Author Archives: luketredinnick

Best Paper Prize 2017: second runner-up

Each year Business Information Review awards a prize for the best paper published over the course of the previous year. The best paper prize reflects the pinnacle of research and professional scholarship in the business information sector. Last years winners, Théresé Ahern and Jacqueline Beattie won for their paper, Embedding Library and Information Management Techniques into Business Processes: a case study, which explored the experiences of embedding librarianship and integrating the working practices and skills of the content management team with corporate workflows and processes.

This year the Editors and Editorial board have decided to recognise three papers: the best paper prize winner and two highly commended runners-up. This reflects the quality of many of the papers published over the year, and the tough competition for the best paper prize. We’ll be announcing all three papers over the coming months on this blog and in the June issue of Business Information Reviews, and all three will be available for a short period of time to download for free via this blog.

Today we are announcing the second runner-up of the Business Information Review best paper prize 2017. The second runner-up is Danny Budzak, for his paper: Information Security: The People Issue. Like our previous runner-up for the BIR best paper prize, Danny’s paper was featured in our Information Security themed issue published in June 2017. It examines the information security issues raised by the involvement of people with information systems, setting out both the threats to information systems and the risks associated with information systems, before addressing the mitigation of those threats through managing roles, responsibilities, relationships and training.

Danny Budzak’s article will be available to download for free for a short time from the link below. If you have not already read it, download it while you can; if you have already read it we recommend a second look. Meanwhile the winner of the 2017 best paper prize will be announced in the June 2017 issue of Business Information Review, and on this blog when the June issue is published.

Best Paper Prize 2017: first runner-up

Each year Business Information Review awards a prize for the best paper published over the course of the previous year. The best paper prize reflects the pinnacle of research and professional scholarship in the business information sector. Last years winners, Théresé Ahern and Jacqueline Beattie won for their paper, Embedding Library and Information Management Techniques into Business Processes: a case study, which explored the experiences of embedding librarianship and integrating the working practices and skills of the content management team with corporate workflows and processes.

This year the Editors and Editorial board have decided to recognise three papers: the best paper prize winner and two highly commended runners-up. This reflects the quality of many of the papers published over the year, and the tough competition for the best paper prize. We’ll be announcing all three papers over the coming months on this blog and in the June issue of Business Information Reviews, and all three will be available for a short period of time to download for free via this blog.

Today we are announcing the first runner-up of the Business Information Review best paper prize 2017. The first runner-up for 2017 is Nick Wilding for his paper Cyber Resilience: how important is your reputation: How effective are your people?. Nick’s paper was published in the June 2016 issue of the journal as a part of our themed issue on information security and risk. It argued that information professionals need to move beyond a concept of cyber-security toward cyber resilience, and addressed how organisations can approach preventing, detecting, responding to and recovering from cyber-attacks while minimising damage to reputation and competitive advantage. Nick’s article was very highly ranked by the Editorial Board of Business Information Review, and is essential reading for anyone involved in information security issues. Congratulations to Nick for a fantastic contribution not only to the journal but to the professional literature.

Nick Wilding’s article we be available to download for free for a short time from the link below. If you have not already read it, download it while you can; if you have already read it we recommend a second look. Meanwhile the second of our runners up will be announced here in a few weeks’ time.

Access the article for free here

The General

Author: Stephen Phillips, Executive Director Morgan Stanley and BIS Editorial Board Member

Please note this post contains the personal views of the author and are not connected with his employer

I am a fan of 1960s and 1970s British science fiction TV series.  The forerunners of today’s boxed sets and the binge habits they engender, these productions reflect a simpler but no less sinister, dystopian view of the world.  I used to be somewhat embarrassed by my viewing choices, but recent events in the UK suggest I am not the only nostalgic person with a hankering to go back 40+ years to relive those halcyon days!

One particular favourite is The Prisoner, which is being rerun on one of the myriad of satellite channels.  I recently found myself watching Episode 6: “The General”, which concerns a new technology with mind altering education capabilities; teaching a three year degree course in 3 minutes via television, an early form of product placement or a new spin on information literacy perhaps?

Number 6 (the main character) believes the technology may be used for mind control and discovers “The General” to be a sophisticated super computer that can answer any question.  Number 6, determined to sabotage it asks” The General” a question it cannot answer; typed on a keyboard to produce a punched card which is then fed into a slot in the computer: the preferred GUI of the day!  The computer starts to smoke and shake as it overloads before exploding and killing the bad guys.  “What was the question?” asks Number 2, “Why?” responds Number 6.

Clearly there are many parallels with the recent emergence of super computers, AI and robotics; but not natural language programming which had not be foreseen in 1967!   However, I recount this episode for a different reason.  The reaction of “The General” was remarkably similar to that of information professionals at two recent conferences when I posed them the question: “Why do you exist?”

Having taken inspiration from Simon Sinek and his TED presentation, (https://www.youtube.com/watch?v=sioZd3AxmnE), website and book (https://www.startwithwhy.com/ ).  Sinek explains that, whilst we can all talk extensively about what we do and how we do it, the most successful people and organisations can articulate their “why”.

What is their “why”?  It is their purpose; the cause or belief that inspires them, allowing them to drive their business forward and appeal successfully to clients, sponsors and stakeholders?

Unfortunately, no one can tell you your Why, but I recommend you start to figure it out, and quickly.  Establishing a shared belief will galvanise you and your team with a common sense of purpose and mission.  Furthermore, if you align it with your organisations’ mission it enables your clients, sponsors and stakeholders to buy in and advocate for you.

Don’t forget,  your stakeholders do not need to know (and much less care) about what you do, and still less how you do it: that’s your job as a subject matter expert.  They do need to know Why you are there and how you will help the organisation deliver its goals.  It is critical you link your vision to your organisation’s goals, cascading that vision and the objectives to your colleagues to enable them to feel you all share the purpose.  They in turn can then link their individual objectives to those goals, thereby making them part of the whole organisation.

Unlike Number 6, we cannot cause the omnipresent (but not omniscient) super computer to go into meltdown or roll back the technology tide; but if you “magnify your mission” you will have a shared sense of purpose, understand where and how you fit in, how our contribution benefits your organisation and enable you to chart your strategy to ensure information professionals continue to create value for the future.

Privacy, Security and the crossover with Information Services

Author Tracy Maleeff, Sherpa Intelligence LLC and BIR Editorial Board Member

In the March 2017 issue of the Business Information Review, Paul Pedley wrote about the “Relevance of privacy for corporate library and information services.” I find myself in an interesting position in regards to the intersection of library and information services with information privacy and security. After enjoying library work for almost 15 years in a variety of settings, I decided to make a career move towards the information security industry. I suspected that librarians and information professionals have the skills to be integral to the security processes of an organization, and I keep finding opportunities to confirm this. Pedley’s article resonated with me because I’m essentially living in that intersection of LIS and security.

In the information security world, I often give talks, podcasts, and write about how security professionals can utilize principles from library and information science for their work. Given my unique perspective, I will share some insight on how library and information services professionals can be proactive to help their organizations with security. To compliment Paul Pedley’s article, I’ve rounded up three practical, every day security practices that can help librarians and information professionals become allies on the security front of their organizations.

Get to know the IT or security team at your organization. Before you try to execute any activities yourself, talk to the people within your organization who handle data privacy and information security matters. Find out what their pain points are and ask how your two departments can collaborate.

       Understand the basic vocabulary of security. Do you know what a DDoS is? How about an 0day? Do you know the differences between phishing, spear phishing, and whaling? You don’t need to know the technology behind these terms, but it can be helpful if you can have at least a basic understanding of the terminology used. Learning these terms can also help you do more comprehensive research for your clients or users. If you are asked to research a specific company and you see a headline with that company’s name and the letters DDoS in the headline, that’s important and you should understand how that affects the business. The National Institute of Standards and Technology has a glossary of terms. However, it is very technical, so for the less-technically inclined, utilize a resource like the National Cyber Security Alliance.

Passwords. Most libraries and on-site information professionals have a role in managing passwords for their users, as it pertains to databases and subscriptions that fall under the jurisdiction of the library. Many law firm libraries, for example, utilize enterprise electronic resource management software like Onelog. In addition to tracking usage, resources like that are also password managers. That is a great opportunity to encourage users to create long and strong passwords, and flag any duplicate usage. (Which, by the way, is a discourage password practice from a security standpoint.) Librarians and information professionals are too busy to become the “password police,” but they have a unique opportunity to help the security goals of the organization by being on the front lines of password defense when dealing with users.

I’m not suggesting that librarians and information professionals need to become security specialists, in addition to their primary jobs. What I’m advocating for is becoming security allies within organizations, be collaborative with the IT people, and learn some of the lingo in order to better service users or clients. Corporate and law firm libraries are often in a constant battle to justify their existence within an organization, to prove their value. Security and privacy issues are only going to be more prevalent. Librarians and information professionals have a unique position to gain a little bit of knowledge in this area in order to cement their position of value within an organization.