Search results
21 – 30 of 99The frequency and sophistication of cybercrimes are increasing. These cybercrimes are impacting government and private organizations as well as individuals. One of the…
Abstract
Purpose
The frequency and sophistication of cybercrimes are increasing. These cybercrimes are impacting government and private organizations as well as individuals. One of the countermeasures is to improve the cyber hygiene of the end-users. Serious games or game-based learning has emerged as a promising approach for implementing security education, training and awareness program. In this paper, the researchers propose a tabletop card game called Cyber Suraksha to increase threat awareness and motivate users to adopt recommended security controls for smartphone users. Cyber Suraksha provides an active learning environment for the players. This paper aims to provide the details of the design and evaluation of the game using a between-subjects design.
Design/methodology/approach
The researchers have used constructive learning theory and the Fogg behaviour model (FBM) to design a tabletop card game called Cyber Suraksha. The researchers evaluated the game using a between-subjects design. The participants' responses in the control and intervention groups were collected using the risk behaviour diagnosis scale. Pearson’s Chi-Square test with a 5% significance level was used to test the hypotheses.
Findings
The results indicate that the game is enjoyable and fun. Cyber Suraksha game effectively motivates users to adopt the recommended security control for the targeted behaviour. The results indicate that the participants in the intervention group are 2.65 times more likely to adopt recommended behaviour. The findings of this study provide evidence for the effectiveness of hope and fear appeals in improving cybersecurity awareness.
Research limitations/implications
The generalizability of the study is limited because the sample size is small compared to the total number of smartphone users in India, and only students from computer/IT UG programs in India are used as participants in this study.
Practical implications
This study uses hope and a fear appeal to design an effective serious game. It also demonstrates using the FBM and constructive learning principles for effective serious game design. Cyber Suraksha is effective for the student group and may be tested with other age groups.
Originality/value
To the researchers' knowledge, there are no serious games for cybersecurity awareness focusing on the threats faced by smartphone users based on FBM and constructive learning theory. This research used hope along with a fear appeal to motivate smartphone users to adopt recommended security controls.
Details
Keywords
Salvatore Aurigemma and Thomas Mattson
This paper aims to examine the impact an individual’s long-term orientation (a cultural dimension) has on their attitude, behavioral intention and actual voluntary security…
Abstract
Purpose
This paper aims to examine the impact an individual’s long-term orientation (a cultural dimension) has on their attitude, behavioral intention and actual voluntary security actions taken in the context of the dangers related to poor account access management.
Design/methodology/approach
The paper relied upon survey data and actual usage information from a culturally diverse sample of 227 individuals who were introduced to the specific security problem and the accepted solution of using a password manager application.
Findings
The paper provides empirical evidence that the effect of positive attitudes increased when individuals were more long-term oriented, but the effect was reversed for average/negative attitudes toward the voluntary security behavior. Furthermore, participants with high long-term orientation and strong positive attitudes toward the security action actually adopted password manager applications 57 per cent more than the average adoption rate across the sample.
Research limitations/implications
Due to the research approach (survey data), security context and sample population, the research results may lack generalizability.
Practical implications
The findings suggest that security awareness messaging and training should account for differences in long-term orientation of the target audience and integrate the distinctly different types of messages that have been shown to improve an individual’s participation in voluntary security actions.
Originality/value
The paper addresses previous research calls for examining possible cultural differences that impact security behaviors and is the only study that has focused on the impact of long-term orientation, specifically on voluntary security actions.
Details
Keywords
Wenyuan Wang and Sira Yongchareon
This study aims to identify the level of security from existing work, analyze categories of security as a service (SECaaS) and classify them into a meaningful set of groups…
Abstract
Purpose
This study aims to identify the level of security from existing work, analyze categories of security as a service (SECaaS) and classify them into a meaningful set of groups. Further, the report will advise commercial applications and advice of SECaaS as an extended context to help firms make decisions.
Design/methodology/approach
This paper compares the SECaaS categories in Cloud Security Alliance (CSA) with the security clauses in ISO/IEC 27002:2013 to give a comprehensive analysis of those SECaaS categories. Reviewed from a number of related literature, this paper analyzes and categorizes SECaaS into three major groups including protective, detective and reactive based on security control perspectives. This study has discussed the three groups and their interplay to identify the key characteristics and problems that they aim to address.
Findings
This paper also adds new evidence to support a better understanding of the current and future challenges and directions for SECaaS. Also, the study reveals both the positive and negative aspects of SECaaS along with business cases. It advises on various sizes and domains of organizations to consider SECaaS as one of their potential security approaches.
Originality/value
SECaaS has been demonstrated to be one of the increasingly popular ways to address security problems in Cloud computing. As a new concept, SECaaS could be treated as integrated security means and delivered as a service module in the Cloud. However, it is still in infancy and not very widely investigated. Recent studies suggest that SECaaS is an efficient solution for Cloud and real industries. However, shortcomings of SECaaS have not been well-studied and documented. Moreover, reviewing the existing research, researchers did not classify the SECaaS-related categories.
Details
Keywords
Kaspersky is a top global cybersecurity firm based in Russia. US Senators and the Department of Homeland Security have accused Kaspersky of having links with Russian officials…
Details
DOI: 10.1108/OXAN-DB227497
ISSN: 2633-304X
Keywords
Geographic
Topical
This paper intends to propose a concept for capturing the strategically important competences of a firm.
Abstract
Purpose
This paper intends to propose a concept for capturing the strategically important competences of a firm.
Design/methodology/approach
A case study accompanies the development of the concept advanced in this paper. The case study relies on project findings within the context of cloud security in the health, banking and telecommunications industries.
Findings
The strategic competences of a firm can be recognised effectively when managers follow the sequential steps “elicit‐solve‐categorise‐formulate‐map‐prioritise‐conduct” as an analysis instrument. Different patterns of action are required for treating the competences identified, according to their strategic significance.
Research limitations/implications
Scholars are invited to improve the proposed concept and enrich it with more empirical cases or data.
Practical implications
The concept suggested in this paper may serve as a basis for managers to pursue durable advantages by recognising and embarking on strategic competences.
Originality/value
Competences are commonly acknowledged as sources to achieve sustained competitive advantage for firms. Many authors have commented on the properties that competences must possess in order to be strategic. Few, however, have discussed the potential of a more general concept for capturing and treating strategically important competences. A structured framework is therefore suggested in this study.
Details
Keywords
Ifeyinwa Juliet Orji and Chukwuebuka Martinjoe U-Dominic
Cybersecurity has received growing attention from academic researchers and industry practitioners as a strategy to accelerate performance gains and social sustainability…
Abstract
Purpose
Cybersecurity has received growing attention from academic researchers and industry practitioners as a strategy to accelerate performance gains and social sustainability. Meanwhile, firms are usually prone to cyber-risks that emanate from their supply chain partners especially third-party logistics providers (3PLs). Thus, it is crucial to implement cyber-risks management in 3PLs to achieve social sustainability in supply chains. However, these 3PLs are faced with critical difficulties which tend to hamper the consistent growth of cybersecurity. This paper aims to analyze these critical difficulties.
Design/methodology/approach
Data were sourced from 40 managers in Nigerian 3PLs with the aid of questionnaires. A novel quantitative methodology based on the synergetic combination of interval-valued neutrosophic analytic hierarchy process (IVN-AHP) and multi-objective optimization on the basis of a ratio analysis plus the full multiplicative form (MULTIMOORA) is applied. Sensitivity analysis and comparative analysis with other decision models were conducted.
Findings
Barriers were identified from published literature, finalized using experts’ inputs and classified under organizational, institutional and human (cultural values) dimensions. The results highlight the most critical dimension as human followed by organizational and institutional. Also, the results pinpointed indigenous beliefs (e.g. cyber-crime spiritualism), poor humane orientation, unavailable specific tools for managing cyber-risks and skilled workforce shortage as the most critical barriers that show the highest potential to elicit other barriers.
Research limitations/implications
By illustrating the most significant barriers, this study will assist policy makers and industry practitioners in developing strategies in a coordinated and sequential manner to overcome these barriers and thus, achieve socially sustainable supply chains.
Originality/value
This research pioneers the use of IVN-AHP-MULTIMOORA to analyze cyber-risks management barriers in 3PLs for supply chain social sustainability in a developing nation.
Details
Keywords
Neha Chhabra Roy and Sreeleakha P.
This study addresses the ever-increasing cyber risks confronting the global banking sector, particularly in India, amid rapid technological advancements. The purpose of this study…
Abstract
Purpose
This study addresses the ever-increasing cyber risks confronting the global banking sector, particularly in India, amid rapid technological advancements. The purpose of this study is to de velop an innovative cyber fraud (CF) response system that effectively controls cyber threats, prioritizes fraud, detects early warning signs (EWS) and suggests mitigation measures.
Design/methodology/approach
The methodology involves a detailed literature review on fraud identification, assessment methods, prevention techniques and a theoretical model for fraud prevention. Machine learning-based data analysis, using self-organizing maps, is used to assess the severity of CF dynamically and in real-time.
Findings
Findings reveal the multifaceted nature of CF, emphasizing the need for tailored control measures and a shift from reactive to proactive mitigation. The study introduces a paradigm shift by viewing each CF as a unique “fraud event,” incorporating EWS as a proactive intervention. This innovative approach distinguishes the study, allowing for the efficient prioritization of CFs.
Practical implications
The practical implications of such a study lie in its potential to enhance the banking sector’s resilience to cyber threats, safeguarding stability, reputation and overall risk management.
Originality/value
The originality stems from proposing a comprehensive framework that combines machine learning, EWS and a proactive mitigation model, addressing critical gaps in existing cyber security systems.
Details
Keywords
This chapter examines the implications of blockchain ventures for international business. The author highlights the advantages blockchain technologies can create for firms seeking…
Abstract
This chapter examines the implications of blockchain ventures for international business. The author highlights the advantages blockchain technologies can create for firms seeking to access international markets for investors, customers, employees, and suppliers. Overall, the international character of initial coin offerings and their business models suggest several advantages over traditional internationalization methods.
Details
Keywords
Kenneth Snead, Fred Coleman and Earl McKinney
This chapter presents findings from a recently conducted process for obtaining Accounting Advisory Board (AAB) input related to Master of Accountancy curriculum of one university…
Abstract
This chapter presents findings from a recently conducted process for obtaining Accounting Advisory Board (AAB) input related to Master of Accountancy curriculum of one university. Board members represent both large and small public accounting firms as well as corporate offices of Fortune 500 companies and non-profit organizations. AAB input includes perceptions of the relative importance of over 160 candidate topics for the courses making up the program’s infrastructure, as well as written comments noting other potential topics and pedagogical approaches to consider. Comparisons of topic rankings reveal a strong level of consistency among Board member types for the traditional accounting courses with structured content, as opposed to those courses involving more systems-related topics or having a wider range of specialized topics. Furthermore, the authors compare Board perceptions regarding topic necessity to those of faculty and note faculty reactions. Specifically, the authors find that faculty ranking consistency with the Board is weak, illustrating the importance of seeking curricular Board input on an ongoing basis. To “close the loop,” faculty incorporated many curriculum changes, involving both the topics to be covered and the overall approach to the course.
Details