Search results
1 – 10 of 352Tim Wright, Zainab Ruhwanya and Jacques Ophoff
The COVID-19 pandemic necessitated a significant shift in how employees executed their professional responsibilities. Concurrently, the incidence of cybercrime experienced a…
Abstract
Purpose
The COVID-19 pandemic necessitated a significant shift in how employees executed their professional responsibilities. Concurrently, the incidence of cybercrime experienced a noteworthy surge due to the increased utilisation of cyberspace. The abrupt transition to telecommuting altered the interpersonal dynamics inherent in traditional work environments. This paper aims to examine the impact of interpersonal factors on the cybercrime preventative measures adopted by telecommuting employees.
Design/methodology/approach
A conceptual model, grounded in the Theory of Interpersonal Behaviour, is evaluated through an online survey. The data set comprises responses from 209 employees in South Africa, and the analysis uses partial least squares structural equation modelling.
Findings
The results reveal substantial predictive power to explain cybercrime preventative behaviours. Notably, the study underscores the significant influence of habit and affect on intention and subsequent behaviour.
Practical implications
The results suggest that practitioners should give due attention to emotional dimensions (affect) as a catalyst for information security behaviour. The formulation of employees’ information security responsibilities should be pragmatic, fostering subconscious compliance to establish routine behaviour (habit).
Originality/value
This research underscores the pivotal roles played by habit and emotions in shaping behavioural patterns related to information security. Furthermore, it provides researchers with an illustrative model for operationalising these constructs within the realm of security. The results contribute additional perspectives on the repercussions of the COVID-19 pandemic on cybercrime preventative behaviours.
Details
Keywords
Tareq Na’el Al-Tawil and Salam Abdallah
The purpose of this paper is to examine the nature of cyberbullying and corresponding strategies being used under the New United Arab Emirates (UAE) Cybercrimes Law.
Abstract
Purpose
The purpose of this paper is to examine the nature of cyberbullying and corresponding strategies being used under the New United Arab Emirates (UAE) Cybercrimes Law.
Design/methodology/approach
The analysis begins with a review of the nature of cyberbullying, focusing primarily on key concepts, underlying risk factors, forms of cyberbullying and adverse effects. Background information about the nature of cyberbullying will then lay the foundation for the subsequent sections of the analysis, which will focus on preventive strategies and legislative measures. The second section of the analysis will entail a review of the legislative framework for cyberbullying in the UAE. The goal here is to examine how the UAE is responding to the emerging threat of cyberbullying in its jurisdiction. The next section will then shift gears to interventions and strategies being implemented at the global level. A global perspective is central to comparing practices in the UAE to international standards and regulations.
Findings
Findings from the analysis have shown that the UAE has the most robust and comprehensive cyberbullying laws internationally. Nonetheless, the New Cybercrimes Law is ambiguous, and it is not expressively specific to cyberbullying. The law does not have a clear definition of cyberbullying, as well as the scope of its application to specific cases involving students. A comparative analysis across jurisdictions has revealed that most countries neither have specific cyberbullying laws nor explicitly define the phenomenon in existing laws. Thus, cyberbullying is a gray area in the UAE national law, requiring a clear definition and scope of application. The courts will establish case law that will finally address the current definitional challenges and extend of applying the New Cybercrimes Law.
Originality/value
The analysis concludes with the application of international best standards and practices to the UAE context, focusing specifically on how to strengthen laws and procedures in the UAE.
Details
Keywords
Ishmael Mugari, Maxwell Kunambura, Emeka E. Obioha and Norah R. Gopo
This study aims to explore the nature and impacts of cybercrime in the Zimbabwean retail sector and evaluate the effectiveness of the current measures to deal with cybercrime.
Abstract
Purpose
This study aims to explore the nature and impacts of cybercrime in the Zimbabwean retail sector and evaluate the effectiveness of the current measures to deal with cybercrime.
Design/methodology/approach
This study adopted a mixed research design on a sample of 38 retail players in a small mining town, Bindura, who were selected using stratified random and purposive sampling techniques. Data were collected through a mainly closed-ended questionnaire and in-depth interview guide. Statistical Package for Social Sciences (SPSS) was used to analyse quantitative data, whereas summative content analysis was used to analyse qualitative data.
Findings
Virus dissemination, hacking and card fraud were identified as the major forms of cybercrime prevalent in the retail sector. Additional security costs, loss of sensitive data and direct financial losses were found to be the major impacts posed by cybercrime on retail sector. It was also established that the current internal measures and policing efforts to fight cybercrime in the retail sector were ineffective.
Originality/value
This study provides context-specific information on the scourge of cybercrime in a developing third world country that has of late been characterised by a myriad of other socioeconomic challenges. Although similar studies have been conducted in other parts of the globe, there has been a dearth of literature on retail sector cybercrime in Zimbabwe. This study also interrogates the Zimbabwean retail sector’s preparedness in dealing with this contemporary threat.
Details
Keywords
Babayo Sule, Usman Sambo and Muhammad Yusuf
This study aims to examine the threats posed by cybercrimes toward the quest for achieving a reliable digital economy and to identify practical strategies for countering the crime.
Abstract
Purpose
This study aims to examine the threats posed by cybercrimes toward the quest for achieving a reliable digital economy and to identify practical strategies for countering the crime.
Design/methodology/approach
A qualitative phenomenological paradigm was used as the methodology. Both primary and secondary sources were consulted for data collection. A thematic analytical interpretation was used for data analysis.
Findings
This study discovered that Nigeria is a leverage environment for using digital economy as a means of diversifying the economy owing to population bulge, and an increase patronage of internet and digital space but the threats of cyberfraudsters is ostracising a substantial number from using it which is decreasing the performance of the digital economy.
Research limitations/implications
The research is limited by the scarcity of resources to widen the horizon of the study particularly the fieldwork and the rampant incidences of cybercrime in Nigeria which poses a difficult task for studying the phenomenon. In addition, this study is constrained by the confidentiality in releasing data owing to the sensitivity of the subject of study and its relationship to national security.
Practical implications
This study presents some suggestions that are plausible in countering the crimes and enhancing the digital economy in Nigeria through effective surveillance, massive information and communication technology (ICT) awareness creation for users and severe penitent sanctions for cybercriminals will help in securing digital spaces.
Social implications
This study has social implications including the suggestion for simplifying digital transactions that will save time, increases economic activities and passive multiple stream income for Nigerians and ease of doing business with less risk of robbery and other cumbersome tasks.
Originality/value
This study has originality value because after the survey of the existing literature, a field work is conducted to have the views of experts on the subject of study which adds value to the subject and originality of the findings.
Details
Keywords
Abel Yeboah-Ofori and Francisca Afua Opoku-Boateng
Various organizational landscapes have evolved to improve their business processes, increase production speed and reduce the cost of distribution and have integrated their…
Abstract
Purpose
Various organizational landscapes have evolved to improve their business processes, increase production speed and reduce the cost of distribution and have integrated their Internet with small and medium scale enterprises (SMEs) and third-party vendors to improve business growth and increase global market share, including changing organizational requirements and business process collaborations. Benefits include a reduction in the cost of production, online services, online payments, product distribution channels and delivery in a supply chain environment. However, the integration has led to an exponential increase in cybercrimes, with adversaries using various attack methods to penetrate and exploit the organizational network. Thus, identifying the attack vectors in the event of cyberattacks is very important in mitigating cybercrimes effectively and has become inevitable. However, the invincibility nature of cybercrimes makes it challenging to detect and predict the threat probabilities and the cascading impact in an evolving organization landscape leading to malware, ransomware, data theft and denial of service attacks, among others. The paper explores the cybercrime threat landscape, considers the impact of the attacks and identifies mitigating circumstances to improve security controls in an evolving organizational landscape.
Design/methodology/approach
The approach follows two main cybercrime framework design principles that focus on existing attack detection phases and proposes a cybercrime mitigation framework (CCMF) that uses detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface. The methods and implementation processes were derived by identifying an organizational goal, attack vectors, threat landscape, identification of attacks and models and validation of framework standards to improve security. The novelty contribution of this paper is threefold: first, the authors explore the existing threat landscapes, various cybercrimes, models and the methods that adversaries are deploying on organizations. Second, the authors propose a threat model required for mitigating the risk factors. Finally, the authors recommend control mechanisms in line with security standards to improve security.
Findings
The results show that cybercrimes can be mitigated using a CCMF to detect, assess, analyze, evaluate and respond to cybercrimes to improve security in an evolving organizational threat landscape.
Research limitations/implications
The paper does not consider the organizational size between large organizations and SMEs. The challenges facing the evolving organizational threat landscape include vulnerabilities brought about by the integrations of various network nodes. Factor influencing these vulnerabilities includes inadequate threat intelligence gathering, a lack of third-party auditing and inadequate control mechanisms leading to various manipulations, exploitations, exfiltration and obfuscations.
Practical implications
Attack methods are applied to a case study for the implementation to evaluate the model based on the design principles. Inadequate cyber threat intelligence (CTI) gathering, inadequate attack modeling and security misconfigurations are some of the key factors leading to practical implications in mitigating cybercrimes.
Social implications
There are no social implications; however, cybercrimes have severe consequences for organizations and third-party vendors that integrate their network systems, leading to legal and reputational damage.
Originality/value
The paper’s originality considers mitigating cybercrimes in an evolving organization landscape that requires strategic, tactical and operational management imperative using the proposed framework phases, including detect, assess, analyze, evaluate and respond phases and subphases to reduce the attack surface, which is currently inadequate.
Details
Keywords
Cybercrimes increase day by day in parallel to cyber-attacks and cyber-threats. Due to such an increase, required cybersecurity precautions against all kinds of cyber-attacks and…
Abstract
Purpose
Cybercrimes increase day by day in parallel to cyber-attacks and cyber-threats. Due to such an increase, required cybersecurity precautions against all kinds of cyber-attacks and cyber-threats should be taken by both organizations and individuals. This study aims to develop a reliable and valid measurement tool to measure cybercrime awareness levels of individuals.
Design/methodology/approach
In this study, a scale named as Cybercrime Awareness Scale (CAS) has been developed and psychometric properties of the scale have been tested by two separate studies.
Findings
The first study included a total of 500 respondents (294 female and 206 male). In the first study, factor structure of the proposed scale has been determined through an exploratory factor analysis. The results revealed a three-factor structure (i.e. information systems crimes, personal data crimes, and privacy and security). Cronbach's alpha reliability coefficients for the subdimensions were 0.95, 0.92, and 0.90, respectively. The sample of the second study consisted of 494 respondents (281 female and 213 male). The confirmatory-factor-analysis results revealed that three-factor structure is valid and optimal model. Further, the proposed scale demonstrated moderate concurrent validity results in relation to the Digital Data Security Awareness Scale.
Originality/value
Findings indicated that the CAS is a valid and reliable measurement tool to measure individuals' cybercrime awareness level. This study makes a novel contribution to the existing cybersecurity literature by providing the CAS, which is developed by following rigorous methodological standards.
Peer review
The peer review history for this article is available at: https://publons.com/publon/10.1108/OIR-01-2022-0023/
Details
Keywords
Byrne Kaulu, Goodwell Kaulu and Pearson Chilongo
This study assesses the factors influencing customers’ intention to adopt e-banking in the context of the technology acceptance model and the moderation role of cybercrime.
Abstract
Purpose
This study assesses the factors influencing customers’ intention to adopt e-banking in the context of the technology acceptance model and the moderation role of cybercrime.
Design/methodology/approach
The variables in the study are measured using a five-point Likert scale with measures adopted from existing literature. The independent variables are perceived ease of use, perceived usefulness and security and privacy. These are postulated to be moderated by the perceived risk of cybercrime and to influence e-banking adoption intentions. A quantitative approach is used. Primary data are collected from a sample of 209 randomly selected bank customers. The study uses a two-step (measurement model and structural model) approach to data analysis.
Findings
The key findings in this study are that perceived risk of cybercrime strengthens the positive relationship between perceived ease of use and e-banking adoption intentions but dampens or weakens the positive relationship between perceived usefulness and customers’ e-banking adoption intentions. The study makes several recommendations to inform scholarship, policy and practice.
Originality/value
Unlike existing literature, the study makes a unique contribution by including perceived risk of cybercrime as a moderating variable of theoretical significance in the relationship between adoption of e-banking and its determinants.
Details
Keywords
The COVID-19 pandemic accelerated many organisations’ reliance on the Internet, with schools, companies, and government agencies, among other institutions, all shifting their…
Abstract
The COVID-19 pandemic accelerated many organisations’ reliance on the Internet, with schools, companies, and government agencies, among other institutions, all shifting their operations online in a relatively short period of time. This sudden shift created opportunities for cybercriminals, as did the burden on the healthcare sector, the rush for unemployment benefits, and the desire for up-to-date information about outbreaks and health precautions. This chapter examines the trends in cybercrime during the COVID-19 pandemic that were spurred by these changes, as well as the mitigation measures implemented by government and private industry stakeholders to help protect critical infrastructure and online operations. It argues that the nature of cybercrime and the most common forms of criminal activity did not change substantially during the pandemic, but rather that criminals’ focus on whom to target and how to exploit evolving current events enabled them to wield existing criminal tools to greater effect, and potentially also at greater scale, though reliable statistics on the frequency and size of cybercrimes are scarce. Finally, the chapter considers how these trends in cybercrime forced private organisations and governments to undertake new cybersecurity measures and programs and whether the long-term effects of the pandemic might actually include stronger cybersecurity if these efforts continue past the end of the public health crisis.
Details
Keywords
Haitham Nobanee, Ahmad Alodat, Reem Bajodah, Maryam Al-Ali and Alyazia Al Darmaki
This study aims to assess the research developments and works pertaining to cybersecurity risks.
Abstract
Purpose
This study aims to assess the research developments and works pertaining to cybersecurity risks.
Design/methodology/approach
A bibliometric analysis of 749 studies on cybersecurity risks published between 1999 and 2021 was conducted using Scopus and the VOSviewer software.
Findings
This study reveals various findings, including the most influential authors and the top countries, journals, papers, funding institutions and affiliations publishing research on cybersecurity risks. The bibliometric analysis shows that the existing studies have affected the knowledge of the consequences of cybersecurity risks. However, some research gaps still exist in this field.
Originality/value
This study’s contribution is that it presents a comprehensive evaluation of the research on cybercrime and cybersecurity risks. Moreover, to the best of the authors’ knowledge, bibliometric analysis has not been conducted on cybersecurity risks. This study’s findings are likely to prove useful to practitioners and academics in mitigating the consequences of cybercrime and cybersecurity risks.
Details
Keywords
The negotiations focus on shaping the framework for countering cyber threats globally. However, as with previous rounds, agreement has been hindered by multiple proposals for…