Search results

The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.

This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?

In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.

This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.

Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.

Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.

Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.

This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.

The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.

The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.

The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.

This paper aims to overcome the inability of both comparing loss costs and accounting for production resource losses of Overall Equipment Effectiveness (OEE)-related approaches.

The authors conducted a literature review about the studies focusing on approaches combining OEE with monetary units and/or resource issues. The authors developed an approach based on Overall Equipment Cost Loss (OECL), introducing a component for the production resource consumption of a machine. A real case study about a smart multicenter three-spindle machine is used to test the applicability of the approach.

The paper proposes Resource Overall Equipment Cost Loss (ROECL), i.e. a new KPI expressed in monetary units that represents the total cost of losses (including production resource ones) caused by inefficiencies and deviations of the machine or equipment from its optimal operating status occurring over a specific time period. ROECL enables to quantify the variation of the product cost occurring when a machine or equipment changes its health status and to determine the actual product cost for a given production order. In the analysed case study, the most critical production orders showed an actual production cost about 60% higher than the minimal cost possible under the most efficient operating conditions.

The proposed approach may support both production and cost accounting managers during the identification of areas requiring attention and representing opportunities for improvement in terms of availability, performance, quality, and resource losses.

Industry 4.0 has put forward a smart perspective on managing supply chain networks and their operations. The current manufacturing system is primarily data-driven. Industries are deploying new emerging technologies in their operations to build a competitive edge in the business environment; however, the true potential of smart manufacturing has not yet been fully unveiled. This research aims to extensively analyse emerging technologies and their interconnection with smart manufacturing in developing smarter supply chains.

This research endeavours to establish a conceptual framework for a smart supply chain. A real case study on a smart factory is conducted to demonstrate the validity of this framework for building smarter supply chains. A comparative analysis is carried out between conventional and smart supply chains to ascertain the advantages of smart supply chains. In addition, a thorough investigation of the several factors needed to transition from smart to smarter supply chains is undertaken.

The integration of smart technology exemplifies the ability to improve the efficiency of supply chain operations. Research findings indicate that transitioning to a smart factory radically enhances productivity, quality assurance, data privacy and labour efficiency. The outcomes of this research will help academic and industrial sectors critically comprehend technological breakthroughs and their applications in smart supply chains.

This study highlights the implications of incorporating smart technologies into supply chain operations, specifically in smart purchasing, smart factory operations, smart warehousing and smart customer performance. A paradigm transition from conventional, smart to smarter supply chains offers a comprehensive perspective on the evolving dynamics in automation, optimisation and manufacturing technology domains, ultimately leading to the emergence of Industry 5.0.

The quest for improved facilities management (FM) delivery is receiving immense focus through the incorporation of innovative technologies such as cyber-physical systems (CPS). The system’s high computational capabilities can aid in the abatement of some of the challenges plaguing FM functions. However, the requisite ingredients for the uptake of the system for FM have still not gained scholarly attention. Because performance measurement is a vital index in determining the outcome of FM methods, this study aims to investigate the influence of performance measurement indicators that are influential to the uptake of CPS for delivering FM functions.

A qualitative technique was adopted using the Delphi technique. The panel of experts for the study was selected through a well-defined process based on stipulated criteria. The experts gave their opinions in two rounds before consensus was attained on the identified performance measurement indicators, whereas methods of data analysis were measures of central tendency, inter-quartile deviation and Mann–Whitney U test.

Results from this study showed that 11 of the performance indicators were of very high significance in the determination of the uptake of CPS for FM functions, whereas 5 of the indicators were proven to be of high significance. Furthermore, there was no statistical difference in the opinions of the experts based on their affiliation with academic institutions and professional practice.

The findings of this study contribute practically by aiding policymakers, facility managers and relevant stakeholders with the vital knowledge of delivery mandates for efficient FM services that can spur the uptake of digital technologies such as CPS.

This study contributes to the body of knowledge as it unveils a roadmap of the expected performance output and its accompanying evaluation that would drive the adoption of a promising technology such as CPS in the delivery of FM tasks.

This study aims to elucidate institutional analysis as an effective approach to investigating and designing the multilevel policymaking system of online social networks (OSN) for achieving a participatory model.

The institutional mapping approach has been used to analyze Iran’s OSN multilevel policymaking system. A combination of two matrices, including institutions-institutions and institutions-functions, was used to perform the institutional mapping. Two main steps were taken to draw the mentioned matrices. First, a review of related studies in Iran’s OSN policymaking system was conducted and the policy functions mentioned in these studies were identified and categorized using the meta-synthesis. Second, based on analyzing two policy documents of Iran’s OSN, institutions and their interactions were identified and policy functions were allocated to institutions.

Based on the results, the most important policy functions in the current OSN policymaking system in Iran are support, regulatory, monitoring and evaluation, business environment development, culture building and promotion, organizing licenses and permissions, policymaking and legislation. Also, the results show that there are shortcomings in this system, some of the most important of which are lack of transparency in regulatory, little work in culture building and promotion, neglect of the training of specialized human resources and research and development, slow development of the business environment and neglecting the role of nongovernmental organizations in policymaking.

By examining and analyzing how different institutions operate within a multilevel policymaking system, the policymaking process and its overall effectiveness can be enhanced. This analysis helps identify any inconsistencies, overlaps or conflicts in the roles and policies of these institutions, leading to a better understanding of how a multilevel policymaking system is organized.

This paper aims to study the economic effects of Cloud Computing for a sample of Israeli firms. The authors propose a framework that considers how this technology affects firm performance also introducing the indirect economic effects that take place through cloud-complementary technologies such as Big Data and Machine Learning.

The model is estimated through structural equation modeling. The data set consists of the microdata of the survey of information and communication technologies uses and cyber protection in business conducted in Israel by the Central Bureau of Statistics.

The results point to Cloud Computing as a crucial technology to increase firm performance, presenting significant direct and indirect effects as the use of complementary technologies maximizes its impact. Firms that enjoy most direct economic gains from Cloud Computing appear to be the smaller ones, although larger enterprises seem more capable to assimilate complementary technologies, such as Big Data and Machine Learning. The total effects of cloud on firm performance are quite similar among manufacturing and service firms, although the composition of the different effects involved is different.

This paper is one of the very few analyses estimating the impact of Cloud Computing on firm performance based on country microdata and, to the best of the authors’ knowledge, the first one that contemplates the indirect economic effects that take place through cloud-complementary technologies such as Big Data and Machine Learning.

This paper uses the complex proportionality assessment (COPRAS) method to examine the driving factors of Industry 4.0 (I4) technologies for lean implementation in small and medium-sized enterprises (SMEs).

Adopting I4 technology is imperative for SMEs seeking to maintain competitiveness within the manufacturing sector. A thorough understanding of the driving factors involved is required to support the implementation of I4. For this objective, the multi-criteria decision-making (MCDM) tool COPRAS was used to efficiently analyze and rank these driving elements based on their importance. These factors can help small and medium-sized firms (SMEs) prioritize their efforts and investments in I4 technologies for lean implementation.

This study evaluates and prioritizes the nine I4 factors according to the perceptions of SMEs. The ranking offers significant insights into the factors SMEs consider more accessible and effective when adopting I4 technologies.

The author's original contribution is to examine I4 driving factors for lean implementation in SMEs using COPRAS.

The purpose of this paper is to investigate how different manufacturing technologies are bundled together and how these bundles influence operations performance and, indirectly, business performance. With the emergence of Industry 4.0 (I4.0) technologies, manufacturing companies can use a wide variety of advanced manufacturing technologies (AMT) to build an efficient and effective production system. Nevertheless, the literature offers little guidance on how these technologies, including novel I4.0 technologies, should be combined in practice and how these combinations might have a different impact on performance.

Using a survey study of 165 manufacturing plants from 11 different countries, we use factor analysis to empirically derive three distinct manufacturing technology bundles and structural equation modeling to quantify their relationship with operations and business performance.

Our findings support an evolutionary rather than a revolutionary perspective. I4.0 technologies build on traditional manufacturing technologies and do not constitute a separate direction that would point towards a fundamental digital transformation of companies within our sample. Performance effects are rather weak: out of the three technology bundles identified, only “automation and robotization” have a positive influence on cost efficiency, while “base technologies” and “data-enabled technologies” do not offer a competitive advantage, neither in terms of cost nor in terms of differentiation. Furthermore, while the business performance impact is positive, it is quite weak, suggesting that financial returns on technology investments might require longer time periods.

Relying on a complementarity approach, our research offers a novel perspective on technology implementation in the I4.0 era by investigating novel and traditional manufacturing technologies together.