Search results
1 – 4 of 4Ruti Gafni and Yair Levy
While data breaches are reported daily, organizations are struggling with quantifying their cybersecurity posture. This paper aims to introduce the Universal Cybersecurity…
Abstract
Purpose
While data breaches are reported daily, organizations are struggling with quantifying their cybersecurity posture. This paper aims to introduce the Universal Cybersecurity Footprint Index (UCFI), an organizational measure of Cybersecurity Footprint. The UCFI helps organizations understand the challenges related to their overall cybersecurity posture and be able to assess it for their supply chain cybersecurity. The Theory of Cybersecurity Footprint states that the risk and damage that can be caused by an attacked organization are not related to the size of the organization but to a range of parameters that may affect the interconnected entities in their supply chain.
Design/methodology/approach
Based on the 26 elements found in prior research, a survey was conducted, using 27 subject matter experts to reveal the most relevant elements and then specify their importance level to calculate their relative weight.
Findings
Results indicated that 20 of the 26 elements were validated, and their weights were calculated. Finally, an equation representing the UCFI for an organization is introduced.
Practical implications
Organizations can choose their partners according to a minimum value of the UCFI to reduce their cybersecurity risks.
Social implications
Supply chain cybersecurity incidents have demonstrated in the past several years to provide a massive impact on society. Thus, further assisting in mitigation of cyberattacks to the supply chain is significant.
Originality/value
This research aims to provide further assistance for organizations in quantifying their cybersecurity footprint in effort to help reduce cyber incidents, especially those for small organizations.
Details
Keywords
Nitza Geri, Ruti Gafni and Peter Bengov
The purpose of this empirical study is to investigate extrinsic motivations that may affect adding or acknowledging user-generated content (UGC) on business websites, which are…
Abstract
Purpose
The purpose of this empirical study is to investigate extrinsic motivations that may affect adding or acknowledging user-generated content (UGC) on business websites, which are based on voluntary crowdsourcing.
Design/methodology/approach
A conceptual model of extrinsic motivations for knowledge sharing in UGC-based websites was developed, suggesting reciprocity, awareness of rewards and prestige as main extrinsic motivations for adding content. The model was examined via an online survey of users of three websites that varied in the attributes of knowledge shared and reward type: The Traveler (tangible rewards), Stack Overflow (virtual rewards) and Waze (virtual rewards).
Findings
Importance of extrinsic motivations varied among websites, as it may be affected by attributes of the knowledge shared. Reciprocity positively affected recommending the website, and adding content affected acknowledging content.
Research limitations/implications
Investigating extrinsic motivations is important because websites may take actions that affect them. Further research is required to reveal the potential of voluntary crowdsourcing in business contexts addressing both intrinsic and extrinsic motivations, prosumption and open innovation.
Practical implications
When reciprocity is a major aspect of a UGC website, badges and similar mechanisms may serve as a main extrinsic motivation to share knowledge.
Originality/value
The novel empirically validated model provides theoretical and practical insights for designing mechanisms for increasing extrinsic motivation for knowledge sharing according to specific characteristics of UGC websites.
Details
Keywords
Yair Levy and Ruti Gafni
This paper aims to introduce the concept of cybersecurity footprint.
Abstract
Purpose
This paper aims to introduce the concept of cybersecurity footprint.
Design/methodology/approach
Characteristics of cybersecurity footprint are presented based on documented cases, and the domino effect of cybersecurity is illustrated. Organizational and individual cybersecurity footprints are outlined. Active and passive – digital vs cybersecurity footprints are then reviewed. Taxonomy of aware/unaware vs active/passive cybersecurity footprints are presented, followed by brief discussion of the implications for future research.
Findings
The concept of cybersecurity footprint is defined, and the evidence from prior cyber incidents is shown to emphasize the concept. Smaller organizations may have a large cybersecurity footprint, whereas larger organizations may have smaller one. Cyberattacks are focusing on the individuals or small organizations that are in the supply chain of larger organizations causing the domino effect.
Practical implications
Implications of cybersecurity footprint to individuals, organizations, societies and governments are discussed. The authors present organizations with ways to lower cybersecurity footprint along with recommendations for future research.
Social implications
Cybersecurity has a significant social implication worldwide, as the world is becoming cyber dependent. With the authors’ introduction of the cybersecurity footprint concept and call to further understand how organizations can measure and reduce it, the authors envision it as another perspective of assessing cyber risk and further help mitigate future cyber incidents.
Originality/value
This paper extends the existing information and computer security body of knowledge on the concept of cybersecurity footprint with illustrated cases.
Details
Keywords
Ruti Gafni and Tal Pavel
This paper aims to analyze the changes in cyberattacks against the health-care sector during the COVID-19 pandemic.
Abstract
Purpose
This paper aims to analyze the changes in cyberattacks against the health-care sector during the COVID-19 pandemic.
Design/methodology/approach
The changes in cyberattacks of the health-care sector are analyzed by examination of the number and essence of published news concerning cybersecurity attacks on the health-care sector during 2019 and compared them to those published during 2020, based on two main websites, which review such incidents.
Findings
This study found that there was a significant growth in reports of cyberattacks on the health-care sector. Moreover, the number of cyberattacks fit interestingly to the pattern of waves of the disease, which expanded worldwide. During the first wave the number of reports was doubled or even tripled, compared to the same period in 2019, a tendency that was slightly waned afterwards.
Practical implications
This study helps to deepen the awareness of information security implications of a potential global devastating crisis, even in the cybersecurity domain, and on the health-care sector, among various other affected sectors and domains.
Social implications
COVID-19 pandemic created long-term wide-range changes that affect every individual and sector, mainly owing to the shift to remote working model, which impose long-term new cybersecurity changes, among them to the health-care industry.
Originality/value
This paper extends the existing information on implication of remote working model on information security and of the COVID-19 pandemic on the cybersecurity of health-care institutions around the world.
Details