Search results

This paper aims to investigate how congruent keywords are used in information security policies (ISPs) to pinpoint and guide clear actionable advice and suggest a metric for measuring the quality of keyword use in ISPs.

A qualitative content analysis of 15 ISPs from public agencies in Sweden was conducted with the aid of Orange Data Mining Software. The authors extracted 890 sentences from these ISPs that included one or more of the analyzed keywords. These sentences were analyzed using the new metric – keyword loss of specificity – to assess to what extent the selected keywords were used for pinpointing and guiding actionable advice. Thus, the authors classified the extracted sentences as either actionable advice or other information, depending on the type of information conveyed.

The results show a significant keyword loss of specificity in relation to pieces of actionable advice in ISPs provided by Swedish public agencies. About two-thirds of the sentences in which the analyzed keywords were used focused on information other than actionable advice. Such dual use of keywords reduces the possibility of pinpointing and communicating clear, actionable advice.

The suggested metric provides a means to assess the quality of how keywords are used in ISPs for different purposes. The results show that more research is needed on how keywords are used in ISPs.

The authors recommended that ISP designers exercise caution when using keywords in ISPs and maintain coherency in their use of keywords. ISP designers can use the suggested metrics to assess the quality of actionable advice in their ISPs.

The keyword loss of specificity metric adds to the few quantitative metrics available to assess ISP quality. To the best of the authors’ knowledge, applying this metric is a first attempt to measure the quality of actionable advice in ISPs.

Effective information security management (ISM) contributes to building a healthy organizational digital ecology. However, few studies have built an analysis framework for critical influencing factors to discuss the combined influence mechanism of multiple factors on ISM performance (ISMP). This study aims to explore the critical success factors and understand how these factors contribute to ISMP.

This study used a mixed-method approach to achieve this study’s research goals. In Study 1, the authors conducted a qualitative analysis to take a series of International Organization for Standardization/International Electrotechnical Commission standard documents as the basis to refine the critical factors that may influence organizations’ ISMP. In Study 2, the authors built a research model based on the organizational control perspective and used the survey-based partial least squares-based structural equation modeling (PLS-SEM) approach to understand the relationships between these factors in promoting ISMP. In Study 3, the authors used the fuzzy set qualitative comparative analysis (fsQCA) method to empirically analyze the complex mechanisms of how the combinations of the factors affect ISMP.

The following three research findings are obtained. First, based on the text-based qualitative analysis, the authors refined the critical success factors that may increase ISMP, including information security policies (ISP), top management support (TMS), alignment (ALI), information security risk assessment (IRA), information security awareness (ISA) and information security culture (ISC). Second, the PLS-SEM testing results confirmed TMS is the antecedent variable motivating organization’s formation (ISP) and information control (ISC) approaches; these two types of organization control approaches increase IRA, ISA and ALI and then promote ISMP directly and indirectly. Third, the fsQCA testing results found two configurations that can achieve high ISMP and one driving path that leads to non-high ISMP.

This study extends knowledge by exploring configuration factors to improve or impede the performances of organizations’ ISM. To the best of the authors’ knowledge, this study is one of the first to explore the use of the fsQCA approach in information security studies, and the results not only revealed causal associations between single factors but also highlighted the critical role of configuration factors in developing organizational ISMP. This study calls attention to information security managers of an organization should highlight the combined effect between the factors and reasonably allocate organizational resources to achieve high ISMP.

The purpose of this study is twofold. On the one hand, it studies the impact of IFRS 9 adoption on the firm value; and on the other hand, it investigates the impact of the classification of financial assets on the firm value.

The study covers a sample of 55 listed banks in the Middle Eastern and North African (MENA) region. Data is collected for three years (2017–2019).

The findings show that banks’ value is not impacted by IFRS 9 adoption but by financial assets’ classification. Firm value is positively affected by fair value through other comprehensive income assets, while it is negatively affected by amortized cost and fair value through profit or loss assets. The results of the additional analysis show consistent outcomes.

This research reveals important managerial implications. Priority should be given to the financial assets’ classification strategy following the adoption of IFRS 9 to boost the market valuation of banks. It may be useful for investors, managers and regulators in their decision-making.

This study enriches previous research as IFRS 9 is a new standard, and its adoption consequences need to be investigated. A few recent studies have focused on IFRS 9 as a whole or on other parts of IFRS 9, namely, the impairment regime and hedge accounting and concern developed contexts. However, this research adds to the knowledge of capital market studies by investigating the application of IFRS 9 in terms of classification in the MENA region.

The study focuses on influential factors of collaboration on government data security by the Chinese government.

The article explores the case of e-government in the Chinese centralized unitary state system context, using a structured–pragmatic–situational (SPS) approach and the boundary theory as an analytical lens.

The findings indicate that e-government operates in highly interconnected environments where the safe flow of government data requires collaborative and cross-boundary strategies. Any organization is a potential “weakest link”. In addition, collaboration is fragmented by ambiguous accountability and organizational inertia across government departments, resources differences and limited visibility and measurability of security efforts across government levels and conflicts and uncertainties in principal–agent relationships. The solutions for those obstacles are also discussed from the multi-function, multi-level and multi-actor dimensions, respectively. A multi-dimensional overarching security model for the flow of government data is proposed.

The study advances the technology-oriented micro-analysis of previous studies on government data security to cross-organizational revealing at the macrolevel by connecting streams of research in information systems and public administration. These findings will contribute to making the safe flow of government data more resilient in the transformation of e-government.

The purpose of this paper is to investigate the cyber hygiene practices of remote workers.

This paper used two instruments: first, the Cyber Hygiene Inventory scale, which measures users’ information and computer security behaviors; second, the Recsem Inventory, developed within this paper’s context, to evaluate the cybersecurity measures adopted by organizations for remote workers. It was conducted on remote workers to examine their information security practices. The instrument was administered to a sample of 442 employees reached via the LinkedIn platform. Analyses were performed with SPSS v26, Python programming language and Seaborn library.

The findings indicate a significant correlation between the security measures implemented by companies and their employees’ cyber hygiene practices. A sector comparison revealed a significant difference in cyber hygiene levels between public and private sector workers.

This paper aims to provide policymakers with suggestions for enhancing the cyber hygiene of remote workers to facilitate compliance with corporate security protocols.

This paper’s conclusions highlight the importance of companies increasing their cybersecurity investments as remote work becomes more prevalent. This should consider not only corporate-level factors but also employees' information and computer security behaviors.

Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary organisation. This paper explores the reputation repair strategies undertaken by organisations in the event of becoming victims of cyber-attacks.

For developing the authors’ contribution in the context of the Internet service providers' industry, the authors draw on a qualitative case study of TalkTalk, a British telecommunications company providing business to business (B2B) and business to customer (B2C) Internet services, which was a victim of a “significant and sustained” cyber-attack in October 2015. Data for the enquiry is sourced from publicly available archival documents such as newspaper articles, press releases, podcasts and parliamentary hearings on the TalkTalk cyber-attack.

The findings suggest a dynamic interplay of technical and rhetorical responses in dealing with cyber-attacks. This plays out in the form of marshalling communication and mortification techniques, bolstering image and riding on leader reputation, which serially combine to strategically orchestrate reputational repair and stigma erasure in the event of a cyber-attack.

Analysing a prototypical case of an organisation in dire straits following a cyber-attack, the paper provides a systematic characterisation of the setting-in-motion of strategic responses to manage, revamp and ameliorate damaged reputation during cyber-attacks, which tend to negatively shape the evaluative perceptions of the organisation's salient audience.

This article sheds light on the missing links concerning the study of using integrated enabling technologies toward sustainable and circular agriculture supply chains by examining the available literature and proposing future research possibilities.

The relevant literature was researched through online databases such as Scopus, Web of Science, Academic Search Premier, Emerald, IEEE Xplore, Science Direct, World Scientific Net and Springer-Link Journals, covering a period from 1999 to 2020. A systematic literature review based on 75 papers analyzed the integration of the concepts of enabling technologies, sustainability, circular economy and supply chain performance in agriculture supply chains.

It was identified that enabling technologies and agriculture supply chains alone have been explored further than integrated enabling technologies, sustainability, circular economy, supply chain performance and agriculture supply chains. Enabling technologies and agriculture supply chains' main findings are: enabling technologies have been studied to improve food safety, food quality and traceability in agriculture supply chains. The main results regarding integrated enabling technologies, sustainability, circular economy, supply chain performance and agriculture supply chains are: Internet of Things and information communication technology play an important role in addressing food security, traceability and food quality, which help achieve sustainable development goals.

This review study provides 13 research questions to underpin future trends regarding integrated technologies' application in agriculture supply chains for circular and sustainable growth.

Trust plays a crucial role in overcoming uncertainty and reducing risks. Uncovering the trust mechanism in the sharing economy may enable sharing platforms to design more effective marketing strategies. However, existing studies have inconsistent conclusions on the trust mechanism in the sharing economy. Therefore, this study aims to investigate the antecedents and consequences of different dimensions of trust (trust in platform and trust in peers) in the sharing economy.

First, we conducted a meta-analysis of 57 related articles. We tested 13 antecedents of trust in platform (e.g. economic benefits, enjoyment, and information quality) and eight antecedents of trust in peers (e.g. offline service quality and providers’ reputation), as well as their consequences. Then, we conducted subgroup analyses to test the moderating effects of economic development level (Developed vs Developing), gender (Female-dominant vs Male-dominant), platform type (Accommodation vs Transportation), role type (Obtainers vs Providers), and uncertainty avoidance (Strong vs Weak).

The results confirm that all antecedents and consequences significantly affect trust in platform or peers to varying degrees. Moreover, trust in platform greatly enhances trust in peers. Besides, the results of the moderating effect analyses demonstrate the variability of antecedents and consequences of trust under different subgroups.

This paper provides a clear and holistic view of the trust mechanism in the sharing economy from an object-based trust perspective. The findings may offer insights into trust-building in the sharing economy.

The study explores the potential barriers to data science (DS) implementation in organizations and identifies the key barriers. The identified barriers were explored for their interconnectedness and characteristics. This study aims to help organizations formulate apt DS strategies by providing a close-to-reality DS implementation framework of barriers, in conjunction with extant literature and practitioners' viewpoints.

The authors synthesized 100 distinct barriers through systematic literature review (SLR) under the individual, organizational and governmental taxonomies. In discussions with 48 industry experts through semi-structured interviews, 14 key barriers were identified. The selected barriers were explored for their pair-wise relationships using interpretive structural modeling (ISM) and fuzzy Matriced’ Impacts Croise's Multiplication Appliquée a UN Classement (MICMAC) analyses in formulating the hierarchical framework.

The lack of awareness and data-related challenges are identified as the most prominent barriers, followed by non-alignment with organizational strategy, lack of competency with vendors and premature governmental arrangements, and classified as independent variables. The non-commitment of top-management team (TMT), significant investment costs, lack of swiftness in change management and a low tolerance for complexity and initial failures are recognized as the linkage variables. Employee reluctance, mid-level managerial resistance, a dearth of adequate skills and knowledge and working in silos depend on the rest of the identified barriers. The perceived threat to society is classified as the autonomous variable.

The study augments theoretical understanding from the literature with the practical viewpoints of industry experts in enhancing the knowledge of the DS ecosystem. The research offers organizations a generic framework to combat hindrances to DS initiatives strategically.

Iraqi society has suffered from loss or fragility of human security since 2003. The developmental policies, programs and plans of the successive Iraqi Governments throughout the transitional period have not been able to achieve human security, despite the availability of different resources. They have also not prevented or limited the spread of corruption, according to domestic and international reports. Now the country faces a large phenomenon of corruption and the dilemma of human security loss. This study aims to ascertain the nature of the relationship between the phenomenon of corruption and the dilemma of loss or fragility of human security in Iraq since 2003 to learn about the form of this relationship, how the selected variables contribute to the two phenomena and determine the degree of impact of corruption and its dimensions on human security and its components.

This research uses the social survey methodology of the sample taken from the Iraqi society and benefits from system analysis approach to identify the inputs and outputs of the variables researched. Moreover, the study uses the case study methodology to collect data and information precisely in an in-depth manner to support qualitative and quantitative analysis and clarifies the situation at the macro level of both phenomena.

Findings show the prevalence of corruption structurally in the Iraqi state and society. The contribution of dimensions and selected indicators in the spread of corruption and lack of human security varies. Findings also underline a strong statistical correlation between the two variables and their reverse relationship. In other words, the more the corruption is, the less the opportunities of human security are. There is also a strong impact of corruption and its dimensions on the conditions of human security factors.

The paper provides profitable findings and recommendations, which can be used by the Iraqi relevant institutions to eliminate corruption, achieve human security and benefit from its indicators in research and development.

The new addition of this research can be represented by linking the two phenomena and trying to build national standards with the capacity to describe, interpret and predict.