Skip to main content
SpringerLink
Log in

Information Security Implications of Machine-Learning-Based Automation in ITO Service Delivery – An Agency Theory Perspective

  • Conference paper
  • First Online:
Neural Information Processing (ICONIP 2020)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 12533))

Included in the following conference series:

Abstract

The trend of information technology outsourcing (ITO) to service providers (SPs) is growing. SPs bring improvements through transformation projects and migrate outsourced scopes to their service delivery platforms (SDPs). For realizing economies of scales for themselves, and improving the information security and bringing efficiencies for their clients, the SPs implement machine-learning-based automation (MLA) for ITO service delivery on SDPs. However, MLA is not a silver bullet and exposes the outsourced scopes to new types of information security risks (ISRs). This paper aims at exploring those ISRs and understanding their implications. It applies agency theory to examine differing viewpoints of multiple organizations engaged in an ITO relationship. The study investigates an ITO setup of three organizations in the telecom industry. To gain insights into ISR implications, a qualitative approach was followed using a case study method and data was collected through interviews. Adversarial attack scenarios, ISRs and ISR implications on ITO service delivery are presented. To the best of our knowledge, it is the first study investigating the ISRs of MLA in ITO service delivery.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ISO 37500:2014 Guidance on outsourcing. Standard, International Organization for Standardization, November 2014. https://www.iso.org/standard/56269.html

  2. Ahmed Nacer, A., Godart, C., Rosinosky, G., Tari, A., Youcef, S.: Business process outsourcing to the cloud: balancing costs with security risks. Comput. Ind. 104, 59–74 (2019). https://doi.org/10.1016/j.compind.2018.10.003

    Article  Google Scholar 

  3. Al-Hawari, F., Barham, H.: A machine learning based help desk system for it service management. J. King Saud Univ. Comput. Inf. Sci. 17 (2019). https://doi.org/10.1016/j.jksuci.2019.04.001

  4. Babin, R., Quayle, A.: ISO 37500 - comparing outsourcing life-cycle models. Strateg. Outsourcing Int. J. 9(3), 271–286 (2016)

    Article  Google Scholar 

  5. Bahli, B., Rivard, S.: The information technology outsourcing risk: a transaction cost and agency theory-based perspective. In: Willcocks, L.P., Lacity, M.C., Sauer, C. (eds.) Outsourcing and Offshoring Business Services, pp. 53–77. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52651-5_3

    Chapter  Google Scholar 

  6. Bhatti, B.M., Mubarak, S., Nagalingam, S.: A framework for information security risk management in it outsourcing. In: Australasian Conference on Information Systems, December 2017

    Google Scholar 

  7. Chelliah, P.R., Kumar, S.A.: A cloud-based service delivery platform for effective homeland security. In: IEEE 4th International Conference on Cyber Security and Cloud Computing, pp. 157–162 (2017)

    Google Scholar 

  8. Creswell, J.W., Creswell, J.D.: Research Design: Qualitative, Quantitative, and Mixed Methods Approaches, 5th edn. SAGE Publications Inc., Thousand Oaks (2018)

    MATH  Google Scholar 

  9. Dhillon, G., Syed, R., de Sá-Soares, F.: Information security concerns in it outsourcing: identifying (in) congruence between clients and vendors. Inf. Manag. 54(4), 452–464 (2017). https://doi.org/10.1016/j.im.2016.10.002

  10. Garcia, R., Sreekanti, V., Yadwadkar, N., Crankshaw, D., Gonzalez, J.E., Hellerstein, J.M.: Context: the missing piece in the machine learning lifecycle. In: KDD CMI Workshop, vol. 114 (2017)

    Google Scholar 

  11. Gartner: IT Outsourcing. Report, Gartner Inc. (2017). http://www.gartner.com/it-glossary/it-outsourcing

  12. González, R., Gascó, J., Llopis, J.: Information systems outsourcing reasons and risks: review and evolution. J. Glob. Inf. Technol. Manag. 19(4), 223–249 (2016). https://doi.org/10.1080/1097198x.2016.1246932

  13. Harreveld, B., Danaher, M., Lawson, C., Knight, B.A., Busch, G. (eds.): Constructing Methodology for Qualitative Research. Springer, Heidelberg (2016)

    Google Scholar 

  14. Hong, J.B., Nhlabatsi, A., Kim, D.S., Hussein, A., Fetais, N., Khan, K.M.: Systematic identification of threats in the cloud: a survey. Comput. Netw. 150, 46–69 (2019). https://doi.org/10.1016/j.comnet.2018.12.009

    Article  Google Scholar 

  15. Jackson, K., Bazeley, P.: Qualitative Data Analysis with NVivo. SAGE Publications Limited (2019)

    Google Scholar 

  16. Könning, M., Westner, M., Strahringer, S.: A systematic review of recent developments in it outsourcing research. Inf. Syst. Manag. 36(1), 78–96 (2019). https://doi.org/10.1080/10580530.2018.1553650

  17. Marcilla, J.S., de la Cámara, M., Arcilla-Cobián, M.: Do outsourcing service providers need a methodology for service delivery? Int. J. Softw. Eng. Knowl. Eng. 25(07), 1153–1169 (2015)

    Google Scholar 

  18. Miller, D.J., Xiang, Z., Kesidis, G.: Adversarial learning targeting deep neural network classification: a comprehensive review of defenses against attacks. Proc. IEEE 108(3), 402–433 (2020)

    Article  Google Scholar 

  19. Sailer, A., Mahindru, R., Song, Y., Wei, X.: Using machine learning and probabilistic frameworks to enhance incident and problem management: automated ticket classification and structuring, pp. 2975–3012. IGI Global (2017)

    Google Scholar 

  20. National Academies of Sciences, Engineering, and Medicine: Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop. The National Academies Press, Washington, DC (2019). https://doi.org/10.17226/25488

  21. Tambo, T., Filtenborg, J.: IT Service Management Architectures, pp. 409–421. IGI global (2019)

    Google Scholar 

  22. Truong, T.C., Diep, Q.B., Zelinka, I.: Artificial intelligence in the cyber domain: offense and defense. Symmetry 12(3), 410 (2020)

    Article  Google Scholar 

  23. Willcocks, L., Lacity, M., Craig, A.: Robotic process automation: strategic transformation lever for global business services? J. Inf. Technol. Teach. Cases 7(1), 17–28 (2017). https://doi.org/10.1057/s41266-016-0016-9

    Article  Google Scholar 

  24. Wulf, F., Strahringer, S., Westner, M.: Information security risks, benefits, and mitigation measures in cloud sourcing. In: 21st Conference on Business Informatics, vol. 01, pp. 258–267. IEEE (2019). https://doi.org/10.1109/CBI.2019.00036

  25. Yin, R.K.: Case Study Research: Design and Methods, 5th edn. SAGE, Thousand Oaks (2014)

    Google Scholar 

  26. Youssef, A.E.: A framework for cloud security risk management based on the business objectives of organizations. Int. J. Adv. Comput. Sci. Appl. 10(12), 186–194 (2020)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. UniSA STEM, University of South Australia, Adelaide, SA, Australia

    Baber Majid Bhatti & Sameera Mubarak

  2. UniSA Business, University of South Australia, Adelaide, SA, Australia

    Sev Nagalingam

Authors
  1. Baber Majid Bhatti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sameera Mubarak
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sev Nagalingam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Baber Majid Bhatti .

Editor information

Editors and Affiliations

  1. Department of AI, Ping An Life, Shenzhen, China

    Haiqin Yang

  2. Faculty of Information Technology, King Mongkut’s Institute of Technology Ladkrabang, Bangkok, Thailand

    Kitsuchart Pasupa

  3. City University of Hong Kong, Kowloon, China

    Andrew Chi-Sing Leung

  4. Department of Computer Science and Engineering, Hong Kong University of Science and Technology, Hong Kong, Hong Kong

    James T. Kwok

  5. School of Information Technology, King Mongkut’s University of Technology Thonburi, Bangkok, Thailand

    Jonathan H. Chan

  6. The Chinese University of Hong Kong, New Territories, Hong Kong

    Irwin King

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bhatti, B.M., Mubarak, S., Nagalingam, S. (2020). Information Security Implications of Machine-Learning-Based Automation in ITO Service Delivery – An Agency Theory Perspective. In: Yang, H., Pasupa, K., Leung, A.CS., Kwok, J.T., Chan, J.H., King, I. (eds) Neural Information Processing. ICONIP 2020. Lecture Notes in Computer Science(), vol 12533. Springer, Cham. https://doi.org/10.1007/978-3-030-63833-7_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-63833-7_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-63832-0

  • Online ISBN: 978-3-030-63833-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation