Search results

Understanding the computer-virus propagation is quite essential for the construction and development of anti-virus policy. While researches about the anti-virus policy have been extensively investigated, the viewpoint from sociological perspective is relatively ignored. Therefore, this paper aims to explore the dynamics of computer-virus propagation and evaluate the effectiveness of anti-virus policies through the sociological perspective.

This research constructs a virus-propagation model based on the susceptible-exposed-infective-recovered epidemic concept to simulate and explore the dynamic behavior of multipartite computer viruses through the tool of system dynamics. The effectiveness of various anti-virus policies is then evaluated via this model.

The frequency of media contact has a significant effect on the virus infection rate. The effectiveness of user self-prevention relies on the usefulness of the virus signatures. The reporting/alarm process can enhance the capability of anti-virus software company and the detected intensity of new threat. The quarantine policy can effectively reduce the spread of computer virus.

Individuals should strengthen the self-awareness of information security to reduce the negative impact. Managers should construct and implement the information security norm to regulate the behavior of staff. Anti-virus software companies should strengthen the capability of their automatic reporting/alarm mechanism to early detect the exceptional conditions and control new threats in time.

Information security management research is still in the growth phase, but it is critically important to establish the groundwork for understanding of computer viruses and the effectiveness of anti-virus policy from assorted perspectives. The major contribution of research is to explore the propagation of multipartite computer viruses and study how to prevent their destruction from the sociological and technical perspectives.

Organizations and individuals today need to have a comprehensive virus protection policy to face the growing threats of Internet computer viruses. The purpose of this paper is to introduce to the reader the threats that Internet computer viruses can cause and provide guidelines on how organizations or individuals can protect themselves against these viruses. Discusses the full set of virus types. Recommends the development of virus protection policy for organizations.

The purpose of this paper to review the legislative framework for social media records in Botswana. The goal is to determine the extent to which the current legislation in Botswana covers the management of social media records.

This paper applied a qualitative research methodology and used documentary review method to collect data for analysis. The data collected was reviewed and organised into themes that cut across all the data sources to answer the main research objective.

The findings of this paper show that the Botswana Government has made strides in reforming some legislation to address issues that rise with the continued use of the internet and cloud services in the country. However, a review of the legislation established that the reforms were not comprehensive enough for records generated on social media. The relevant subsidiary legislation also fell shot in filing this gap in the country’s legislative framework.

Research into the legislative framework for records generated on social media platforms in Botswana still needs more insights, specifically guidelines in the implementation of the current legislation in the country.

The findings of this paper can be used by both Botswana and other governments, especially in Africa where there is limited research in the area, to better manage records generated through the use of social media with respect to relevant legislative frameworks.

This paper is one of the first research contributions to review the legislative framework for records generated on social media in Botswana.

Information technology (IT) has been hailed as a great time and paper saver. How far is this true? Are you benefiting as much as you could from the computer on your desk or are you wasting time learning how to use complex software when it would be more cost‐effective to buy in expertise? This paper looks at what, for some, may be novel ways of using a PC and indicates areas where computer use may not be beneficial. The article is geared towards special libraries, but may have wider applications.

This study/ paper aims to empirically examine the user attitude on perceived security of enterprise systems (ES) mobility. Organizations are adopting mobile technologies for various business applications including ES to increase the flexibility and to gain sustainable competitive advantage. At the same time, end-users are exposed to security issues when using mobile technologies. The ES have seen breaches and malicious intrusions thereby more sophisticated recreational and commercial cybercrimes have been witnessed. ES have seen data breaches and malicious intrusions leading to more sophisticated cybercrimes. Considering the significance of security in ES mobility, the research questions in this study are: What are the security issues of ES mobility? What are the influences of users’ attitude towards those security issues? What is the impact of users’ attitude towards security issues on perceived security of ES mobility?

These questions are addressed by empirically testing a security model of mobile ES by collecting data from users of ES mobile systems. Hypotheses were evolved and tested by data collected through a survey questionnaire. The questionnaire survey was administered to 331 users from Chinese small and medium-sized enterprises (SME). The data was statistically analysed by tools such as correlation, factor analysis, regression and the study built a structural equation model (SEM) to examine the interactions between the variables.

The study results have identified the following security issues: users’ attitude towards mobile device security issues; users’ attitude towards wireless network security issues; users’ attitude towards cloud computing security issues; users’ attitude towards application-level security issues; users’ attitude towards data (access) level security issues; and users’ attitude towards enterprise-level security issues.

The study results are based on a sample of users from Chinese SMEs. The findings may lack generalizability. Therefore, researchers are encouraged to examine the model in a different context. The issues requiring further investigation are the role of gender and type of device on perceived security of ES mobile systems.

The results show that the key security issues are related to a mobile device, wireless network, cloud computing, applications, data and enterprise. By understanding these issues and the best practices, organizations can maintain a high level of security of their mobile ES.

Apart from understanding the best practices and the key issues, the authors suggest management and end-users to work collaboratively to achieve a high level of security of the mobile ES.

This is an empirical study conducted from the users’ perspective for validating the set of research hypotheses related to key security issues on the perceived security of mobile ES.

The information security policy document of an organization needs to be translated into controls and procedures at the implementation level. The technical and business personnel in‐charge of implementing the controls and procedures need to consider a large number of security‐related statements from a heterogeneous pool of security documentation and decide on the implementation plan. The purpose of this paper is to propose an approach to analyze a set of security statements to establish an implicit hierarchy and relative importance among them.

A set of statements relevant to e‐mail service security is chosen from the classified documentation of an IT firm. The authors contacted the technical person who was the owner of this service to obtain a one‐on‐one comparison between the policies. These policies and their inter‐relationships are represented as a graph. Centrality measures based on the in and out degrees of a node are used to calculate the relative importance of a policy. The authors present an improved approach based on DEMATEL, which considers the level of influence of one policy on another.

Security statements fall into different categories based on their relative intensity and nature. They could be of high importance or low on one axis and of driving or receiving nature on the other. The driver policies are the action items that could be implemented to satisfy a large number of other security requirements. The policies that are predominantly receiver in nature, for their fulfillment, need many other requirements to be satisfied.

The intense driver policies are the ones to be considered for immediate implementation so as to achieve maximum benefits. If such an action item cannot be implemented at the level of consideration, it needs to be communicated to the appropriate level where it could be addressed effectively. An orphaned policy statement can indicate to a high‐level requirement left without any action plan or an unnecessary control. Establishing clear linkages between the implemented controls and the organization's security policy document could be very effective in convincing the employees to adhere to security practices.

Analyzing a set of informal security statements to identify the linkages between them is a novel idea. While other works establish the need for translating the security policy to lower levels of implementation, the authors propose an approach to identify the existence or absence of an effective translation. The graph representation with associated centrality measures, and the application of DEMATEL technique to deduce the nature and intensity of security statements are not yet found in literature.

This paper aims to examine optimal decisions for information security investments for a firm in a fuzzy environment. Under both sequential and simultaneous attack scenarios, optimal investment of firm, optimal efforts of attackers and their economic utilities are determined.

Throughout the analysis, a single firm and two attackers for a “firm as a leader” in a sequential game setting and “firm versus attackers” in a simultaneous game setting are considered. While the firm makes investments to secure its information assets, the attackers spend their efforts to launch breaches.

It is observed that the firm needs to invest more when it announces its security investment decisions ahead of attacks. In contrast, the firm can invest relatively less when all agents are unaware of each other’s choices in advance. Further, the study reveals that attackers need to exert higher effort when no agent enjoys the privilege of being a leader.

In a novel approach, inherent system vulnerability of the firm, financial benefit of attackers from the breach and monetary loss suffered by the firm are considered, as fuzzy variables in the well-recognized Gordon – Loeb breach function, with the help of fuzzy expectation operator.

This study reports that the optimal breach effort exerted by each attacker is proportional to its obtained economic benefit for both sequential and simultaneous attack scenarios. A set of numerical experiments and sensitivity analyzes complement the analytical modeling.

In a novel approach, inherent system vulnerability of the firm, financial benefit of attackers from the breach and monetary loss suffered by the firm are considered, as fuzzy variables in the well-recognized Gordon – Loeb breach function, with the help of fuzzy expectation operator.

The purpose of this paper is to give an overview of artificial intelligence (AI) and other AI-enabled technologies and to describe how COVID-19 affects various industries such as health care, manufacturing, retail, food services, education, media and entertainment, banking and insurance, travel and tourism. Furthermore, the authors discuss the tactics in which information technology is used to implement business strategies to transform businesses and to incentivise the implementation of these technologies in current or future emergency situations.

The review provides the rapidly growing literature on the use of smart technology during the current COVID-19 pandemic.

The 127 empirical articles the authors have identified suggest that 39 forms of smart technologies have been used, ranging from artificial intelligence to computer vision technology. Eight different industries have been identified that are using these technologies, primarily food services and manufacturing. Further, the authors list 40 generalised types of activities that are involved including providing health services, data analysis and communication. To prevent the spread of illness, robots with artificial intelligence are being used to examine patients and give drugs to them. The online execution of teaching practices and simulators have replaced the classroom mode of teaching due to the epidemic. The AI-based Blue-dot algorithm aids in the detection of early warning indications. The AI model detects a patient in respiratory distress based on face detection, face recognition, facial action unit detection, expression recognition, posture, extremity movement analysis, visitation frequency detection, sound pressure detection and light level detection. The above and various other applications are listed throughout the paper.

Research is largely delimited to the area of COVID-19-related studies. Also, bias of selective assessment may be present. In Indian context, advanced technology is yet to be harnessed to its full extent. Also, educational system is yet to be upgraded to add these technologies potential benefits on wider basis.

First, leveraging of insights across various industry sectors to battle the global threat, and smart technology is one of the key takeaways in this field. Second, an integrated framework is recommended for policy making in this area. Lastly, the authors recommend that an internet-based repository should be developed, keeping all the ideas, databases, best practices, dashboard and real-time statistical data.

As the COVID-19 is a relatively recent phenomenon, such a comprehensive review does not exist in the extant literature to the best of the authors’ knowledge. The review is rapidly emerging literature on smart technology use during the current COVID-19 pandemic.