Abstract:
Virtually unlimited information dissemination in the age of the Internet has enabled novel ways to threaten
companies. Relevant activities are taking place outside corporate spheres of influence which means that it may
be difficult to become aware of activities happening online. In this paper, we argue that this task exceeds the
traditional scope of security management and propose a distributed approach to account for the broad scope of
the challenge. In particular, we argue for viewing organizations as distributed cognition systems as this provides
a conceptual basis for integrating shared problem awareness and distributed threat recognition with regular
business processes.
