Information and Computer Security

A collaborative cybersecurity framework for higher education

Ahmed Ali Otoom, Issa Atoum, Heba Al-Harahsheh, Mahmoud Aljawarneh, Mohammed N. Al Refai, Mahmoud Baklizi

The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity…

Understanding information security awareness: evidence from the public healthcare sector

Martina Neri, Elisabetta Benevento, Alessandro Stefanini, Davide Aloini, Federico Niccolini, Annalaura Carducci, Ileana Federigi, Gianluca Dini

Information security awareness (ISA) mainly refers to those aspects that need to be addressed to effectively respond to information security challenges. This research used focus…

Validating and extending the unified model of information security policy compliance

Marcus Gerdin

The purpose of this study is to further validate and extend the unified model of information security policy compliance (UMISPC) developed by Moody et al. (2018).

Large-scale agile security practices in software engineering

Cláudia Ascenção, Henrique Teixeira, João Gonçalves, Fernando Almeida

Security in large-scale agile is a crucial aspect that should be carefully addressed to ensure the protection of sensitive data, systems and user privacy. This study aims to…

Hey “CSIRI”, should I report this? Investigating the factors that influence employees to report cyber security incidents in the workplace

Kristiina Ahola, Marcus Butavicius, Agata McCormac, Daniel Sturman

Cyber security incidents pose a major threat to organisations. Reporting cyber security incidents and providing organisations with information about their true nature, type and…

How demographic and appearance cues of a potential social engineer influence trust perception and risk-taking among targets?

Israa Abuelezz, Mahmoud Barhamgi, Armstrong Nhlabatsi, Khaled Md. Khan, Raian Ali

The aim of this study is to investigate how the demographics and appearance cues of potential social engineers influence the likelihood that targets will trust them and accept…

Comparing experts’ and users’ perspectives on the use of password workarounds and the risk of data breaches

Michael J Rooney, Yair Levy, Wei Li, Ajoy Kumar

The increased use of Information Systems (IS) as a working tool for employees increases the number of accounts and passwords required. Despite being more aware of password…

The role of artificial intelligence (AI) in improving technical and managerial cybersecurity tasks’ efficiency

Ruti Gafni, Yair Levy

Artificial intelligence (AI) can assist in the worldwide shortage of cybersecurity workers in technical and managerial roles. Thus, the purpose of this study was to investigate…

A taxonomy of factors that contribute to organizational Cybersecurity Awareness (CSA)

Joakim Kävrestad, Felicia Burvall, Marcus Nohlberg

Developing cybersecurity awareness (CSA) is becoming a more and more important goal for modern organizations. CSA is a complex sociotechnical system where social, technical and…

Cybersecurity in digital supply chains in the procurement process: introducing the digital supply chain management framework

Mari Aarland

This paper aims to explore the cybersecurity challenges the electric power industry faces due to its increased reliance on digital supply chains (DSCs), focusing on the…

Unraveling the dynamics of password manager adoption: a deeper dive into critical factors

Xiaoguang Tian

The purpose of this study is to comprehensively explore the password manager adoption landscape, delving into crucial factors such as performance, trust, social influence…

Understanding the factors that motivate South African home fibre users to protect their home networking devices: a protection motivation theory

Luzuko Tekeni, Reinhardt A. Botha

As home users are increasingly responsible for securing their computing devices and home networks, there is a growing need to develop interventions to assist them in protecting…

The effects of persuasion principles on perceived honesty during shoulder surfing attacks

Keith S. Jones, McKenna K. Tornblad, Miriam E. Armstrong, Jinwoo Choi, Akbar Siami Namin

This study aimed to investigate how honest participants perceived an attacker to be during shoulder surfing scenarios that varied in terms of which Principle of Persuasion in…

Factors that influence secure behaviour while using mobile digital devices

Marcel Spruit, Deborah Oosting, Celine Kreffer

The use of mobile digital devices requires secure behaviour while using these devices. To influence this behaviour, one should be able to adequately measure the behaviour. The…

Expressing opinions about information security in an organization: the spiral of silence theory perspective

Gregor Petrič, Špela Orehek

Expressing views on organizational information security (IS) by employees is vital for improving security processes, policies and trainings, while non-communication may conceal…

Cybersecurity, cyber insurance and small-to-medium-sized enterprises: a systematic Review

Rodney Adriko, Jason R.C. Nurse

This study aims to offer insights into the state of research covering cybersecurity, cyber insurance and small- to medium-sized enterprises (SMEs). It examines benefits of…

Trends and challenges in research into the human aspects of ransomware: a systematic mapping study

Garret Murray, Malin Falkeling, Shang Gao

The purpose of this paper is to provide an overview of the trends and challenges relating to research into the human aspects of ransomware.

Regulating digital security by design? Implications of the perspectives from DSbD programme stakeholders

Ian Slesinger, Niki Panteli, Lizzie Coles-Kemp

As part of the growing necessity for inter-organisational and multi-disciplinary interaction to facilitate complex innovation in digital security, there needs to be greater…

Human factors in remote work: examining cyber hygiene practices

Tuğçe Karayel, Bahadır Aktaş, Adem Akbıyık

The purpose of this paper is to investigate the cyber hygiene practices of remote workers.

Mining Reddit users’ perspectives on cybersecurity competitions: a mixed method approach

Chen Zhong, Hong Liu, Hwee-Joo Kam

Cybersecurity competitions can effectively develop skills, but engaging a wide learner spectrum is challenging. This study aims to investigate the perceptions of cybersecurity…

Optimism bias in susceptibility to phishing attacks: an empirical study

Morné Owen, Stephen V. Flowerday, Karl van der Schyff

Researchers looking for ways to change the insecure behaviour that results in phishing have considered multiple possible reasons for such behaviour. Therefore, the purpose of this…

Bridging knowledge gap: the contribution of employees’ awareness of AI cyber risks comprehensive program to reducing emerging AI digital threats

Amir Schreiber, Ilan Schreiber

In the modern digital realm, while artificial intelligence (AI) technologies pave the way for unprecedented opportunities, they also give rise to intricate cybersecurity issues…

Human-centric cyber security: Applying protection motivation theory to analyse micro business owners’ security behaviours

Hassan Jamil, Tanveer Zia, Tahmid Nayeem, Monica T. Whitty, Steven D'Alessandro

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However…

Information security policy effectiveness: a managerial perspective of the financial industry in Vietnam

Thai Pham, Farkhondeh Hassandoust

Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec…

Investigation on information security awareness based on KAB model: the moderating role of age and education level

Binh Huu Nguyen, Huong Nguyen Quynh Le

This study aims to investigate the moderating role of sociodemographic factors, specifically age and education level, in the knowledge-attitude-behavior (KAB) model concerning…

An assessment of critical success factors in information security implementation in organizations in Ghana

Joshua Nterful, Ibrahim Osman Adam, Muftawu Dzang Alhassan, Abdallah Abdul-Salam, Abubakar Gbambegu Umar

This paper aims to identify the critical success factors in improving information security in Ghanaian firms.

Exploring the critical success factors of information security management: a mixed-method approach

Hao Chen, Yuge Hai

Effective information security management (ISM) contributes to building a healthy organizational digital ecology. However, few studies have built an analysis framework for…