Search results

This paper aims to provide a maturity model for information security awareness (MMISA), based on the literature, expert interviews and feedback. In addition to developing the MMISA, the authors investigate the role of the three decisive factors that affect ISA maturity level: risk management mechanism, organizational structure and ISA.

The research methodology is a combined one; qualitative and quantitative methods were applied, including surveying the literature, interviews and developing a survey to collect quantitative data about decisive factors that affect ISA maturity level. The authors perform a variance-based partial least squares-structural equation modeling (PLS-SEM) investigation of the relationships between these factors.

The investigation of decisive factors of ISA maturity levels revealed that if the authors identify a strong risk assessment mechanism (through a documented methodology and reliable results), the authors can expect a high level of ISA. If there is a well-defined organizational structure with clear responsibilities, this supports the linking of a risk management mechanism with the level of ISA. The connection between organizational structure and ISA maturity level is supported by ISA activities: an increased level of awareness actions strengthens an organizational structure via the best practices learned by the staff.

The main contribution of the proposed MMISA model is that the model offers controls and audit evidence for maturity levels. Beyond that, the authors distinguish in the MMISA model controls supporting knowledge and controls supporting attitude, emphasizing that this is not enough to know what to do, but the proper attitude is required too. The authors didn't find any other ISA maturity model which has a similar feature. The contribution of the authors' work is that the authors provide a method for solving this complex measurement problem via the MMISA, which also offers direct guidance for the daily practices of organizations.

This paper aims to determine the impact of mentorship on the development of self-directedness among beginner teachers in their initial years of teaching.

The researcher adopted a positivist paradigm to explore the situation of concern. Quantitative research was conducted, involving the collection and analysis of numerical data. Two closed-ended structured questionnaires were utilised, derived from the 40-item self-directed learning readiness scale (SDLRS) developed by Fisher and King, and a pre-determined questionnaire by Glazerman focused on the first-year teaching experience, induction and mentoring of beginner teachers.

Beginner teachers merely relying on the knowledge obtained from their studies is insufficient to achieve a satisfactory level of self-directedness when starting a teaching career. Most beginner teachers faced significant challenges in their early years of teaching due to the absence of mentoring support. In addition, most indicated that they resume their teaching duties and rely on their district for general support, guidance and orientation. Finally, the results have shown that mentoring positively impacts beginner teachers’ self-directedness.

The first limitation was that this study was narrowed to one South Africa University part-time B.Ed honours students working as beginner teachers in different provinces at primary and secondary schools. As a result, the findings of this research might be interpreted by some critics as one-sided and not representative of the views of most beginner teachers in South Africa who are working. The second limitation of this study is the sample size. In this study, 222 responses were received. As a result, the findings of this research might be considered not representative of the target sample size.

The presence and effective implementation of mentoring programmes in schools can positively impact beginner teachers' professional development and retention during their first years of teaching.

We contend that our research holds significance for international readership as it aims to garner attention towards potential research endeavours in diverse settings concerning mentorship programs for beginner teachers, specifically promoting self-directed learning. Our research offers opportunities to compare our findings with studies conducted in more comprehensive, comparative contexts and foster research possibilities in broader, contrasting contexts.

Based on the findings of this research, the availability and effective use of mentoring programmes would significantly affect beginner teachers' self-directedness, improve their retention rate and alleviate their teaching challenges. This study was the first research on the perceptions of the influence of mentoring on the self-directedness of beginner teachers.

This study aims to understand consumer behaviour in the context of online food delivery (OFD), especially given the mandatory lockdown imposed in some countries that have modified the behaviour of consumers. Using model goal-directed behaviour (MGB), this study was conducted to investigate consumer perceived risk on the use of OFD services.

Responses of food delivery services users were collected online throughout April 2020 to understand their risk profile and behaviour. A total of 339 responses were collected and subsequently analysed using partial least square (PLS). Both measurement and structural model were evaluated to ensure that the structural equation modelling (SEM) is valid.

The results revealed that attitude (ATT), subjective norm (SN), positive anticipated emotion (PAE) and negative anticipated emotion (NAE) and perceived behavioural control (PBC) significantly influenced users' desire. It was also found that PBC significantly influenced users' intention. The empirical result suggests that performance, privacy, financial, physical and the risk of contracting COVID-19 negatively influenced users' desire. In contrast, only physical and the risk of contracting COVID-19 negatively influenced users' intention to use OFD services.

These findings provide OFD service providers and scholars with significant insights into what compels urbanites to adopt OFD services amid a health pandemic. It also allows OFD companies to realign their operation in addressing these concerns and changes in consumer behaviour.

Against the backdrop of the pandemic, this study provides insights for OFD providers in developing new strategies and approaches for business development and consumer retention in a post-pandemic world.

本研究擬瞭解與網上訂餐相關的消費行為；尤其當有些國家推行了改變消費者行為的強制性封鎖政策的情況下，這類研究更具意義。透過應用目標導向行為模型，本研究擬探討消費者在使用網上訂餐服務時所意識到的風險。

研究人員於 2020年4月網上收集使用訂餐服務人士的意見，以瞭解其風險狀況和行為。研究共收集了339位人士的意見，並以偏最小二乘法進行分析。測量和結構模型均加以評估，以確保結構方程模型是站得住腳的。

研究結果顯示，態度、主觀規範、預期的正面和負面情緒、以及感知的行為控制，顯著地影響了用戶的慾望。研究結果亦發現，感知的行為控制顯著地影響了用戶的意圖。研究的經驗性結果暗示了表現、私隱、金錢上的爭議、可能會導致的身體損傷和感染2019冠狀病毒病的風險，負面地影響用戶的慾望。相比之下，影響著用戶使用網上訂餐服務的意圖的因素就只有可能會導致的身體損傷和感染2019冠狀病毒病的風險。

研究的結果，為提供網上訂餐服務的營運者和研究學者提供了重要的啟示，使他們更瞭解是什麼因素會迫使都市人在與健康息息相關的大流行病期間使用網上訂餐服務。而且，提供網上訂餐服務的公司亦可藉此重新調整其營運，以能處理客戶的憂慮和應付消費行為的變化。

在大流行病肆虐的背景下，本研究為網上訂餐服務提供者給予了啟示，以便他們能在後疫情時代制定新的策略和營運方法，以拓展其業務和留住消費者。

Cyber security has never been more important than it is today in an ever more connected and pervasive digital world. However, frequently reported shortages of suitably skilled and trained information system (IS)/cyber security professionals elevate the importance of delivering effective Security Education,Training and Awareness (SETA) programmes within organisations. Therefore, the purpose of this study is the questionable effectiveness of SETA programmes at changing employee behaviour and an absence of empirical studies on the critical success factors (CSFs) for SETA programme effectiveness.

This exploratory study follows a three-stage research design to give voice to practitioners with SETA programme expertise. Data is gathered in Stage 1 using semi-structured interviews with 20 key informants (the emergence of the CSFs), in Stage 2 from 65 respondents to a short online survey (the ranking of the CSFs) and in Stage 3 using semi-structured interviews with nine IS/cyber security practitioners (the emergence of the guiding principles). Using a multi-stage research design allows the authors to propose and evaluate the 11 CSFs for SETA programme effectiveness.

This study conducted a mean score analysis to evaluate the level of importance of each CSF within two independent groups of IS/cyber security professionals. This multi-stage analysis produces a ranked list of 11 CSFs for SETA programme effectiveness, while the difference in the rankings leads to the emergence of five CSF-specific guiding principles (to increase the likelihood of delivering an effective SETA programme within an organisational context). This analysis also reveals that most of the contradictions/differences in CSF rankings between IS/cyber security practitioners are linked to the design phase of the SETA programme life cycle. While two CSFs, “maintain quarterly evaluation of employee performance” (CSF-DS6) and “build security awareness campaigns” (CSF-EV1), represent the most significant contradiction in this study.

The 11 CSFs for SETA programme effectiveness, along with the five CSF-specific guiding principles, provide a greater depth of knowledge contributing to both theory and practice and lays the foundation for future studies. Therefore, the outputs of this study provide valuable insights on the areas that practice needs to get right to deliver effective SETA programmes.

The construction industry’s daily processes demand heavy data usage and communication between project participants to meet client requirements. Thus, the application of information technology in project implementation has been increasing in the construction sector (CS) lately. However, the same cannot be seen in public sectors responsible for implementing government projects in South Africa. This study aimed to investigate the causes and effects of the underutilisation of information communication technology (ICT) in the building section of a public sector in a municipality in South Africa.

A qualitative approach was adopted for the study, using a public sector in one of the municipalities as a case study. Face-to-face interviews were conducted among the building unit workers, using unstructured interview questions. The data collected were analysed using the ATLAS.ti software.

The findings indicate a lack of understanding of existing and newly available ICT software and hardware technology among staff within the building technology due to lack of digitalisation in construction projects implementation, inadequate system upgrades, lack of adequate ICT resources, lack of financial resources for internet and software application subscriptions and lack of ICT training leading. The issues mentioned above have led to the outsourcing of projects professionals, slow pace of electronic emails, untrained professionals, usage of different and unlicensed software, resulting in the underutilisation of ICT within the whole building section. This change also adversely affects all officials, especially the junior officials who have graduated using the most recent ICT technology during their studies.

The building department of only one public sector was used for the study; therefore, the findings may not be generalisable. The case study public sector’s name is withheld for confidentiality purposes.

Adequate change management and continuous development, combined with the allocation of proper resources, would be necessary for all staff members. Enormous investments had to be made in the ICT equipment by providing a sufficient budget in the building section of the public sectors. The building section within public sectors should provide change management to all aged skills staff by attending seminars to learn new ICT technology applied within its work environment.

The study established the causes of the underutilisation of ICT in the CS, especially in the public work departments and municipalities, and how this contributes to service delivery.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

Researchers looking for ways to change the insecure behaviour that results in phishing have considered multiple possible reasons for such behaviour. Therefore, the purpose of this paper is to understand the role of optimism bias (OB – defined as a cognitive bias), which characterises overly optimistic or unrealistic individuals, to ensure secure behaviour. Research that focused on issues such as personality traits, trust, attitude and Security, Education, Training and Awareness (SETA) was considered.

This study built on a recontextualized version of the theory of planned behaviour to evaluate the influence that optimism bias has on phishing susceptibility. To model the data, an analysis was performed on 226 survey responses from a South African financial services organisation using partial least squares (PLS) path modelling.

This study found that overly optimistic employees were inclined to behave insecurely, while factors such as attitude and trust significantly influenced the intention to behave securely.

Our contribution to practice seeks to enhance the effectiveness of SETA by identifying and addressing the optimism bias weakness to deliver a more successful training outcome.

Our study enriches the Information Systems literature by evaluating the effect of a cognitive bias on phishing susceptibility and offers a contextual explanation of the resultant behaviour.