Incorporating Information Security in Analysis of Business Strategy: A Conceptual Framework

摘要

The rise of Information Technology over the past decades has contributed to the increase of digital and electronic information processing greatly. As a result, information security has become a major strategic concern of firms and business strategy needs to incorporate information security deliberately. This study explores strategic implications of information security by conducting an empirical firm case study, an assessment of a national market and a more general industry analysis. The investigation is based upon concepts widely acknowledged in strategic management. The results argue the unambiguous necessity of incorporation of information security in the analysis of business strategy and suggest a number of strategic issues related to firm resources, market conditions and industry circumstances that are of essential meaning for strategy development. Some of these issues include privacy and anonymity, laws and regulations, natural risks and business continuity, informational assets and related knowledge, routines, software and hardware, trust and confident in e-markets, reputational advantage and buyer’s loyalty. A conceptual framework is established to synthesise the results of the investigation.