systems.
15 Torben Juul Andersen and Peter Winther Schroder, Strategic Risk management Practice, Cambridge university Press, 2010.16 Vlerick Leuven Gent Management School, Global Entrepreneurship
Secondly, these conservative positions suggest that they have a tendency towards a long-term orientation that avoids risk-taking (Dess et al. 2011.
and risk-taking, creates the factors closely tied to an entrepreneurial firm (Covin and Slevin 1989;
proactiveness and calculated risk-taking, innovative marketing, and others as suggested by the innovation variable.
and also their willingness to adjust their business as necessary in order to exploit them. The proactive nature of firms to utilize opportunities was measured by action
performance, risk and value. Journal of Small Business Management, 39,31 49. Mcevily, SK, & Chakravarthy, B. 2002).
) The role of family influence in strategic response to the threat of imitation. Entrepreneurship Theory and Practice, 32,979 998.
) Entrepreneurial risk taking in family firms. Family business Review, 18 (1), 23 40. Zahra, SA, Hayton, JC,
However, the risk is that vested interests from the most powerful regional stakeholders and lobbies may condition decision-makers,
Minimising the risks of lock in, clientelism and corruption requires the design of adequate checks and balances limiting the risk of pervasive incentives for public officials.
These risks may be the consequence of a political system that fails to maintain high standards of efficiency,
that is unable to ensure a good quality of the public administration, and that is incapable of establishing a clear and transparent merit-based selection of officials.
SMES and their dynamic nature, inherent risk-taking behaviour, and resulting innovation capacities serve as catalysts to (developing) economies (Benácek, 1995;
and are formalized less, are more likely to take risks, and are faster to react to change than large firms (Parida et al, 2012).
and enable them to share the risks/costs associated with new product/service development with partners (Parida et al, 2012).
Furthermore, collaborating with parties that represent no direct competitive threat either because they operate in different sectors
or because the stage of joint innovation projects is several years ahead of market applications is associated with lower coordination costs and a lower risk of opportunism (De Man and Roijakkers, 2009;
and resources Risk of opportunistic behaviour/partner selection challenges Cost and risk-sharing Benefits of joint innovation need to be shared Speed
and peers allows small companies to share some of the risks and costs associated with innovation with these partners.
SMES that make use of their innovative strengths (e g. flexibility, risk-taking behaviour, etc. and compensate for their resource shortages by embracing OI strategies feel they are positioned better for keeping up with the pace of development
and the risk of opportunism is lower to the extent that small firms collaborate with other SMES
or partners that do not pose direct competitive threats. The final drawback mentioned by the firms in our sample is related to the high coordination costs associated with managing collaborative relations.
and their willingness to take risks are viewed as important drivers of innovation and economic growth in developing economies (Peng, 2001;
and managing the risks associated with opportunistic behaviour on behalf of their partners. While the preferred OI partners of the SMES in our sample are suppliers
The alliance literature points out that the risk of opportunism is lower to the extent that OI partners are no direct competitors in end markets (De Man and Roijakkers,
2009) and therefore it may be beneficial for SMES to predominantly engage with partners that do not pose competitive threats
and thus circumvent the risk of opportunism. 16 Acknowledgements The authors would like to acknowledge the contribution
balancing control and trust in dealing with risk. Long range planning, 42,75-95. Marcati, A.,Guido, G. & Peluso, A m. 2008.
Importantly, digital technology can give young people the confidence to take action and put their leadership skills to the test with minimal risk,
but cannot do it with confidence. xv The risk is disadvantaged that communities become further marginalised from power and unable to attract the resources needed for effective social growth.
the overall costs and risks of climate change will be equivalent to losing at least 5%of global GDP each year,
If a wider range of risks and impacts is taken into account, the estimates of damage could rise to 20%of GDP or more.'
The view of innovation in the EU 2020 strategy risks being seen as somewhat top down
including the willingness to take risks and find creative ways of using underused assets. Social enterprises are businesses with primarily social objectives
which provides flexibility for employers and security for employees against labour market risks and holistic early years'provision in Reggio Emilia, Italy);
which a critical role is played by individual entrepreneurs engaged in risk and innovation. Today most discussion of social innovation tends to adopt one of three main lenses for understanding how change happens:
The risks of change will appear great compared to the benefits of continuity. This applies as much to peasant farmers nervously contemplating new models of farming,
giving people security and prosperity the more its norms will become entrenched as part of peoples'very sense of 25 identity. xliii Organisations then become locked into routines
too many contracts place excessive risk on providers, causing some organisations to reject opportunities to deliver services;
One of the main factors for the success of the project was that interventions were targeted at the community level rather than directed towards particular‘high risk'individuals;
as a result of the security measures used by the portal. The market Increasingly, the boundaries between the private sector and the social sector are becoming blurred.
The cashless system also provides security for customers who would otherwise be forced to store their money at home
In addition, the entire process is designed to create a‘safe space'for experimentation, creative thinking and risk taking.
growth and risk-taking social ventures. Venture philanthropists seek social as well as financial returns on investment although in many areas,
regions or localities to innovate together, sharing knowledge and risks (such as the 27th Region in France).
-innovation models of audit which are proportionate about risk and able to judge programmes in the round, with a portfolio of potential risk and reward Reporting tools for example, 2-3 year reports on innovation performance by key public agencies,
using some rough metrics such as Sweden's use of social economic reporting, and the EU's encouragement of Social Return on Investment methods. 68 However, we emphasise that this is an emerging field without much strong evidence for the effectiveness of particular policies.
sufficiently outside to take risks and mobilise partners in flexible ways. In this section we summarise some of the enablers and barriers to innovation in public agencies;
However, there are numerous structural features of government that inhibit risk taking, experimentation and innovation. There are barriers and obstacles in the form of cost-based budgeting and departmental structures, audit and accountability processes,
which are more supportive of experimentation and risk taking. There are also a series of policies
A programme of actions to improve the prospects of a group (for example 14-16 year olds in a particular area at risk of crime or unemployment;
It shares the risk for a bundle of interventions, with finance raised from the market, with investors taking on some of the risk for non-achievement of social outcomes;
and reward community-led innovation in response to the threats posed by climate change. The Big Green Challenge, aimed at the not-for-profit sector is the first challenge prize of its kind.
As well as mitigating risks, the structure of a tournament helped to refine and clarify ideas. Police Act Wiki, New zealand Open innovation provides one model for harnessing highly distributed knowledge to share information,
The public can submit art and commentary on claims of pending patent applications in computer architecture, software, and information security.
Matters of national security and defence, for example, will inevitably remain closed from public discussion. However, citizens do possess both tacit and explicit knowledge as citizens,
too many contracts place excessive risk on providers, causing some organisations to reject opportunities to deliver services;
For the public sector, the traditional risk averse and cautious organisational cultures of public sector bureaucracies remain a major barrier.
In contrast, innovation in the private sector tends to be encouraged by market pressures, the clearer rewards for risk,
and find it hard to spread risk. Similarly, the informal household economy plays a critical role in developing social innovations
and an inability to secure risk-taking growth capital poses a key obstacle to the long-term sustainability and growth of the sector.
and risk-taking growth capital in particular which is critical to enabling them to move from start-up to the next level of development. cxxva transition away from grant dependence towards commercial finance is crucial for the longer-term sustainability
too many contracts place excessive risk on providers, causing some organisations to reject opportunities to deliver services;
and though it does take greater risks than banks, investees must be able to repay the loan element of their investment. cxxxii Skills
risks, management risks, staff benefits) 4. Cost effectiveness (cost savings, scalability, wider economic gains) The tool also makes explicit the strength of the knowledge base underpinning the assessments.
and risk evaluation are necessary. Given the range of funding requirements we do not propose a single social innovation fund.
and Vulnerability, Cambridge UK, Cambridge university Press. viii Marjorie Jouen (2008), Social Experimentation in Europe: towards a more complete and effective range of the EU actions for social innovation, Background paper for the Forum on social experimentation in Europe presented on 21-22 november 2008,
addressing the critical gaps in risk-taking capital for social enterprise, Skoll Centre for Social Entrepreneurship Working Paper, Said Business school, University of Oxford, Oxford: UK lxxxviii
Addressing the critical gaps in risk-taking capital for social enterprise. Skoll Centre for Social Entrepreneurship Working Paper, Said Business school, University of Oxford.
Addressing the critical gaps in risk-taking capital for social enterprise, Skoll Centre for Social Entrepreneurship Working Paper, Said Business school, University of Oxford, Oxford: UK cxxvi
and (economic and/or physical) insecurity. cliv Hoegen, M. 2009) Statistics and the quality of life: Measuring progress a world beyond GDP.
http://www. oecd. org/dataoecd/32/18/44227733. pdf. Accessed 7 january 2010. clv Flyvbjerg, B.,Bruzelius, N.,&rothengatter, W. 2003) Megaprojects and Risk:
Comparative risk assessment and environmental decision-making (pp. 15-54. Springer, Netherlands. clxvii Ibid. clxviii Baltussen, R. & Niessen, L. 2006.‘
One example is Intellipedia, the US intelligence community's wiki for sharing 1 22 THE OPEN BOOK OF SOCIAL INNOVATION information.
The new design divides the prison up into houses thereby maintaining security while allowing greater freedom of movement and freeing up financial and staff resources.
which it provides those giving out the prize a means of finding a solution to a problem without shouldering the burden of risk.
Indeed, with competitions, it is the participants who are expected to foot the financial risk. In the social economy,
however, there are arguments for sharing, rather than shifting, the risk. This can be achieved through a stage-gate process
and reward community-led innovation in response to the threats posed by climate change. The Big Green Challenge, aimed at the not-for-profit 3 PROTOTYPING
mitigate the risks of flooding and provide local residents with cheap, renewable energy. Through hydro, wind and thermal power (some of which will be owned community) Green Valleys is hoping to make the 520sq mile area‘energy independent'.
IT, supply chain systems and systems for risk management. These will be translated into an economic or business plan,
but much of the loans now being made for social ventures are coming from specialised social finance organisations, sometimes seeking security (usually from property),
and risks are reduced. They sometimes have an advantage over venture capital funding in that they can tap investors who want to make social impact their primary incentive rather than financial returns.
though it remains unclear how much they will be used primarily to spread already proven models (with reasonably reliable risk)
and risk-taking social ventures. It plays an important role in diversifying capital markets for nonprofits and social purpose organisations.
reducing risk, or by facilitating adaptation to changing markets and environments. Complex, multidimensional needs are a key site for potential collaboration.
It brings a number of benefits such as distribution of risk and financing. But it can only work
but the acquisition of new technologies and capacities, the diffusion of risk, and increasing efficiency and standards.
granting coercive powers to the state (for example, in return for security; disclosing private information (in return for more personalised services;
& Jerry's franchises to help train at-risk youth.‘‘Stanford Social Innovation Review.''Summer, 2003.8.
Incumbents tend to deflect threats or to reinterpret radical new ideas in ways that fit existing power structures.
and Sure Start providing intensive support for children to reduce risk factors. Where these succeed they create a political constituency for public investment in early years'education as well as effective models for delivery. 234) New models of the support economy.
and controversial, infrastructure is the creation of a single database of children deemed‘at risk'in the UK.
But there are many structural features of government that inhibit risk taking and innovation. There are barriers (from cost based budgeting and departmental structures, to audit and accountability processes,
Strategic issues Innovation in the public sector always risks being a marginal add-on smallscale in terms of funds, commitment of people and political capital.
Rewards can take the form of recognition, promotion or finance. 317) Appropriate risk management. Public agencies tend to be fearful of risk.
The challenge is to manage risk, not eliminate it. Risk can be managed across a portfolio of projects that span the high return/high risk 1 148 THE OPEN BOOK OF SOCIAL INNOVATION end
as well as medium and low return agendas. A balanced view of risk is vital some innovations spread too slowly
but others spread too fast, without adequate evaluation and assessment, particularly when they win the backing of leaders.
A commitment to evaluation and evidence, and staged development of new approaches, helps reduce risk. 318) Formation
and training to integrate innovation into personal development, training, and culture. Some need to become specialists in spotting, developing and growing ideas.
More generally, innovation, including a licence to take appropriate risks should be part of personal development plans. 319) Circuits of information from users to front line staff and senior managers.
and support innovation (the recent UK National Audit Office (NAO) report on innovation was a major step forward in rethinking audit as a support to innovation rather than a barrier to healthy risk-taking).
New zealand), lotteries provide a primary source of funding for community ventures. 351) Socialising risk. New forms of social insurance for long term care for example
investments combining tranches with different rates of risk/return and different sources of capital (philanthropic, public, private) such as Blueorchard (Switzerland) or Big Issue Invest in the UK. 367
Donors can handle high levels of risk and do need not the certainty of returns of the private sector.
Partly, this is because they face limited access to risk and growth capital, and to highly specialist technical knowledge,
84 Regulation & Legislation 161-162 Relational Capital 74-77 Report Empty Homes 18 Research & Mapping 17-20 Risk 54;
In a recent report on risk and innovation 1 the UK Government scientific adviser, Mark Walport, states that debates about risk are also debates about values, ethics and choices and fairness,
and who carries the risk. Work by scientists such as Walport 1 as well as by thinkers such as Schön 12
Managing Risk, Not Avoiding It The Government office for Science, London. 2. Ayres, C. J. 2012.
and hence are exposed to the risk of becoming lockedin to a specific technology, used by one contractor but not by others.
Unlike larger companies, with their teams of lawyers and consultants, SMES tend to avoid the legal risks of engaging in cross-border commerce.
European SMES therefore risk missing important economic opportunities. E-business Fourth phase: e-business (from 1999) Internet technology has gone far beyond a mere means of electronic transactions becoming a foundation for applications linked to the core business systems,
difficulties to determine costs and benefits, lack of knowledge of the e-business models, questions on reliability and security of technology.
and organizations, is required a further stage in ICT technology adoption which exploits the dynamic interaction (with cooperation and competition) of several players in order to produce systemic results in terms of innovation and economic development.
security, fair processing, integrity, confidentiality, and reliability/accessibility throughout time. The basic infrastructure could not be tied to a single provider or a unique technology;
The risk to this dependence is one of the obstacles, which delays the small organizations in embracing ICT technologies,
and is perceived as a solution to the innovation emergency that Europe now faces (European commission, 2011;
From Innovation Emergency to Economic growth. Innovation Lecture, The hague, 26 march 2012 (downloaded on 8 april 2012 from http://europa. eu/rapid/pressreleasesaction. do?
to reduce risk of development or market entry, to achieve scale economies in production, and to reduce the time taken to develop
Interaction with other students Interaction with teachers Attitude towards students in city Security 24 Student satisfaction:
However, if that is the case, there is always a risk that different institutions may use different definitions
the comments were used as a source of information for missing values and for potential threats to the validity due to deviant interpretations.
If U multirank is not dependent on one major source a further advantage lies in the distribution of financial risks.
a firmer enforcement policy is needed to address the threat of protectionism in some Member States.
%to ensure at least 20 million fewer people are at risk of poverty or social exclusion.
Improve the security of energy supply, by working for the diversification of both domestic and external energy sources.
Moreover, this part of the volume will explore the identity challenges for businesses both as security and privacy issues;
27 2. 2. 2 Advantages and Risks in Cloud computing Outsourcing Projects...28 2. 2. 3 Managing Changes and Organizational Issues...
72 4. 3. 3 Marketing Intelligence and Risk Analysis...73 4. 4 Social Listening Challenges...
89 5. 2 Advantages and Risks Associated with IT Consumerization...90 5. 2. 1 Advantages and Opportunities of IT Consumerization...
91 5. 2. 2 Challenges and Risks of the Consumerization of IT...92 5. 3 Steps for IT Consumerization...
133 7. 2 Privacy and Security Drivers and Challenges...134 7. 3 Digital Brand Management...
For further details we refer the reader to 39,40. 4 Mapreduce exploit, on the one hand,(i) a map function,
to identify fraud or medical patients health risk. Continuous process monitoring: e g.,, to identify variations in costumer sentiments towards a brand
and Twitter to identify potential threats or opportunities related to human resources, customers, competitors, etc. As a consequence, we believe that the distinction between DDSS
, improving risk analysis and fraud management, to utility and manufacturing, with a focus on information provided by sensors and internet of things for improved quality control, operations or plants performance,
In particular, low performers resulted more oriented towards the use of intuition than top performers in customer service, product research and development, general management, risk management,
perspectives on value, risk, and cost. IEEE Comput 46:32 38 24. Tallon BPP, Scannell R (2007) Information life cycle.
which can be achieved by getting the advantage of delivering the product to customers. 3. Performance assurance and quality,
which allows the company to transfer the risk of failure to the vendor, especially when the company does not have required the experience and the core competence in this field.
especially when they are composed of several hundreds of servers. 6. Data security. The infrastructure provider tries to achieve best data security by meeting the following two objectives (1) confidentiality
for secure data access and transfer, and (2) auditability, for attesting whether the security settings of the application have been altered or not.
However, this factor forms big challenge for all stakeholders in cloud computing. This happens because of the structure of the cloud computing
and Risks in Cloud computing Outsourcing Projects Cloud computing is like any other new development in IT,
since it has advantages and risks. According to 8, there are many benefits for utilizing a third party cloud computing service provider for the implementing company.
8 suggests there are s number of risks when adopting cloud computing services. These risks are summarized as follows:
1. The customer service quality at the company might be affected with this change, which could happen
The risks and impact of IT outsourcing also have to be considered. Gai and Li 10, for example suggest that security problem could arise because of poorly executed protocols
and authentication process as well as the lack of security standards that govern cloud computing. The importance of the security issues is addressed also by many other authors such as Srinisvasan et al. 11.
In their research they classify the concerns about the security into two main categories: 2. 2 Strategic and Managerial Challenges and Opportunities 29 A. Architectural and Technological Aspects,
and includes the following points: 1. Logical storage segregation and multi-tenancy security This risk might happen
when some clients and their own competitors share the same physical storage location, which could result in private data exposure.
and access management is still facing challenges from different aspects such as security, privacy, provisioning of service as well as VMS, etc.,
when considering the‘pay as you use'feature of the cloud. 3. Insider attacks This risk can be very dangerous based on the fact that the provider does not reveal information such as, e g.,
This risk can lead to situations like financial impact brand damage and productivity loss. 4. Virtualization issues Virtualization is very important in the cloud computing to achieve its goal of sharing resources.
Virtualization of enterprise servers introduces considerable security concerns. Associating multiple servers with one host removes the physical separation between servers,
increasing the risk of undesirable cooperation of one application (of one VM) with others on the same host.
then it brings significant threats to the holistic view of cloud computing. 5. Cryptography and key management The need for appropriate and,
6. Governance and regulatory compliance gaps The well-developed information security governance processes should exhibit the following characteristics:
and internal design details which would lead to major security concerns for CSP as well as customers like cyberattacks
and comprises risks related to data security and portability. Level 2: Cloud migration, which will happen during the change from one CSP to another
and comprises risks about data migration security and about making sure that the old CSP, will delete customer's data on its cloud servers. 9. Service Level Agreement
Therefore, the following SLA Security Qualities (SSQS) are important for any customer who wants to transform to cloud computing service model:
2. 2 Strategic and Managerial Challenges and Opportunities 31 agreements on security related issues; up-to-date technology improvement by the CSP;
Other examples of the risks include the low controllability over the service, data ownership and loss of data since it is provided by a third party service provider,
The previous mentioned risks and challenges have to be considered by the transforming company which needs to be able to deal with them by having backup plans in case of a disaster.
it has to establish well governing policies that would control the relationship with the service provider regarding the security issues.
and covering the problems that could emerge such as security issues 13. On the other side, 14 suggests that the service supplier can enhance the quality of the service it provides by using an execution log to register the correct execution of a business process,
it is worth noting that management (first column of Table 2. 1) includes governance, operations, security, compliance, etc.
The chief advantage of this model is that the enterprise retains full control over corporate data and security and system performance.
when there are concerns about security and data sovereignty. In contrast to previous model, the public cloud is open for use by the general public i e.,
however, security concerns may be considerably different for the cloud services such as applications, storage, and other resources that are made available by a service provider for public access
flexibility, Service Legal Agreements (SLAS), security standards, backup strategies, customer support, downtime history and pricing policy.
and how the transformation to the cloud computing model would help to meet those Outsourcing Provider Evaluation System Function Service Quality Integration Economics Professionalism Usefulness Ease of use Accuracy Tangibles Reliability Security
and risk assessment and includes the activities and outputs shown in Table 2. 4. In this step,
This includes critical decisions such as staffing, communication, organizational rules and risk assessment. This step faces challenges such as clearly defining business
and the risks accompany this migration before the firms transform their IT system to the cloud.
to ponder the benefits that will be gained as well as the risks that are inherited in this transformation. The second case study,
and department, including the Ministry of Education, Science and Technology, the Ministry of Public Administration and Security, Korea Customs service, Ministry 42 2 Cloud computing of Construction and Transportation, the National Tax Service,
Careful analysis of the benefits, opportunities and risks are very important in the transformation to the cloud computing environment.
The second is about to the risk related to the data protection and security, which is a very important factor that needs to be considered.
This Chapter provides a description about the risks accompanying cloud computing and how to manage them.
benefits and risks associated with cloud computing. These case studies show that many issues have to be considered before commencing with the transition to this new technological platform.
10.1109/EMEIT. 2011.6022935 2. Carroll M, Van der Merwe A, Kotzé P (2011) Secure cloud computing benefits, risks and controls.
2012 international conference on multimedia information networking and security, pp 142 146. doi: 10.1109/MINES. 2012.240 11.
Srinivasan MK, Sarukesi K, Rodrigues P, Manoj M, Revathy P (2012) State-of-the-art cloud computing security taxonomies classification of security challenges in the present cloud.
2011 5th international conference on network and system security, pp 280 284 15. Atkinson P (2005) Managing resistance to change.
Security, strictly connected to performance issues, but focused on the challenges of guarantying the privacy of data and the trustworthiness of mobile applications and services interactions.
As for development, the diversity of devices and the consequent scalability of development platforms pose significant challenges to applications management with regard to costs of functionalities, user experience, and data security.
Development Platforms for Mobile Applications (App) based on a reference framework Application integration with enterprise information systems (software and data) Device management (data privacy and security) Software solutions
to support applications management on devices Development Integration Security Performance Fig. 3. 3 Digital management solutions 56 3 Mobile Services The native development
Define a priori reference device (s). Choose the preferred device (s). Exploit any internal skills already acquired on a particular technology suitable to be adopted for the mobile applications development on the chosen device (s). Develop the requirements of usability of the mobile
and devices on the legacy systems Best-ofbreed The option to acquire progressively on the market the needed functionalities mitigates the risk of relying on a single vendor The approach
ensuring the security of the data (see Fig. 3. 3) is by far one of the most critical issues in the field of development and management of mobile applications and services.
Accordingly, security can be addressed through the adoption of different types of enabling solutions. We discuss them in what follows,
In summary, they focus on risks and challenges for company data privacy and security by Bring Your Own Device (BYOD)
and IT Consumerization emergent phenomena (see for details the Chap. 5 of this book). As for Application Streaming solutions, they can be considered a kind of application virtualization.
on the one hand, provide the user with a certain Table 3. 6 Solutions suitable to enable device security management Solutions Benefits Drawbacks Mobile device management Simple to install Provide centralized management of the devices used by the user
on the other hand, they improve security and control, ensuring the virtual separation of personal and business data as well as operating systems (the former managed by the mobile operators,
and security related, e g.,, to the access and unauthorized disclosure of corporate data as well as the sharing of personal sensitive data. 3. 4 Case studies In this Section we discuss fact-sheets of case studies,
Wordnet 20, reducing the potential threat described above. Under this point of view, ontologies enable Web documents annotation,
which it has been used. 4. 3. 3 Marketing Intelligence and Risk Analysis Key words for new strategies such as‘‘open solution'',
However, the adoption of these technologies based on web applications is influenced by the ability to properly develop security policies.
Thinking about mobile banking, it seems to be evident the potential threat related to security issues,
Moreover, in addition to web browsers, also web server software can be attacked easily by malware and other threats.
In order to effectively react to these challenges is highly important to define security policies able to identify in advance any kind of vulnerability.
Trying to manage the security issues actively, involving in an integrated way IT, Marketing and Human resources functions,
Therefore, the marketing intelligence approaches and technologies can play a crucial role in the risk analysis process (using, for example,
Furthermore, the additional threat is that illegal behaviors such as‘‘cyberbulling'',stalking'',phishing'',scam'',marketing spam,
Other researchers has shown the risk to privacy related to vanity queries, in which a user issues a query for his or her own name 31.
identify, evaluate and face the impact of external risks that rise up from social networks and 2. 0 technologies.
identify potential threats, evaluate the impact and undertake initiatives in order to eliminate or reduce the potential threats.
Precautionary actions (through marketing intelligence tools) can create the conditions through which firms can control the information flow
in order to prevent and control risks through marketing intelligence tools, these have to use advanced and appropriate metrics.
in order to translate potential risks into quantified data, further efforts are required to design and develop frameworks
and applications to recognize potential threats into a text. One of the most interesting approach could be described the one by 32,
that is focused on the risks identification in messages or texts, trying to support the decision making process (this approach has been applied in the financial sector).
Finally, one of the characteristic of the risk is the uncertainty. This means that more than one result can occur.
The three dimensions lead investors to recognize risk associated statements or messages. After this first step
the potential threats are classified on the base of their impact (positive, negative or positive negative.
(or can be associated to a risk; evaluate which kind of impact this risk can have. External Risks Legislation Competitors'activities Market Socioeconomic context Suppliers and partners Internal Risks Compliance Business processes Operations Marketing Intelligence activities Reduce external factors
impact Prevent risks and criticalities Fig. 4. 1 Risks areas and factors Statement Uncertainty Firm Value Future Timing Risk Impact Fig. 4. 2 Model for recognize risks
associated statements. Adapted from 32 76 4 Social Listening In order to facilitate the automatic learning activity,
all the sentences are converted into a numerical representation, which can refer to single words, sentences with two or three words,
or part-of-speech (POS) tags. POS are used usually in order to catch syntactic aspects, while for semantic aspects usually tools such as, e g.,
in order to predict potential risks, but it perfectly shows all the threats and challenges that the marketing intelligence has to face
in order to be effective in the new competitive landscape. 4. 4 Social Listening Challenges Nowadays the techniques
that is the generation of positive or negative comments and opinions by Table 4. 3 Statements and risk impact examples Statements Risk impact‘‘Although lots of analysts predicted that the defibrillator market would have increased by 20%yearly,
Therefore, it is highly important to find a way to reduce this threat before people lose their trust on online reviews.
that let decision makers to apply tag on single content elements such as potential threats, business opportunities, etc.,
The company, based in United states, plans, builds and implements facility programs for firms, providing uniforms, cleaning services, hygienic supplies, promotional products, security products, fireproof protection services,
and enhancing the monitoring and risk management performance); adopt procedures as opened as possible (less sequential;
Proceedings 2009 IEEE International Conference Intelligent Security Informatics. IEEE Press, Richardson, Texas, USA, pp 266 268 20.
Horringan JA (2008) Online shopping Internet users like the convenience but worry about the security of their financial information.
and Risks Associated with IT Consumerization Consumerization of IT represents both a challenge for the business,
thus, it Limited connectivity Email or IM Communications IT Department Chooses the PC Primary device is fixed IT department has the control One device, One task Management & Security inside the Firewall Moving from Moving
anywhere Freedom to participate Devices that reflect me Primary device is mobile Users want agility and Freedom One device, many tasks Boundary-less security and manageability Fig. 5. 1 IT Consumerization
and Risks Associated with IT Consumerization 91 has gained an important role in increasing workforce creativity
and decentralize security policy and security governance, a trend that is irreversible and will lead in the middle term to the falling of traditional security models. 2 Data Management opportunities:
successful implementation of the IT consumerization requires strong architecture that could result in better data management practices and results.
and Risks of the Consumerization of IT The increasing number of employees'private devices used in workplace is presenting a challenge for the managers 10.
Also, the Information security Forum (ISF), 12, has analyzed the challenges, trends and solutions for IT consumerization:
hence, it is difficult to apply the same security standards and policies on those personal devices.
Nevertheless, the ISF's report 12 offers guidance that is related to organization's security response planning, that addresses how the people use the devices and
and security issues related to them. Fourth segment is about the issues related to software and apps used on the consumerized devices.
which is an information security specialist, has cooperated with Carnegie mellon University, in a report entitled‘Mobility and Security'that addresses the consumerization related problems 12.
This report argues that enterprise policies and practices are well behind the arrival of new advancements.
or loss of the devices is considered as a bigger security threat, since the lost smartphone can contain significant amounts of sensitive corporate data.
Additionally, European Network and Information security Agency (ENISA), has provided a categorization for the risks associated with the consumerization of IT.
These categories and the risks assessed under each one of them are summarized as follows: 5. 2 Advantages and Risks Associated with IT Consumerization 93 Category 1:
Risks Related to Costs The risks under this category are: 1. Increased risk of loss of value in cases when employees bring bad reputation to the organization's name
or brand by uncontrolled use of consumerized services/devices such as, e g.,, Dropbox. 2. The increased variety and complexity of personal and mobile devices as well as different operating systems and applications that all requiring management will lead to increased costs. 3. The possibility of losing mobile devices would likely increase when the organization uses
more of these equipment, which means more costs. 4. Additional spending might happen to ensure that the security requirements do not prevent appropriate consumerization
or encourage inappropriate use of consumer devices. Category 2: Risks Related to Legal and Regularity Issues The risks under this category are:
1. Corporate governance and compliance control over employee-owned devices will not be optimal. 2 . Since the consumerized personal devices may be owned
which may result in risks related to the intervention of businesses in the private life and property of employees.
Risks Affecting Data (Confidentiality, Integrity and Privacy) The risks under this category are: 1. the possibility of losing corporate data because of unauthorized sharing and usage of information on employees'devices by the services running on them;
3. the risk of losing corporate data as a result of difficulty in applying security measures and policies on application-rich mobile devices,
4. increased risk of the corporate data being hacked due to external attack. The following table (Table 5. 1) summarizes
and classifies the previous mentioned risks into primary and secondary categories. It provides cross-functional information for those interested primarily in one kind of risk who may need to consider the relationship between certain type of risk and others.
For example, it is expected that businesses dealing with privacy issues, might also be interested in risks related to data loss. 94 5 IT Consumerization Moreover,
more cost oriented businesses might also be interested in legalrelated risks. In the table the X symbol represents the primary category
and the (X) symbol represents the secondary category. Additionally, the table provides explanations on why some risks are falling into one
or more secondary categories. 5. 3 Steps for IT Consumerization Companies have to rethink their strategies to seize the opportunities associated with the consumerization of the IT devices rather than facing the consequences of this trend.
and secondary classification/dependencies of identified risks Category (cat) & risk (R) Category Comment Costs Legal and regularity Data Cat (1) R (1) X
privacy violations Cat (3) R (4)( X) X Secondary category as legal/regulatory from possible privacy violations Adapted from 7 5. 2 Advantages and Risks Associated
However, such procedures can conflict with the enterprise's IT SECURITY policies 13. As mentioned before, cloud computing is the IT service that makes this even easier,
and address some of the inherent security issues associated with the Bring You Own Device BYOD strategy, in particular:
To update security model: the decision makers in the business need to develop a security model for employee-owned devices.
This means shifting focus into a broader vision. In other words, instead of focusing solely on securing hardware devices,
security, manageability, productivity, performance and ease of use 14.5.4 Business Scenarios for IT Consumerization During the consumerization of IT, strategy planning, business requirements, policies,
such as those listed in Table 5. 2. 1 Engage Stakeholders 2 Update Security Model 3 Decide on OS and devices 4 Plan Deployment 5 Stay current with Technology Fig
while in their offices because of security restrictions. 5. 4. 2 Bring Your Own Media Tablet A business manager handles hectic schedules and endless lists of tasks and responsibilities.
Also, legal considerations with regard to licensing, security, and privacy exist. Moreover, the ability of the users for being self-supporting
The organization that wants to adopt a consumerization of IT in a cost-effective manner has to evaluate the benefits and risks of such a strategy
and mitigate the risks involved 104 5 IT Consumerization with the adoption of this strategy;
and security risks involved in using certain software applications. Legal considerations. It is crucial to consider the different legal
and Twitter and at the same time to work in accordance to the security standards of the enterprise firewall and can be integrated with other systems at the enterprise that are managed by a company's own IT department.
In an ever changing business environment that brings new security and compliance challenges, IT must balance flexible user choice with secure, cost-effective management standards across the organization.
top risks and opportunities responding to the evolving threat environment. ENISA, Heraklion, pp 1 18 5. 10 Summary 109 8. Copeland R, Crespi N (2012) Analyzing consumerization should enterprise business context determine session policy?.
Security CF & ISF (2011. Advises on consumerisation. Comput Fraud Secur 20 (3): 20 23. doi:
DMSS commonly provide storage, versioning, metadata, security, as well as indexing and retrieval capabilities. The issues that accompany the use of such systems are the security, data integrity and quality,
standards that govern the way these systems work, user compatibility, and the way the workflow is configured pre in such software applications.
Examples of these limitations include the storage capacity, the speed of the internet and issues related to security.
humanbased character recognition via web security measures. Science (80-)321: 1465 1468 25. Verma A, Singh A (2010) Webinar education through digital collaboration.
10.4304/jetwi. 2. 2. 131-136 References 131 Chapter 7 Digital Business Identity Abstract This Chapter explores the identity challenges for businesses both as security
Besides these strategy and marketing facets of digital business identity, the technical and social challenges to privacy and security related to this openness and‘‘instability''6 of digital competition are worth mentioning.
As for privacy and security factors, we are going to consider the technological perspectives that often prevail in their discussion,
and challenges. 7. 2 Privacy and Security Drivers and Challenges Chapter 5 ON IT consumerization has shown some of the main risks associated to the BYOD emerging trend in organization.
In particular, the Chapter has shown that the decision makers need to develop security models for employee-owned devices
in order to protect its identity at internal level, in terms of privacy of data and security of its own information infrastructure.
Considering cybercrime as reported by Paul Hyman on the Communications of the ACM (CACM) 8 on March 2013,
security companies evaluations about the costs of the cybercrime worldwide were $110 billion every year according to Symantec Corp.;
Hyman pointed out also that the following identity-related motivations security experts see as constraints and causes for a limited accuracy of costs estimations 8: 134 7 Digital Business Identity
-or overinflated estimates of the scale of the risk of cybercrime 8. According to a report titled‘Measuring the cost of cybercrime'9,
the cost of protection against cybercrime often exceed the cost of the threat itself 10.
considering all the main types of cybercrime, such as, e g.,, online payment and banking fraud, fake antivirus, patent-infringing pharmaceuticals.
As for the main constructs of the framework, apart from the above cited cybercrimes and their supporting infrastructures,
the others were defined by 9 as follows: Criminal revenue is‘‘the monetary equivalent of the gross receipts from a Crime''9, p. 4. For example,
the revenue of a phishing advertised by email spam is the sum of the money withdrawn from the accounts of the subject that is victim of the phishing activity.
or other suffering felt by the victim as a consequence of a cybercrime''9, pp. 4 5. Example of such kind of losses are, among others,
pain suffered by the subject target of the cybercrime action; deferred purchases or not having access to money 9. Indirect losses are‘‘the monetary equivalent of the losses
and opportunity costs imposed on society by the fact that a certain cybercrime is carried out, no matter whether successful or not and independent of a specific instance of that cybercrime''9,
p. 6, including security products, security services, such as, e g.,, training, regulations and/or law enforcement, etc.
and defense costs''9, p. 6. 7. 2 Privacy and Security Drivers and Challenges 135 As for the report findings, one of the main suggestions concerned the fact that indirect costs
of cybercrimes on business are several times higher than the direct costs. Furthermore, as pointed out by Ross Anderson, one the researchers of the report,
and locking them up would be far more effective than telling the public to fit an anti-phishing toolbar or purchase antivirus software''10, p. 1. Thus,
a conclusion from the study is that public and private spending should be focused less on defense of computer crime (i e. antivirus, firewalls etc.)
Considering Defence Costs Indirect Losses Criminal Revenue Direct Losses Cybercrimes Supporting Infrastructure Cost to society Fig. 7. 1 A framework for evaluating the costs of cybercrime.
financial/monetary security/risk/and compliance, business processes, and supporting processes and infrastructure. Coherently with the BSC concept, the perspectives should be translated into metrics,
For example, according to 15 metrics for the financial monetary perspective can be estimated the costs for security incidents (e g.,
while for the security/risk/and compliance perspective they can be the mapping of users
However, a digital business identity is built also through interaction and exposure to users and societal Business Processes Security, Risk,
and Compliance Supporting Processes and Infrastructure Financial/Monetary Decision Support/Tactical Layer Risk management (Financial, IT), accounting,
Adapted from 15 7. 2 Privacy and Security Drivers and Challenges 137 as well as cultural factors in the outer context.
, cybercrime and for Enterprise Identity Management. Besides the inner context of an organization, the Chapter has pointed out how digital business identity in the outer context is built through
10.1287/isre. 1120.0470 8. Hyman P (2013) Cybercrime: it's serious, but exactly how serious?
(2012) Measuring the cost of cybercrime. Elev. Annu Work Econ Inf Secur (WEIS12), Berlin, DE, June 25 26 10.
Anderson R How much does cybercrime cost? http://www. cam. ac. uk/research/news/how much-does-cybercrime-cost 11.
Birch D (2007) Digital identity management technological, business and social implications. Gower Publishing, Aldershot 12.
information technology (IT) governance is a subset discipline of corporate governance focused on information systems and their performance and risk management.
and managing decisions for value generation as well as the risks that are associated with its practices. The interest in IT governance is need related to the for compliance and greater accountability of IT investments and use,
Table 8. 1 shows the decision making areas that can be addressed by having good governance to solve key drawbacks and risks, likewise.
Similarly, business managers and employees think Table 8. 1 Governance benefits for risks associated to key decision making areas Key decision making areas Risks Governance benefits Identifying the relevant decisions Misdirected effort
It was done using IT governance related areas such as strategic alignment, value delivery, risk management, resource management and 152 8 Digital Governance performance management.
and accountability Value Delivery and Risk management Related Critical Success Factors 7. Consolidate, communicate and enforce policies
However, after completing preliminary interviews, it became clear that the selected enterprise had significant gaps in its security policies
and a serious security issue as various consultants and subcontractors were working with highly confidential citizens'data.
Consequently, the vulnerability assessment considered the four major security issues mentioned below: 1. protection of sensitive personal data;
4. the lack of monitoring mechanisms, providing top management with the ability to validate that their security programs
and practices with a focus on security and compliance over the long-term (since security variables are actually challenging
and are continually changing). The use of COBIT framework in this case study has proved that it can effectively solve these challenges, providing quality outcomes, likewise 22.
Security is a focal point and challenge of any digital and IT governance implementation; therefore, companies have to put more efforts to address it.
The risk of an enterprise not knowing the identity of its business partners is increased by e-commerce transactions
As a consequence, e-business and e-commerce are concerned more with IT governance due to their inherent risks.
These threats require the adoption of strong controls, policies, and management practices. Therefore each and every organization should have a thorough measure that reflects the risks,
as well as the benefits of a project. Organizations can achieve the best out of such situations by implementing effective IT governance practices 23.
guarantee security and integrity of business information, ensure availability and continuity of business operations, protect assets and reduce ITRELATED business risks.
There is also an increasing pressure ON IT to automate and sustain compliance with regulations. Taking these issues into account,
However, IT governance requires the commitment and involvement of an organization's IT professionals as well as its security professionals.
World Congress on Internet security, pp 144 149 23. Iskandar M, Akma N, Salleh M (2010) IT governance in airline industry:
i e. the first offer of securities to the public by a company on a regulated market) to bankruptcy in less than a year.
and implement a business model able to deal with and exploit such characteristics of the digital economy.
as well as the phenomenon of piracy and illegal downloading of music content which make it extremely difficult to capture the value originating from online transactions.
emotional costs due to the uncertainty and operational risks associated with the products and technologies in use.
which exploits the peculiarities of the information economy, is the so-called‘‘freemium''(combination of‘‘free''and‘‘premium'')
and since the innovation process involves higher costs and risks, the incentive to innovate is,
and risks of research and significantly Table 9. 9 Comparison between closed and open innovation Closed innovation Open innovation Location of R&d resources Internal R&d Internal and external
reducing and sharing the risks and improving competitive performance, likewise. 9. 6 Summary This Chapter has provided an overview of the digital innovation impact on Business models (BMS).
and adoption of many other solutions based on the same core algorithms. 10.4 Billguard Billguard 5 is a personal finance security system scanning credit card activity daily for hidden
The management team is composed of data scientists, mathematicians, security experts and industry specialist, supported by the investments of some of the founders and CEOS of Google, Paypal, Verisign and Sun microsystems.
and this can be their own private personal one, with consequences ON IT policies as for security, disclosure of data, and privacy.
, policies for privacy and security of data and information flows; on the other hand, promoting it in terms of brand in an ever-changing and dynamic digital market (see Chap. 7). Thus,
204 Customer experience management (CEM), 67 Customer relationship management (CRM), 67 Customer support, 34 Cybercrime, 134 136,143 DDATA, 4 Data deluge, 4
legal agreements (SLAS), 31 Service level agreement (SLA), 34 Service management capabilities, 48,49 SLA security qualities (SSQS), 31 SOAP, 25
Overtext Web Module V3.0 Alpha
Copyright Semantic-Knowledge, 1994-2011