1. No category

University of Innsbruck
School of Management
Information Systems
Die Balance zwischen Wissensteilung und
Wissensschutz
4. Kremser Wissensmanagementtage
22.04.2015
Dr. Stefan Thalmann
Agenda
1
II
IV
V
• Motivation & Background
• Sample
• Results
• Conclusion & Outlook
Stefan Thalmann – 4. Kremser Wissensmanagementtage
2
Agenda
1
II
IV
V
• Motivation & Background
• Sample
• Results
• Conclusion & Outlook
Stefan Thalmann – 4. Kremser Wissensmanagementtage
3
Motivation

„Jede Firma, die einen Knowhow-Vorsprung hat, ist bedroht.
Wir haben in Österreich viele kleine und mittlere Betriebe, die
auf ihren Spezialsektoren weltweit an der Spitze sind“ [Max Burger-
Scheidlin von der Internationalen Handelskammer (ICC)]

Schaden durch Industriespionage 30 bis 60 Milliarden € Euro
pro Jahr in Deutschland [Verfassungsschutz BRD]

5 Milliarden € Schadenspotential in Österreich [BMI]

48 Prozent des Know-how-Diebstahls verursachen eigene
Mitarbeiter [Corporate Trust]

knapp die Hälfte der deutschen Maschinen- und Anlagenbauer
sehen Know-how-Schutz als überlebenswichtig für Ihr
Unternehmen an [VDMA]
Stefan Thalmann – 4. Kremser Wissensmanagementtage
4
Why Protecting Knowledge?

Strong motivation to extend security perspective to
knowledge:
 True competitive advantage is knowledge of employees (Black
and Synan 1997; Norman 2001, Bloodgood and Salisbury 2001)
Solely sharing has detrimental affects on firms (Norman 2002):
Research and Practice widely do not pay attention to
knowledge protection (Väyrynen 2013, Jennex & Olfman 2005)
Knowledge protection is one of the key knowledge
management strategies (Bloodgood & Salisbury, D 2001)
Organizations currently lack knowledge protection and
security-oriented KM processes related to social media.




(Pawlowski et al, 2014)
Stefan Thalmann – 4. Kremser Wissensmanagementtage
5
Scope of knowledge protection
Sender
Receiver
Documented
Information Security

CMS, KMS…
Nondocumented
Unclassified documents
Knowledge Protection X
Collaboration environments
Social media
Voice communication
http://corporateknowledgesolutions.files.wordpress.com/2011/06/wq-icebergunderwater.jpg
Stefan Thalmann – 4. Kremser Wissensmanagementtage
6
Linking Knowledge Protection and Risk Mgmt
Risk Management
PERFORMANCE MEASUREMENT
IT SECURITY MANAGEMENT
KNOWLEDGE MANAGEMENT
Knowledge protection
requirements
Security requirements
Selection of control objectives
Security controls
Transformation
Control Design
Selection of control objectives
Definition of performance metrics
Transformation
Security Controls
Definition of performance metrics
(Internal) IT audits
Knowledge protection
controls
Control Design
Knowledge audits
Configurations
Practices & Configurations
Verify control implementation
Verify control implementation
(Thalmann et. al, 2014)
Stefan Thalmann – 4. Kremser Wissensmanagementtage
7
Protection Measures
People
Product
Process
Formal
•
•
•
NDAs
NCAs
Ground rules
•
•
•
•
•
NDAs
NCAs
IPR
Ground rules
Securing devices
•
•
•
•
•
•
•
•
Informal
•
Recruiting &
Indoctrination
Counterintelligence
Education
Awareness training
Leadership
Role creation
•
•
•
•
•
Awareness training
•
Lead time
Secrecy/concealment •
Standardization/
Annotation
•
•
•
•
•
Stefan Thalmann – 4. Kremser Wissensmanagementtage
NDAs
NCAs
IPR
Ground rules
(physical) access control
Securing comm. channels
Securing devices
Accountability &
separation of duties
Awareness training
Leadership
Role creation
(based on Manhart &Thalmann 2015)
8
Knowledge flows and the level of knowledge protection
amount
of knowledge
Δmax
K
out
K
in
level of knowledge protection
Stefan Thalmann – 4. Kremser Wissensmanagementtage
9
Agenda
1
II
IV
V
• Motivation & Background
• Sample
• Results
• Conclusion & Outlook
Stefan Thalmann – 4. Kremser Wissensmanagementtage
10
Sample
Semi-structured interviews in 16 different networks
• 16 key agent interviews á 120 min
• 61 agent inteviews á 60 min
Construction
Germany
#
Interviews
Member
Org.
Healthcare
UK
Cluster
Austria
29
24
24
30-1600
27-2600
63-139
53 Characteristics in 6 categories:
•
•
•
•
•
•
Network demographics
Member demographics
Nature of links
Network management
ICT
Services
Stefan Thalmann – 4. Kremser Wissensmanagementtage
11
11
Agenda
1
II
IV
V
• Motivation & Background
• Sample
• Results
• Conclusion & Outlook
Stefan Thalmann – 4. Kremser Wissensmanagementtage
12
Overview
subgroups with high trust
Share with people with low
proximities
Stefan Thalmann – 4. Kremser Wissensmanagementtage
Share partial aspects of the
knowledge base
Share common knowledge
and protect the crucial
13
Share in subgroups with high trust

trust reduces the risk and fear of knowledge misuse

higher willingness to share knowledge in small subgroups

ratio of shared and received knowledge is considered

skimmers are quickly identified

it is easier to assess the knowledge sharing ratio in smaller
subgroups rather than in the entire network

building such subgroups mainly rely on gut feeling
Stefan Thalmann – 4. Kremser Wissensmanagementtage
14
Share partial aspects of the knowledge base

people share only parts of their knowledge or discuss on a very
high level to make assimilation more difficult
“I cannot go into every detail because I would hand over 100% of my work to another person, he could
work immediately with it. This is so to say as if I would hurt myself or empower others to do it on my
level, which would take a long time otherwise”

depends on competitors ability to assimilate knowledge

level of detail depends on level of regulation

complexity of knowledge as an effective protection mechanism
Stefan Thalmann – 4. Kremser Wissensmanagementtage
15
Share with people with low proximities

high proximities facilitate the knowledge transfer and
employees can more easily assimilate knowledge

intention is to reduce the knowledge outflow and the
impact of shared knowledge
“The non-utility of my knowledge to the context of others protects
my knowledge per se”

however, it is more difficult to use incoming knowledge
Stefan Thalmann – 4. Kremser Wissensmanagementtage
16
Share common knowledge and protect the crucial

sharing already known knowledge increase reputation
without having negative consequences

exchange of knowledge which is subject of regulations is
highly appreciated also with competitors

knowledge which is not subject to guidelines, standards
or norms is protected
Stefan Thalmann – 4. Kremser Wissensmanagementtage
17
Agenda
1
II
IV
V
• Motivation & Background
• Procedure
• Results
• Conclusion & Outlook
Stefan Thalmann – 4. Kremser Wissensmanagementtage
18
“Ends” of Knowledge Sharing
Description
Trigger
IT
Protection
capability
Open to certain
extent
Open to certain
group
Open to certain
topic
General open, but
Share with subgroups
Share topical
details protected
of network
knowledge only
Reluctance to
Uncertainty about
Legal restrictions
contribute
sharing behavior and
Fear of imitation
legal issues
Collaboration with
Forums, blogs 
IPR tool to enforce
Collaborative IT for
e-mail, phone
NDAs
protection awareness
ambiguity
enforcement
concealment
competitors
(Manhart et al, 2015)
Stefan Thalmann – 4. Kremser Wissensmanagementtage
19
Conclusion and Outlook

taking and giving behavior is crucial for the interaction in networks

people apply the four knowledge protection practices in a sense that
they maximize their knowledge gain

the extent to which each practice is applied depends on the
maturity of the knowledge

SME lack resources to build supportive IT capabilities and it seems
promising that networks fill this gap

Further investigation of knowledge protection practice
Stefan Thalmann – 4. Kremser Wissensmanagementtage
20
Thank you for your attention!
Stefan Thalmann – 4. Kremser Wissensmanagementtage
21
Literature
Alstete, J (2003): Trends in Corporate Knowledge Asset Protection. Journal of Knowledge Management Practice.
Black, D.H. and Synan, C.D. (1997), “The learning organisation: the sixth discipline'', Management Accounting, Vol. 75 No.10.
Bloodgood, JM; Salisbury, D (2001): Understanding the Influence of Organizational Change Strategies on Information Technology and
Knowledge Management Strategies. Decision Support Systems. 31(1): p. 55-69.
Maria Mårtensson, (2000),"A critical review of knowledge management as a management tool", Journal of Knowledge Management, Vol. 4 Iss:
3 pp. 204 – 216
Manhart, M., & Thalmann, S. (2015). Protecting Organizational Knowledge: A Structured Literature Review. in Journal of Knowledge
Management, 19(2)
Manhart, M, Thalmann, S., Maier, R. (2015) The Ends of Knowledge Sharing in Networks: Using Information Technology to Start Knowledge
Protection, to appear in European Conference on Information Systems, Münster, Germany.
Norman, PM (2002): Protecting Knowledge in Strategic Alliances: Resource and Relational Characteristics. The Journal of High Technology
Management Research. 13(2): p. 177-202.
Norman, PM (2002): Protecting Knowledge in Strategic Alliances: Resource and Relational Characteristics. The Journal of High Technology
Management Research. 13(2): p. 177-202.
Pawlowski, J. M., Bick, M., Peinl, R., Thalmann, S., Maier, R., Hetmank, L., Pirkkalainen, H. (2014). Social Knowledge Environments. Business &
Information Systems Engineering, 6(2).
Jennex, M; Olfman, L (2005): Assessing Knowledge Management Success. International Journal of Knowledge Management 1(2): p. 33-49.
Väyrynen, K; Hekkala, R; Liias, T (2013): Knowledge Protection Challenges of Social Media Encountered by Organizations. Journal of
Organizational Computing and Electronic Commerce. 23(1): p. 34-55.
Thalmann, S., & Manhart, M. (2013). Enforcing Organizational Knowledge Protection: An Investigation of Currently Applied Measures.
Proceedings of the Seventh pre-ICIS Workshop on Information Security and Privacy (WISP), Milan, Italy.
Thalmann, S., Manhart, M., Ceravolo, P., & Azzini, A. (2014). An Integrated Risk Management Framework: Measuring the Success of
Organizational Knowledge Protection. in International Journal of Knowledge Management, 10(2).
Stefan Thalmann – 4. Kremser Wissensmanagementtage
22