Search results
1 – 10 of over 1000Ahmed Ali Otoom, Issa Atoum, Heba Al-Harahsheh, Mahmoud Aljawarneh, Mohammed N. Al Refai and Mahmoud Baklizi
The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity…
Abstract
Purpose
The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity through collaborative efforts in the higher education sector. The EduCERT framework addresses this gap by enhancing cyber security and mitigating cybercrime through collaborative incident management, knowledge sharing and university awareness campaigns.
Design/methodology/approach
The authors propose an EduCERT framework following the design science methodology. The framework is developed based on literature and input from focus group experts. Moreover, it is grounded in the principles of the technology-organization-environment framework, organizational learning and diffusion of innovations theory.
Findings
The EduCERT has eight components: infrastructure, governance, knowledge development, awareness, incident management, evaluation and continuous improvement. The framework reinforces national cybersecurity through cooperation between universities and the National Computer Emergency Response Team. The framework has been implemented in Jordan to generate a cybersecurity foundation for higher education. Evaluating the EduCERT framework’s influence on national cybersecurity highlights the importance of adopting comprehensive cyber-security policies and controls. The framework application shows its relevance, effectiveness, adaptability and alignment with best practices.
Research limitations/implications
Despite the impact of applying the framework in the Jordanian context, it is essential to acknowledge that the proposed EduCERT framework’s practical implementation may encounter challenges specific to diverse international educational environment sectors. However, framework customization for global applicability could address varied educational institutions in other countries.
Practical implications
Furthermore, the proposed EduCERT framework is designed with universal applicability that extends beyond the specific country’s context. The principles and components presented in the framework can serve as valuable design advice for establishing collaborative and resilient cybersecurity frameworks in educational settings worldwide. Therefore, the research enhances the proposed framework’s practical utility and positions it as an invaluable contribution to the broader discourse on global cybersecurity in academia.
Originality/value
This paper enhances national cybersecurity in the higher education sector, addressing the need for a more integrated response mechanism. The EduCERT framework demonstrates its effectiveness, adaptability and alignment with best practices, offering valuable guidance for global educational institutions.
Details
Keywords
The recent trends of managing how to achieve communication in a safe cyberspace have attracted the particular attention from scholars worldwide. The strategic initiative of having…
Abstract
Purpose
The recent trends of managing how to achieve communication in a safe cyberspace have attracted the particular attention from scholars worldwide. The strategic initiative of having an active organization of communication pathways is required for further scholarly elaboration to enable a subsisting safe community in cyberspace. An example of the challenges is the issue of trust in information or questionable issues denoting lack of detail and clarity. Thus, this obviously refers to a dubious circumstance that needs to explain the situation on addressing the critical issue of trust-based quality information. To respond to such an apparent situation, this paper aims to critically explore the insightful value of trust in information as essential element of quality assurance. Such arranged strategy would enable individual capacity and accountability in achieving the efficient communication management for a safe cyberspace.
Design/methodology/approach
The study attempted a critical review of recent literature by analysing peer-reviewed articles from journals, books, proceedings and book chapters related to theme of communication management for safe cyberspace.
Findings
The finding reveals that the strategic approach of enabling effective communication management for safe cyberspace is actualized through advancing trust-based quality information.
Originality/value
This paper aims to contribute towards enhancing communication management for safe cyberspace by addressing issues relating to trust that would lead to the quality of information.
Details
Keywords
Mohd Ismail Abidin, K. Kiran and Samsul Farid Samsuddin
This study examines the preparedness and responsiveness of Malaysian academic librarians in handling disruptions in library services during a disaster.
Abstract
Purpose
This study examines the preparedness and responsiveness of Malaysian academic librarians in handling disruptions in library services during a disaster.
Design/methodology/approach
This qualitative approach involved semi-structured interviews with decision-makers, chief librarians and library managers from five selected public universities.
Findings
Thematic and qualitative data analysis produced several key themes based on (1) disaster preparedness involving policies, plans, asset protection, risk management, coordination of disaster management and preparative measures; and (2) disaster response involving strategies for information and communication access, community engagement, emergency response teams and procedures, and resource availability.
Practical implications
The findings are expected to be useful for policymakers in formulating policies and guidelines for library disaster management plans.
Social implications
The interruptions of academic library services during a disaster may result in the disruption of the information sources and social information networks of students, academics and researchers alike. Effective disaster management is also the library’s responsibility to protect collections that belong to society at large.
Originality/value
This is one of the first attempts in disaster management research to focus on the preparedness and responses of academic libraries in Malaysia in the face of disasters. Therefore, the results of this study can be used as a baseline for policymakers to prepare policies, guidelines and manuals for management in the event of a disaster.
Details
Keywords
Michael Herburger, Andreas Wieland and Carina Hochstrasser
Disruptive events caused by cyber incidents, such as supply chain (SC) cyber incidents, can affect firms’ SC operations on a large scale, causing disruptions in material…
Abstract
Purpose
Disruptive events caused by cyber incidents, such as supply chain (SC) cyber incidents, can affect firms’ SC operations on a large scale, causing disruptions in material, information and financial flows and impacting the availability, integrity and confidentiality of SC assets. While SC resilience (SCRES) research has received much attention in recent years, the purpose of this study is to investigate specific capabilities for building SCRES to cyber risks. Based on a nuanced understanding of SC cyber risk characteristics, this study explores how to build SC cyber resilience (SCCR) using the perspective of dynamic capability (DC) theory.
Design/methodology/approach
Based on 79 in-depth interviews, this qualitative study examines 28 firms representing 4 SCs in Central Europe. The researchers interpret data from semistructured interviews and secondary data using the DC perspective, which covers sensing, seizing and transforming.
Findings
The authors identify SCRES capabilities, in general, and SCCR-specific capabilities that form the basis for the realignment of DCs for addressing cyber risks in SCs. The authors argue that SCRES capabilities should, in general, be combined with specific capabilities for SCCR to deal with SC cyber risks. Based on these findings, 10 propositions for future research are provided.
Practical implications
Practitioners should collaborate specifically to address cyber threats and risks in SCs, integrate new SC partners and use new approaches. Furthermore, this study shows that cyber risks need to be treated differently from traditional SC risks.
Originality/value
This empirical study enriches the SC management literature by examining SCRES to cyber risks through the insightful lens of DCs. It identifies DCs for building SCCR, makes several managerial contributions and is among the few that apply the DC approach to address specific SC risks.
Details
Keywords
Miguel Calvo and Marta Beltrán
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it…
Abstract
Purpose
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.
Design/methodology/approach
The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.
Findings
The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.
Originality/value
The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.
Details
Keywords
Halimah Nasibah Ahmad, Noor Afza Amran and Darwina Arshad
The interviews were conducted with the respondents (the founder and Manager of De Cyber Hotel). Other data were obtained through the websites of the relevant businesses.
Abstract
Research methodology
The interviews were conducted with the respondents (the founder and Manager of De Cyber Hotel). Other data were obtained through the websites of the relevant businesses.
Case overview/synopsis
Siti Alia and her friends established De Cyber Hotel in January 2019. It was incorporated as a Malaysian private limited company in Cyberjaya, Selangor. Siti Alia was appointed as the hotel manager and was responsible for managing the hotel’s day-to-day operations and financial matters. Being a new budget hotel, competing with other established hotels was quite difficult. De Cyber Hotel used brochures and word-of-mouth for its promotion activities and mainly depended on walk-in guests. Siti Alia knew she had to take immediate action to ensure the hotel’s survival and could no longer rely on walk-in guests. Hence, to increase the occupancy and revenue rate, on 27 March 2019, De Cyber Hotel management decided to accept an offer from ABC Digital Booking to implement a digital booking mechanism and form a partnership for at least a year. ABC Digital Booking provided an online system to enable the listing and booking of budget accommodations and partnered with hotels to provide similar guest experiences across countries. After working and collaborating for 10 months with ABC Digital Booking, Siti Alia had to decide whether De Cyber Hotel should continue its alliance with ABC Digital Booking. Hence, she had to think thoroughly and consider the advantages and disadvantages, as well as the impact of her decision on the business.
Complexity academic level
Undergraduate Integrated Case Studies, Seminar in Management, Risk Management and Corporate Governance, Management Accounting, Financial Accounting, Strategic Management. Postgraduate Organizational Behaviour, Management Accounting and Controls, Strategic Management Accounting, Marketing Management, Hospitality Strategic Management, Entrepreneurship Development.
Details