Skip to main content
Log in

The role and importance of trust: A study of the conditions that generate and undermine sensitive information sharing

  • Original Article
  • Published:
Security Journal Aims and scope Submit manuscript

Abstract

This article evaluates the role of trust in a specific area of security activity, sensitive information sharing. It begins by exploring the nature of trust, and then moves on to highlight on the one hand some of the security benefits when trust is evident, and on the other the risks that can accrue when trust is misplaced. It then moves on to report the findings from an empirical study by discussing how three key elements: process issues, people issues and technology can, when done well improve the security of information sharing, indeed, it can create additional security opportunities, and when done badly can undermine it. In conclusion the article asserts that the generation of trust is fundamental to effective sensitive information exchange but this poses real challenges including in deciding how much trust is appropriate.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Aleem, A. and Sprott, C. (2013) Let me in the cloud: Analysis of the benefit and risk assessment of cloud platform. Journal of Financial Crime 20(1): 6–24.

    Article  Google Scholar 

  • Andress, A. (2003) Surviving Security: How to Integrate People, Process and Technology. Auerbach Publications.

    Book  Google Scholar 

  • Bailey, T. (2002) On trust and philosophy. The philosophy of trust, Open University Reith Lectures 2002, http://www.open2.net/trust/on_trust/on_trust1.htm, accessed March 2013.

  • Beautement, A. et al (2008) Modelling the human and technological costs and benefits of USB memory stick security, http://homepages.abdn.ac.uk/d.j.pym/pages/pym-weis-2008.pdf, accessed 14 June 2013.

  • Bierstaker, J.L. (2009) Differences in attitudes about fraud and corruption across cultures: Theory, examples and recommendations. Cross Cultural Management 16(3): 241–250.

    Article  Google Scholar 

  • Capelli, D., Moore, A. and Trzeciak, R. (2012) The Cert Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud). Upper Saddle River, NJ: Pearson Education.

    Google Scholar 

  • Cavanagh, T.E. (2005) Corporate Security Measures and Practices. The Conference Board, SR-05-01, Conference Board: London, March.

  • Cofta, P. (2011) The Trustworthy and Trusted Web. Foundations and Trends in Web Science Vol. 2 No. 4 Delft: The Netherlands.

    Google Scholar 

  • Cook, K., Hardin, R. and Levi, M. (2005) Cooperation without Trust?. New York: Russell Sage Foundation.

    Google Scholar 

  • Crane, S. and Reinecke, P. (eds.) (forthcoming) Trust Domains Guide: A Guide to Identifying, Modelling, and Establishing Trust Domains.

  • Denize, S. and Young, L. (2007) Concerning trust and information. Industrial Marketing Management 36(7): 843–1018.

    Article  Google Scholar 

  • Driscoll, J.W. (1978) Trust and participation in organizational decision making as predictors of satisfaction. The Academy of Management Journal 21(1): 44–56.

    Article  Google Scholar 

  • Eccles, R.G., Newquist, S.C. and Schatz, R. (2007, February) Reputation and its risks. Harvard Business Review 85(2): 104–114.

    Google Scholar 

  • Fukuyama, F. (1995) Trust: The social virtues, and the creation of prosperity. New York, NY: The Free Press.

    Google Scholar 

  • Gill, M. (2013) Engaging the Corporate Sector in Policing: Realities and Opportunities. Policing: A Journal of Policy and Practice 7(3): 273–279.

    Article  Google Scholar 

  • Gill, M. (ed.) (2014) Exploring some contradictions of modern day security. In: The Handbook of Security. 2nd edn. London: Palgrave Macmillan.

    Chapter  Google Scholar 

  • Gill, M.L. and Goldstraw-White, J.E. (2010) Theft and fraud by employees. In: F. Brookman, M. Maguire, H. Pierpoint and T. Bennett (eds.) Handbook of Crime. Uffculme, UK: Willan.

    Google Scholar 

  • Gill, M. and Howell, C. (2014) Policing Organisations: The Role of the Corporate Security Function and the Implications for Suppliers. International Journal of Police Science and Management 16(1): 65–75.

    Article  Google Scholar 

  • Gomm, R. (2008) Social Research Methodology: A Critical Introduction. Basingstoke, UK: Palgrave Macmillan.

    Book  Google Scholar 

  • Hamou-Lhadj, A. and Hamou-Lhadj, A. (2009) A governance framework for building secure IT systems. International Journal of Security and Its Applications 3(2): 15–20.

    Google Scholar 

  • Haralambos, M. and Cofta, P. (2010) Practitioner’s challenges in designing trust into online systems. Journal of Theoretical and Applied Electronic Commerce Research 5(3): 66.

    Google Scholar 

  • Hough, M. (2012) Researching trust in the police and trust in justice: A UK perspective. Policing and Society: An International Journal of Research and Policy 22(3): 332–345.

    Article  Google Scholar 

  • Hough, M., Jackson, J., Bradford, B., Myhill, A. and Quinton, P. (2010) Procedural justice, trust and institutional legitimacy. Policing: A Journal of Policy and Practice 4(3): 203–210.

    Article  Google Scholar 

  • ISACA. (2009) An introduction to the business model for information security, http://www.isaca.org/Knowledge-Center/Research/Documents/Introduction-to-the-Business-Model-for-Information-Security_res_Eng_0109.pdf, accessed March 2013.

  • Janes, P. (2012) People, process, and technologies impact on information data loss, http://www.sans.org/reading_room/whitepapers/dlp/people-process-technologies-impact-information-data-loss_34032, accessed 14 June 2013.

  • Johnson, K. and Grayson, D. (2005) Cognitive and affective trust in service relationships. Journal of Business Research 58(4): 500.

    Article  Google Scholar 

  • Kelton, K., Fleischmann, K. and Wallace, W. (2008) Trust in digital information. Journal of the American Society for Information Science and Technology 59(3): 363–374.

    Article  Google Scholar 

  • Keval, H.U. and Sasse, M.A. (2010) Not the usual suspects: A study of factors reducing the effectiveness of CCTV. Security Journal 23(2): 134–154.

    Article  Google Scholar 

  • Kirschenbaum, A., Mariani, M., Van Gulijk, C., Lubasz, S., Rapoport, C. and Andriessen, H. (2012) Airport security: An ethnographic study. Journal of Air Transport Management 18: 68–73.

    Article  Google Scholar 

  • Levi, M. (2008) The Phantom Capitalists: The Organisation and Control of Long-Firm Fraud. Aldershot, UK: Ashgate.

    Google Scholar 

  • Mayer, C. (2008) Trust in financial markets. European Financial Management 14(4): 617–632.

    Article  Google Scholar 

  • Mcknight, D. and Chervany, N. (1996) The meanings of trust. Carlson School of Management, University of Minnesota, http://misrc.umn.edu/workingpapers/fullpapers/1996/9604_040100.pdf, accessed 12 July 2013.

  • Moss, K. (2009) Security and Liberty: Restriction by Stealth. Basingstoke, UK: Palgrave Macmillan.

    Book  Google Scholar 

  • Moss, K. (2011) Balancing Liberty and Security: Human Rights and Human Wrongs. Basingstoke, UK: Palgrave, Macmillan.

    Book  Google Scholar 

  • Newman, J. (1998) The dynamics of trust. In: A. Coulson (ed.) Trust and Contracts. Bristol, UK: Policy Press.

    Google Scholar 

  • Nyaupane, G., Graefe, A. and Burns, R. (2009) The role of equity, trust and information on user fee acceptance in protected areas and other public lands: A structural model. Journal of Sustainable Tourism 17(4): 501–517.

    Article  Google Scholar 

  • Peterson, G. (2010) Don’t trust. And verify: A security architecture stack for the cloud. IEEE Security and Privacy 8(5): 83–86.

    Article  Google Scholar 

  • Ponemon Institute. (2012) 2011 cost of data breach study United States, http://www.symantec.com/content/en/us/about/media/pdfs/b-ponemon-2011-cost-of-data-breach-us.en-us.pdf, accessed 14 June 2013.

  • Robinson, S.L. (1996) Trust and breach of the psychological contract. Administrative Science Quarterly 41(4): 574–599.

    Article  Google Scholar 

  • Sasse, A., Ashenden, D., Lawrence, D., Coles-Kemp, L., Fléchais, I. and Kearney, P. (2007) Human Factors Working Group White Paper: Human Vulnerabilities in Security Systems Knowledge Transfer Networks, University College London: London.

  • Schneier, B. (2012) Liars and Outliers. New York: Wiley.

    Google Scholar 

  • Solomon, R.C. (2000) Trusting. In: M. Wrathall and J. Malpas (eds.) Heidegger, Coping, and Cognitive Science: Essays in Honor of Hubert L. Dreyfus. Vol. 2 Cambridge, MA: The MIT Press, pp. 229–244.

    Google Scholar 

  • Toh, S. and Srinivas, E. (2012) Perceptions of task cohesiveness and organizational support increase trust and information sharing between host country nationals and expatriate coworkers in Oman. Journal of World Business 47(4): 696–705.

    Article  Google Scholar 

  • Tomkins, C. (2001) Interdependencies, trust and information in relationships, alliances and networks. Accounting, Organizations and Society 26(2): 161–191.

    Article  Google Scholar 

  • Wang, Y. and Emurian, H. (2005) An overview of online trust: Concepts, elements, and implications. Computers in Human Behavior 21(1): 105–125.

    Article  Google Scholar 

  • Young, L. (2006) Trust: Looking forward and back. Journal of Business and Industrial Marketing 21(7): 439–445.

    Article  Google Scholar 

Download references

Acknowledgements

The project on which research for this study is based was funded by the Technology Strategy Board (Project TP/400206) and EPSRC. Project partners are: HP Labs, Perpetuity Research Limited, Oxford University, Birmingham University, Aberdeen University and University College London. We would like to thank colleagues from partner organisations who helped us develop the ideas in this article and specifically Philipp Reinecke (HP), Simon Arnell (HP), Ruth Crocker, Charlotte Howell, Sarah Webb (Perpetuity Research) and two anonymous referees for comments on earlier drafts of this article.

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gill, M., Crane, S. The role and importance of trust: A study of the conditions that generate and undermine sensitive information sharing. Secur J 30, 734–748 (2017). https://doi.org/10.1057/sj.2015.13

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1057/sj.2015.13

Keywords

Navigation