Search results

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.

The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.

The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.

The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.

The purpose of this paper is to investigate the cyber hygiene practices of remote workers.

This paper used two instruments: first, the Cyber Hygiene Inventory scale, which measures users’ information and computer security behaviors; second, the Recsem Inventory, developed within this paper’s context, to evaluate the cybersecurity measures adopted by organizations for remote workers. It was conducted on remote workers to examine their information security practices. The instrument was administered to a sample of 442 employees reached via the LinkedIn platform. Analyses were performed with SPSS v26, Python programming language and Seaborn library.

The findings indicate a significant correlation between the security measures implemented by companies and their employees’ cyber hygiene practices. A sector comparison revealed a significant difference in cyber hygiene levels between public and private sector workers.

This paper aims to provide policymakers with suggestions for enhancing the cyber hygiene of remote workers to facilitate compliance with corporate security protocols.

This paper’s conclusions highlight the importance of companies increasing their cybersecurity investments as remote work becomes more prevalent. This should consider not only corporate-level factors but also employees' information and computer security behaviors.

The purpose of the study is to identify cybersecurity threats that hinder the adoption of digital banking and provide sustainable strategies to combat cybersecurity risks in the banking industry.

Systematic literature review guidelines were used to conduct a quantitative synthesis of empirical evidence regarding the impact of cybersecurity threats and risks on the adoption of digital banking.

A total of 84 studies were initially examined, and after applying the selection and eligibility criteria for this systematic review, 58 studies were included. These selected articles consistently identified identity theft, malware attacks, phishing and vishing as significant cybersecurity threats that hinder the adoption of digital banking.

With the country’s banking sector being new in this area, this study contributes to the scant literature on cyber security, which is mostly in need due to the myriad breaches that the industry has already suffered thus far.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.

This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?

In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.

This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.

Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.

Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.

Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.

The logistics industry has undergone a tremendous transformation. This transformation is necessary to cope with the fundamental changes in customer expectations and the need for digitalization imposed by the pandemic, changes in the socioeconomic world, and innovative technology solutions. This paper aims to present digital transformation as an integrated framework for transforming the operating model and applying advanced solutions to the ecosystem of a quintile logistics (5PL) company. 5PL operators are typically an ecosystem. Loosely coupled or self-organized entities that collaborate in a symbiotic relationship represent this ecosystem. They aim to jointly develop capabilities, create innovative services or solutions, share knowledge, facilitate transactions, and leverage network synergies in a logistics environment to provide optimized or novel customer- or partner-centric solutions (Lamberjohann and Otto, 2020).

Currently, there is no single definition of an integrated logistics operations model in 5PL practice, so the qualitative method used in this paper allows for investigation from an exploratory perspective. The paper follows a qualitative research methodology, collecting and analyzing data/facts through interviews and visits to subject matter experts, industry practitioners, and academic researchers, combined with an extensive review of academic publications, industry reports, and written and media content from established organizations in the marketplace. This paper follows a qualitative research methodology, as it is an inquiry rather than a statistical study. The qualitative method allows the study of the concepts of phenomena and definitions, their characteristics, and the defining features that serve as the basis (Berg, 2007). It emphasizes generalized interpretation and deeper understanding of concepts, which would be more difficult in quantitative, statistically based research. Fact-finding was conducted in two ways: in-depth interviews with experts from academia, information and communication technology organizations, and key players in the logistics industry; and academic publications, industry reports, and written and media content from established national and international organizations in the market.

The operations model introduced considers six aspects: persons, processes, platforms, partners, protection and preservation. A virtual team approach can support the personal side of the 5PL ecosystem’s digital transformation. Managing a 5PL ecosystem should be based on collaborative planning, forecasting, and replenishment methods (Parsa et al., 2020). A digital platform can support trust among the stakeholders in the ecosystem. A blockchain solution can powerfully support the 5PL ecosystem from partner relationships’ points of view. The implementation of a cybersecurity reference model is important for protection (Bandari, 2023). Reverse logistics and an integrated approach support the preservation of the ecosystem.

While the author has experience applying the different components of the operations model presented, it would be interesting to find a 5PL that would use all the components presented in an integrated way. The operations model presented applies to any similar ecosystem with minor adaptations.

This paper addresses operations models and digital transformation challenges for optimizing 5PL operators. It provides several opportunities and considerations for 5PL operators interested in improving their management and operations to cope with the growing challenges of today’s world.

The competitiveness and long-term performance of 5PL operators depend on selecting and carefully implementing their operations models. This paper emphasizes the importance of using advanced operations models.

The operations model derives from the author’s personal experiences in research and the innovative application of these models to logistics operators (DHL, UPS, Poste Italiane and others). This paper brings together academic and industry perspectives and operations models in an integrated business digital transformation. This paper defines an original optimal operations model for a 5PL operator and can add sustainable value to organizations and society. In doing so, it outlines different solution requirements, the critical success factors and the challenges for solutions and brings logistical performance objectives when implementing a digital business transformation.

This paper aims to evaluate the impact of various preview modes on tourist attitudes and intentions to visit a destination based on consumers’ level of involvement in travel decision-making.

The study was conducted as a between-subjects one-factor [preview mode: static images vs 360-degree tour vs virtual reality (VR) mode] in a laboratory experiment setup to examine how consumers with different levels of involvement in travel decision-making respond to destination marketing toward three different preview modes.

The findings indicated that VR preview mode highly influences tourist attitudes and visit intentions toward a destination compared to static images and 360-degree tours. This effect is more significant among participants with higher levels of customer involvement. Finally, the results from the study offer empirical evidence of the effectiveness of VR in shaping user behavior compared to traditional preview modes.

The limitations are using a non-probability sampling method, a small sample size and affordable mobile-compatible VR headsets.

This study offers empirical evidence on the effectiveness of VR in shaping tourist behavior compared to traditional preview modes. It helps destination marketers develop appropriate strategies for promoting tourist destinations.

The novelty of this paper lies in understanding the effectiveness of VR in shaping tourist behavior with different levels of customer involvement in travel decision-making.

This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.

The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.

The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.

The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.