Bhatti Baber Majid, Mubarak Sameera, Nagalingam Sev
UniSA STEM, University of South Australia, Adelaide, Australia.
UniSA Business, University of South Australia, Adelaide, Australia.
Autom Softw Eng. 2021;28(2):12. doi: 10.1007/s10515-021-00286-x. Epub 2021 Jul 16.
Information technology outsourcing (ITO) is a USD multi-trillion industry. There is growing competition among ITO service providers to improve their service deliveries. Natural language processing (NLP) is a technique, which can be leveraged to gain a competitive advantage in the ITO industry. This paper explores the information security implications of using NLP in ITO. First, it explores the use of NLP to enhance information security risk management (ISRM) in ITO. Then, it delves into the information security risks (ISRs) that may arise from the use of NLP in ITO. Finally, it proposes possible ISRM approaches to address those ISRs in ITO from the use of NLP. The study follows a qualitative approach using the case study method. Nine participants from three organisations (an ITO client, service provider and sub-contractor) engaged in an ITO relationship in the ICT industry were interviewed through a semi-structured questionnaire. The research findings were verified through a focus group. Case study scenarios are provided for a clear understanding of the findings. To the best of our knowledge, it is the first study to investigate the information security implications of the use of NLP in ITO.
信息技术外包(ITO)是一个规模达数万亿美元的产业。ITO服务提供商之间为提高服务交付质量的竞争日益激烈。自然语言处理(NLP)是一种可用于在ITO行业获取竞争优势的技术。本文探讨了在ITO中使用NLP对信息安全的影响。首先,探讨了使用NLP增强ITO中的信息安全风险管理(ISRM)。其次,深入研究了在ITO中使用NLP可能产生的信息安全风险(ISR)。最后,提出了针对ITO中因使用NLP而产生的那些ISR的可能的ISRM方法。该研究采用案例研究方法的定性研究方法。通过半结构化问卷对来自信息通信技术行业中参与ITO关系的三个组织(一个ITO客户、服务提供商和分包商)的九名参与者进行了访谈。通过焦点小组对研究结果进行了验证。提供了案例研究场景以便清楚地理解研究结果。据我们所知,这是第一项调查在ITO中使用NLP对信息安全影响的研究。
