Search results

The human factor is the most important defense asset against cyberattacks. To ensure that the human factor stays strong, a cybersecurity culture must be established and cultivated in a company to guide the attitudes and behaviors of employees. Many cybersecurity culture frameworks exist; however, their practical application is difficult. This paper aims to demonstrate how an established framework can be applied to determine and improve the cybersecurity culture of a company.

Two surveys were conducted within eight months in the internal IT department of a global software company to analyze the cybersecurity culture and the applied improvement measures. Both surveys comprised the same 23 questions to measure cybersecurity culture according to six dimensions: cybersecurity accountability, cybersecurity commitment, cybersecurity necessity and importance, cybersecurity policy effectiveness, information usage perception and management buy-in.

Results demonstrate that cybersecurity culture maturity can be determined and improved if accurate measures are derived from the results of the survey. The first survey showed potential for improving the dimensions of cybersecurity accountability, cybersecurity commitment and cybersecurity policy effectiveness, while the second survey proved that these dimensions have been improved.

This paper proves that practical application of cybersecurity culture frameworks is possible if they are appropriately tailored to a given organization. In this regard, scientific research and practical application combine to offer real value to researchers and cybersecurity executives.

Effective customer journey design (ECJD) is considered a key variable in customer experience management and an essential source of brand meaning and pro-brand behavior. Although previous research has confirmed its importance for driving brand attitudes and loyalty, the role of consumer-brand identification as a social identity-based influence in this relationship has not yet been discussed. Drawing on construal level and social identity theories, this paper aims to investigate whether effective journeys and the resulting overall journey experience are equally powerful in driving brand loyalty among customers with different levels of consumer-brand identification.

The present article develops and tests a research model using data from the European and US service sectors (N = 1,454) to investigate how and when ECJD affects service brand loyalty.

Across two cultural contexts, four service industries and 33 service brands, the results reveal that ECJD is a crucial driver of service brand loyalty for customers with low consumer-brand identification. Moreover, the findings show that different aspects of journey effectiveness positively impact the valence of customers’ experience related to those journeys – a process that is ultimately decisive for their brand loyalty.

This study is unique because it generates theoretical and practical knowledge by combining the literature streams of customer journey design, customer experience and branding. Furthermore, this work demonstrates that consumer-brand identification is a critical boundary condition to be considered in the relationship between ECJD and brand loyalty in services.

The purpose of this study is to situate information and communications technology (ICT) “transparency reports” within the theoretical framework of corporate social responsibility (CSR) reporting. The self-denominated transparency report serves a dual purpose of highlighting an ICT company’s socially responsible behavior while also holding government agencies accountable for surveillance and requests for user data. Drawing on legitimacy theory, neo-institutional theory and stakeholder theory, this exploratory study examines how ICT companies are implementing industry-specific voluntary disclosures as a form of CSR.

A content analysis of ICT voluntary nonfinancial reporting (N = 88) was used to identify motivating principles, the company positioning to stakeholders, the relevant publics and intended audience of these disclosures and the communication strategy used to engage primary stakeholders.

Key findings suggest that most ICT companies used transparency reporting to engage consumers/users as their primary stakeholders and most used a stakeholder information strategy. A majority of ICT companies signaled value-driven motives in their transparency reports while also positioning the company to stakeholders as a protector of user data and advocate for consumer rights.

This study enriches the literature on CSR communication strategies and reporting practices by extending it to an underdeveloped topic of study: novel voluntary disclosures as CSR activities of prominent ICT companies (i.e. “Big Tech”). These polyphonic reports reflect varied motives, varied positioning and varied stakeholders. For market-leading companies, transparency reporting can serve to legitimize existing market power. And for midsize and emerging companies, transparency reporting can be used to signal adherence to industry norms – set by market-leading companies.