Knowledge Sharing and Information Security: A Conflict of Interest?

Abstract

The purpose of this paper is to explore the paradoxical and concurrent nature of knowledge sharing and

information security and address an important yet predominantly overlooked research gap in the middle-ground between

the disciplines of knowledge management and information security.

Firstly, relevant knowledge sharing literature is reviewed, establishing how it is defined, what the most common human,

organisational and technological factors influencing this practice are, the acts of knowledge hiding and knowledge

hoarding and the role of knowledge protection in relation to knowledge sharing. Secondly, information security literature is

reviewed, determining how the concept is defined, what the most common human, organisational and technological

information security threats and subsequent protection measures are. Finally, literature on knowledge sharing and

information security is synthesized to draw attention to their middle-ground, investigate the relationship and highlight their

inherently conflicting aims and present the research gap.

By reviewing the literature on knowledge sharing and information security, particularly, by exploring their relationship, an

inherent conflict and research gap has been identified. Further, knowledge management literature has focused on

facilitation of knowledge sharing and overlooked knowledge protection, whereas information security has focused

primarily on technical aspects and protecting ‘information’ and explicit knowledge, and subsequently neglected the

development of more holistic approaches that include tacit knowledge protection. Although, some researchers have

highlighted concerns regarding the conflict and aimed to explore the area of knowledge protection, the level of overall

research on this topic in knowledge sharing literature, or in the wider discipline of knowledge management, is sparse.

Further, due to the lack of empirical research on the issue, there is a lack of guidance for organisations about managing the

conflict, protecting sensitive ‘knowledge’ and broadening their KM strategy and aligning it consciously with information

security practices.

There is a subsequent need for empirical studies to identify the ways the conflict can manifest itself in different

organizational settings and development of guidelines based on these.

This paper simultaneously explores and bridges the disciplines of knowledge management and information security and by

focusing on their concurrent nature and middle-ground and highlights the inherent conflict between knowledge sharing and

information security practices. The research gap is elicited using a holistic and informed approach by presenting a set of

assumptions drawn from pervious literature from both disciplines.