Cynefin Framework for Decision Makers for Information Systems Security in the face of Information Asymmetry

Year 2015, Volume: 1 Issue: 1, 1 - 13, 22.03.2016

Mehmet S. Derindere Önder Göçer

Abstract

This conceptual paper examines the dichotomy of IS decision makers as both being the client to security systems providers and provider of security for the

established platform and offers Cynefin framework for sense-making in guidance for management decision making landscape. Cynefin framework which was developed in knowledge management context provides a suitable tool of sense-making for decision makers in use of security systems governance whom must both be able to select the right mindset, systems and tools, and also facilitate security using these systems in many cases without adequate knowledge about their internals as well as the environmental factors.

Keywords

Cynefin framework, information asymmetry, complexity, Information Systems, IS security, management ontology, epistemology

References

• Ackoff, R. (1974). Redesigning the Future. New York: Wiley.
• Ajans. (2014, February 25). Retrieved from SonDakika: http://www.sondakika.com/haber/haber-basbakan-devletin-kriptolu-telefonlarini-5712478/
• Akerlof, G. (1970). The Market for Lemons: Quality Uncertainty and the Market Mechanism. Quarterly Journal of Economics, 84(3),488-500.
• Alpcan, T., & Başar, T. (2006). An intrusion detection game with limited observations. 12th Int. Sym. on Dynamic Games and Applications. Sophia Antipolis.
• Bloomberg. (2012). The Price of Cybersecurity. Bloomberg.
• Burnett, M. (2011, 06 20). 10000 Top Passwords. Retrieved from Xato: https://xato.net/passwords/more-top-worst-passwords/#.UymXeVck-Qs
• Burnett, M., & Kleiman, D. (2005). Perfect Passwords: Selection, Protection, Authentication. Massachussets: Syngress.
• CEN. (2004, March 01). European Guide to good Practice in Knowledge Management. Retrieved from European Committee for Standardization: ftp://cenftp1.cenorm.be/PUBLIC/CWAs/e-Europe/KM/CWA14924-01-2004-Mar.pdf
• Chang, F. R. (2013, November 5). Studying the ‘Wicked Problem’ of Cyber Security. Cyber Security News, 1-2.
• Eoyang, G. H. (2004). Conditions ofr self-organizing in Human Systems. Futurics, 28,10-50.
• Epstein, R. A. (1984). In Defense of the Contract At Will. University of Chicago Law School Chicago Unbound , 947-984.
• Goldratt, E. M. (1997). Critical Chain. New York: The North River Press.
• Greenwald, G. (2013, June 6). The NSA Files. Retrieved from the Guardian: http://www.theguardian.com/world/the-nsa-files
• Gregor, S. (2006). The Nature of Theory in Information Systems. MIS Quarterly, 30(3), 611-642.
• Hasan, H., & Kazlauskas, A. (2009). Making Sense of IS with the Cynefin Framework. Hyderabad: Association for Information Systems.
• Honan, M. (2012, 11 15). Why no password is safe from hackers. Retrieved 04 1, 2014, from Wired Magazine: http://www.wired.com/2012/11/why-no-password-is-safefrom-hackers/
• Jones, M. G. (2013). Asymmetric information games and cyber security PhD Dissertation. Atlanta: School of Electrical and Computer Engineering Georgia Institute of Technology.
• Keen, P. G., & Morton, M. S. (1978). Decision Support Systems An Organizational Perspective. New York: Addison-Wesley.
• Kellert, S. H. (1993). In the Wake of Chaos: Unpredictable Order in Dynamical Systems. Chicago : University of Chicago Press.
• Kurtz, C., & Snowden, D. J. (2003). The new dynamics of strategy: Sense-making in a complex and complicated world. IBM Systems Journal, 42(3), 462-483.
• Murphy, T. J. (2011). A comparison of Cyber Attack Methods. Journal of Physical Security, 5(1), 78-82.
• Rittel, H., & Webber, M. (1975). Dilemmas in a General Theroy of Planning. Policy Sciences(4), 155-169.
• Snowden, D. F. (2013). Multi-ontology sense making- a new simplicity in decision making. Informatics in Primary Health Care, 13(1), 45-53.
• Snowden, D. J. (2005). Multi-ontology senes making: a new semplicity in decision making. Management Today, 20, pp. 1-13.
• Süskind, P. (1985). Perfume: The Story of a Murderer. New York: Alfred A. Knopf. Trevelyan, B., Smallman-Raynor, M., & Cliff, A. D. (2005). The Spatial Dynamics of
• Poliomyelitis in the United States: From Epidemic Emergence to Vaccine-Induced Retreat, 1910–1971. Annals of the Association of American Geographes, 95(2), 269-293.
• USNI. (2010). Cyber Threats to National Security. Cyber Threats to National Security, Symposium One: Countering Challenges to the Global Supply Chain (pp. 1-36). Washington: CACI International Inc.
• You, X., & Shiyong, Z. (2003). A kind of network security behavior model based on game. Proceedings of the Fourth International Conference on Parallel and Distributed Computing (pp. 950-954). Chengdu: IEEE.