Search results

This paper aims to investigate the impact of perceived price level and information security awareness on computer users’ attitude. Moreover, this study aims to investigate the effect of attitude, subjective norms and perceived behavioral control (PBC) on intention to use anti-malware software.

Data were collected using a structured questionnaire from 225 students of five public universities in Malaysia. Purposive sampling technique was used in this study. AMOS 24 was used to test the research framework using a two-step approach.

Findings give support to some of the hypotheses developed with R2 values of 0.521 for attitude and 0.740 for intention. Perceived price level had a negative effect on attitude while information security awareness had a positive effect on attitude and intention. Attitude, subjective norms and PBC were all positively related to intention, but perceived price level did not affect intention. This suggests that benefits of using anti-malware are more than its price value. Therefore, the price has no direct effect on intention to use.

University computer networks are as open and inviting as their campuses. Therefore, this research can be helpful to the universities to safeguard their networks and encourage the students to use anti-malware. However, using anti-malware software will enable an individual to identify and prioritize security risks, quickly detect and mitigate security breaches, improve the understanding of security gaps and safeguard the sensitive data by minimizing the risks related to malware.

This study ventured to model the information security behavior of anti-malware usage by individual users by using the theory of planned behavior with the addition of two new variables, perceived price level and information security awareness to explain the behavior better.

The purpose of this paper is to point out, to non‐technical library users, the hazards of using the library's public computers.

The purpose of this paper is to articulate the dangers faced by library users, whether they be students, faculty, or staff. This paper is geared towards education and enlightenment of non‐technical users of public computers.

There are many hazards to computing, both online and off. Most public computers are not well prepared to cope with worms, Trojans and other malware. There are remedies for a lot of the malware, but as in an arms race it is a matter of catching up with the latest weapon to be presented.

Since public computers are so vulnerable to attack, library IT must be constantly vigilant for the menaces that are present. The paper shows how computers can be protected.

If this can help save one computer's workload by making people aware of the dangers involved, the information is well worthwhile.

The purpose of this paper is to describe how malware can harm the library's computers, and how technology can be used to protect them, in a way that can be understood by the non‐technical.

The searches encompassed articles and books on the issues of malware and technology‐based code organisms.

There were complex issues dealing with hackers and other malevolent and unscrupulous characters trying to break into computer systems for profit.

Only small indicators of the overall problem have been addressed. Much more has to be investigated and learned.

It is advisable to learn to protect your computers more effectively when “online.”

Although much has been written about the problem, few articles offer concrete solutions to the problems.

For a good number of Indians, their smartphone is their first digital computing device. They have less experience in dealing with the Internet-enabled device and hence less experience in handling security threats like malware as compared to users of other countries who have gone through the learning curve of handling such security threats using other Internet-enabled devices such as laptop and desktop. Because of this, the inexperienced Indian smartphone user may be vulnerable to Internet-related security breaches, as compared to the citizens of developed economies. Hence, it is essential to understand the attitude, behaviour and security practices of smartphone users in India. Limited research is available about the security behaviour of smartphone users in India as the majority of research in this domain is done outside India.

In this empirical study, the researchers identified 28 cybersecurity behaviours and practices through a survey of relevant literature. An online survey of identified cybersecurity behaviours and practices was administered to 300 smartphone users. Frequency analysis of the respondent data was done to understand the adoption of recommended cybersecurity behaviours and practices. Pearson’s chi-square with 5% level of significance has been used to test the hypotheses. Post hoc analysis with Bonferroni correction was conducted for statistically significant associations.

Overall, the respondents did not exhibit good cybersecurity behaviour. Respondents have adopted some of the most popular security features of the smartphone such as the use of screen lock. However, respondents have not adopted or are not aware of the technical security controls such as encryption and remote wipe. Statistically significant differences were found between the cybersecurity behaviour and practices and independent variables such as gender, age, mobile operating system (OS) and mother tongue. Respondents reported high level of motivation to protect their device and data, whereas they reported moderate level of threat awareness and the ability to protect to their device and data. Results of the comparative analysis with a similar study in China and the USA are also reported in this study.

The main limitations of this study are as follows: the respondents' perceptions about their cybersecurity behaviours and practices were measured as opposed to their actual behaviours and practices and the generalizability of the study is limited because the sample size is small as compared to the total number of smartphone users in India.

The findings of this study may be useful for the design of effective cybersecurity prevention and intervention programs for general smartphone users of India.

This study provides an insight about cybersecurity behaviour of smartphone users in India. To the knowledge of the researchers, this is the first study to collect such quantitative data of smartphone users in India for a better understanding of the cybersecurity behaviours and practices. This study identified 28 cybersecurity behaviours and practices, which smartphone users should follow to improve cybersecurity.

The purpose of this paper is to identify and investigate the security issues an organisation operating in the “new” online environment is exposed to through Web 2.0 applications, with specific focus on unauthorised access (encompassing hackers). The study aims to recommend possible safeguards to mitigate these incremental risks to an acceptable level.

An extensive literature review was performed to obtain an understanding of the technologies driving Web 2.0 applications. Thereafter, the technologies were mapped against Control Objectives for Information and Related Technology (CobiT) and Trust Service Principles and Criteria and associated control objectives relating to security risks, specifically to hacker risks. These objectives were used to identify relevant risks and formulate appropriate internal control measures.

The findings show that every organisation, technology and application is unique and the safeguards depend on the nature of the organisation, information at stake, degree of vulnerability and risks. A comprehensive security program, including a multi‐layer technological, as well as an administrative component, should be implemented. User training on acceptable practices should also be conducted.

Obtaining an understanding of Web 2.0 and Web 2.0 security is important, as Web 2.0 is a new, poorly understood technology and with the growing mobility of users, the potential surface area of attack increases and should be managed. The paper will help organisations, information repository managers, information technology (IT) professionals, librarians and internal and external auditors to understand the “new” risks relating to unauthorised access, which previously did not exist in an on‐line environment, and will assist the development of a framework to limit the most significant risks.

As mobile malware and virus are rapidly increasing in frequency and sophistication, mobile social media has recently become a very popular attack vector. The purpose of this paper is to survey the state-of-the-art of security aspect of mobile social media, identify recent trends, and provide recommendations for researchers and practitioners in this fast moving field.

This paper reviews disparate discussions in literature on security aspect of mobile social media though blog mining and an extensive literature search. Based on the detailed review, the author summarizes some key insights to help enterprises understand security risks associated with mobile social media.

Risks related to mobile social media are identified based on the results of the review. Best practices and useful tips are offered to help enterprises mitigate risks of mobile social media. This paper also provides insights and guidance for enterprises to mitigate the security risks of mobile social media.

The paper consolidates the fragmented discussion in literature and provides an in-depth review to help researchers understand the latest development of security risks associated with mobile social media.

Firms continue to struggle with end users who do not follow recommended actions for safeguarding information security. Thus, the authors utilize insights gained from studies on heuristic processing of risk information to design cues in fear appeal messages more effectively so as to more strongly engender fear among users, which can in turn lead them to take protective actions toward information security. Specifically, four types of fear appeal cues are identified: numeric risk communication, social distance and goal framing in verbal risk communication and visual risk communication.

Drawing from protection motivation theory, the authors hypothesize that these fear appeal cues can engender fear among users to a greater extent. In addition, the authors hypothesize that users will perceive a higher level of severity and susceptibility when they perceive a large amount of fear. The research hypotheses were tested employing data collected through a laboratory experiment. Analysis of variance (ANOVA) and regression analyses were performed to analyze the data.

The study's results suggest that numeric and visual risk communication cues in security notices can significantly increase the amount of fear felt by users. In addition, social distance was found to marginally increase the amount of fear felt by users. However, unlike our expectation, goal framing was not found to increase the amount of fear when the other three types of fear appeal cues were also given in a security notice. It was also found that induced fear can increase the severity and susceptibility of threats as perceived by users.

The study contributes to the literature on fear appeal cues designed to promote users' security protection behaviors. No prior study has designed security notices featuring the four different types of fear appeal cues and empirically tested the effectiveness of those cues in inducing fear among users. The findings suggest that the design of fear appeal cues can be improved by understanding individuals' heuristic processing of risk information, which can be subject to cognitive biases.

This paper presents the design, development and trialling of the mobile execution environment (MEE), a secure portable execution environment designed to support secure teleworking. Teleworking is an established work practice, yet often the information security controls in the teleworking location are weaker than those in a corporate office. Security concerns also prevent organisations allowing personnel to telework.

The design science research methodology was applied to develop the MEE, and this paper is structured using the process elements of the methodology.

In this paper, the problem addressed and the design objectives are defined. The design and implementation is discussed, and the testing and trialling approach adopted to demonstrate the MEE is summarised. An evaluation of the demonstration results against the design objectives is presented.

The MEE is part of an ongoing research project using open source software; the structure and functionality of the software can limit or influence the direction of the research.

The MEE provides a secure portable execution environment suitable for transaction-oriented work performed remotely; e.g. teleworkers performing customer support work.

The paper contributes to encouraging the implementation of teleworking.

The MEE builds on the concept of a portable executable operating system that uploads onto a PC through an external port. The MEE extends this concept by providing a hardened secure computing environment that is uploaded from a secure storage device or a standard thumb drive (USB flash drive).

The purpose of this paper is to investigate the information security behavior of mobile device users in the context of data breach. Much of the previous research done in user information security behavior have been in broad contexts, therefore creating needs of research that focuses on specific emerging technologies and trends such as mobile technology.

This study was an empirical study that gathered survey data from 390 mobile users. Delphi study and pilot study were conducted prior to the main survey study. Partial Least Square Structural Equation Modeling was used to analyze the survey data after conducting pre-analysis data screening.

This study shows that information security training programs must be designed by practitioners to target the mobile self-efficacy (MSE) of device users. It also reveals that practitioners must design mobile device management systems along with processes and procedures that guides users to take practical steps at protecting their devices. This study shows the high impact of MSE on users’ protection motivation (PM) to protect their mobile devices. Additionally, this study reveals that the PM of users influences their usage of mobile device security.

This study makes theoretical contributions to the existing information security literature. It confirms PM theory’s power to predict user behavior within the context of mobile device security usage. Additionally, this study investigates mobile users’ actual security usage. Thus, it goes beyond users’ intention.

On the one hand, there are traditional banks with high street branches; on the other hand, there are neobanks that do not operate physical branches. The ongoing lockdown has placed restrictions on the movement of people. This study aims to extend knowledge on new trends to provide financial services amid the COVID-19 global pandemic. The study also explores social media's impact on banking in the United Kingdom from the total relationship marketing (TRM) theory (Gummesson, 2017). Tweets from 12 banks in the United Kingdom were thematically analysed to understand the challenges and issues banks face due to the pandemic and how they use Twitter to communicate and engage customers since they provide financial services through mobile applications. The location, which influences service delivery, is crucial for delivering financial services to their customers. The analysis presents three key themes: service update, preparation and delivery. Banks use Twitter to highlight updates about their services, provide information on measures to support the ongoing transition to online banking and communicate changes implemented to improve service delivery. This study provides theoretical and managerial implications for stakeholders interested in financial services management, information technology management and customer behaviour.