Search results

This paper aims to explore the factors affecting cybersecurity implementation in organizations in various countries and develop a cybersecurity framework to improve cybersecurity practices within organizations for cybersecurity risk management through a systematic literature review (SLR) approach.

This SLR adhered to RepOrting Standards for Systematics Evidence Syntheses (ROSES) publication standards and used various research approaches. The study’s article selection process involved using Scopus, one of the most important scientific databases, to review articles published between 2014 and 2023.

This review identified the four main themes: individual factors, organizational factors, technological factors and governmental role. In addition, nine subthemes that relate to these primary topics were established.

This research sheds light on the multifaceted nature of cybersecurity by exploring factors influencing implementation and developing an improvement framework, offering valuable insights for researchers to advance theoretical developments, assisting industry practitioners in tailoring cybersecurity strategies to their needs and providing policymakers with a basis for creating more effective cybersecurity regulations and standards.

The human factor is the most important defense asset against cyberattacks. To ensure that the human factor stays strong, a cybersecurity culture must be established and cultivated in a company to guide the attitudes and behaviors of employees. Many cybersecurity culture frameworks exist; however, their practical application is difficult. This paper aims to demonstrate how an established framework can be applied to determine and improve the cybersecurity culture of a company.

Two surveys were conducted within eight months in the internal IT department of a global software company to analyze the cybersecurity culture and the applied improvement measures. Both surveys comprised the same 23 questions to measure cybersecurity culture according to six dimensions: cybersecurity accountability, cybersecurity commitment, cybersecurity necessity and importance, cybersecurity policy effectiveness, information usage perception and management buy-in.

Results demonstrate that cybersecurity culture maturity can be determined and improved if accurate measures are derived from the results of the survey. The first survey showed potential for improving the dimensions of cybersecurity accountability, cybersecurity commitment and cybersecurity policy effectiveness, while the second survey proved that these dimensions have been improved.

This paper proves that practical application of cybersecurity culture frameworks is possible if they are appropriately tailored to a given organization. In this regard, scientific research and practical application combine to offer real value to researchers and cybersecurity executives.

The Kingdom of Saudi Arabia (KSA) is embracing digital transformation and e-government services, aiming to improve efficiency, accessibility and citizen-centricity. Nonetheless, the country faces challenges such as evolving cyber threats. The purpose of this study is to investigate the factors influencing cybersecurity practices to ensure the reliability and security of e-government services.

This paper investigates the multifaceted dynamics of cybersecurity practices and their impact on the quality and effectiveness of e-government services. Five key factors explored include organizational culture, technology infrastructure, adherence to standards and regulations, employee training and awareness and financial investment in cybersecurity. This study used a quantitative method to gather data from 320 participants. The researcher collected 285 completed questionnaires, excluding unusable or incomplete responses, and analyzed the final data set using partial least squares structural equation modeling.

The findings show that financial investment in cybersecurity, employee training and awareness and adherence to cybersecurity regulations significantly influence the adoption of robust cybersecurity practices. However, the relationship between organizational culture and cybersecurity practices is less straightforward. The research establishes a strong positive correlation between cybersecurity practices and e-government service quality, highlighting the role of security in fostering public trust and user satisfaction and meeting the evolving needs of citizens and businesses.

This research contributes valuable empirical evidence to the fields of e-government and cybersecurity, offering insights that can inform evidence-based policy decisions and resource allocation. By understanding the nuanced dynamics at play, Saudi Arabia is better poised to fortify its digital governance infrastructure and provide secure, high-quality e-government services to its constituents.

By providing an overview of the existing knowledge on public governance in the context of Construction 4.0, this review serves as a valuable resource for researchers, policymakers and practitioners interested in understanding the current state of public governance in the context of Construction 4.0 and identifying avenues for future research and practical implementation.

This article presents a systematic and comprehensive review of the academic literature on public governance in the context of Construction 4.0. To ensure a systematic and rigorous selection of source material, the study adopts the Preferred Reporting Items for Systematic Reviews and Meta-Analyses guidelines.

By examining a wide range of scholarly works, the review identifies and discusses eight recurring themes that are crucial for understanding the role of public governance in Construction 4.0. These themes include policy and regulation, infrastructure and investment, skill development and education, digital inclusion and access, collaboration and partnerships, data governance and privacy, interactions with environmental and societal goals and the impact of Construction 4.0 on public governance itself. The review highlights a significant disparity between the normative debates on the importance of public governance in Construction 4.0 and the empirical knowledge available regarding its practical implementation. While the literature emphasizes the need for effective governance mechanisms to address the challenges and opportunities presented by Construction 4.0, there is a notable lack of empirical research examining the actual implementation and outcomes of public governance strategies.

This is the first systematic review of academic literature on public governance in the context of Construction 4.0.

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.

The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.

The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.

The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.

The purpose of this paper is to investigate the cyber hygiene practices of remote workers.

This paper used two instruments: first, the Cyber Hygiene Inventory scale, which measures users’ information and computer security behaviors; second, the Recsem Inventory, developed within this paper’s context, to evaluate the cybersecurity measures adopted by organizations for remote workers. It was conducted on remote workers to examine their information security practices. The instrument was administered to a sample of 442 employees reached via the LinkedIn platform. Analyses were performed with SPSS v26, Python programming language and Seaborn library.

The findings indicate a significant correlation between the security measures implemented by companies and their employees’ cyber hygiene practices. A sector comparison revealed a significant difference in cyber hygiene levels between public and private sector workers.

This paper aims to provide policymakers with suggestions for enhancing the cyber hygiene of remote workers to facilitate compliance with corporate security protocols.

This paper’s conclusions highlight the importance of companies increasing their cybersecurity investments as remote work becomes more prevalent. This should consider not only corporate-level factors but also employees' information and computer security behaviors.

The logistics industry has undergone a tremendous transformation. This transformation is necessary to cope with the fundamental changes in customer expectations and the need for digitalization imposed by the pandemic, changes in the socioeconomic world, and innovative technology solutions. This paper aims to present digital transformation as an integrated framework for transforming the operating model and applying advanced solutions to the ecosystem of a quintile logistics (5PL) company. 5PL operators are typically an ecosystem. Loosely coupled or self-organized entities that collaborate in a symbiotic relationship represent this ecosystem. They aim to jointly develop capabilities, create innovative services or solutions, share knowledge, facilitate transactions, and leverage network synergies in a logistics environment to provide optimized or novel customer- or partner-centric solutions (Lamberjohann and Otto, 2020).

Currently, there is no single definition of an integrated logistics operations model in 5PL practice, so the qualitative method used in this paper allows for investigation from an exploratory perspective. The paper follows a qualitative research methodology, collecting and analyzing data/facts through interviews and visits to subject matter experts, industry practitioners, and academic researchers, combined with an extensive review of academic publications, industry reports, and written and media content from established organizations in the marketplace. This paper follows a qualitative research methodology, as it is an inquiry rather than a statistical study. The qualitative method allows the study of the concepts of phenomena and definitions, their characteristics, and the defining features that serve as the basis (Berg, 2007). It emphasizes generalized interpretation and deeper understanding of concepts, which would be more difficult in quantitative, statistically based research. Fact-finding was conducted in two ways: in-depth interviews with experts from academia, information and communication technology organizations, and key players in the logistics industry; and academic publications, industry reports, and written and media content from established national and international organizations in the market.

The operations model introduced considers six aspects: persons, processes, platforms, partners, protection and preservation. A virtual team approach can support the personal side of the 5PL ecosystem’s digital transformation. Managing a 5PL ecosystem should be based on collaborative planning, forecasting, and replenishment methods (Parsa et al., 2020). A digital platform can support trust among the stakeholders in the ecosystem. A blockchain solution can powerfully support the 5PL ecosystem from partner relationships’ points of view. The implementation of a cybersecurity reference model is important for protection (Bandari, 2023). Reverse logistics and an integrated approach support the preservation of the ecosystem.

While the author has experience applying the different components of the operations model presented, it would be interesting to find a 5PL that would use all the components presented in an integrated way. The operations model presented applies to any similar ecosystem with minor adaptations.

This paper addresses operations models and digital transformation challenges for optimizing 5PL operators. It provides several opportunities and considerations for 5PL operators interested in improving their management and operations to cope with the growing challenges of today’s world.

The competitiveness and long-term performance of 5PL operators depend on selecting and carefully implementing their operations models. This paper emphasizes the importance of using advanced operations models.

The operations model derives from the author’s personal experiences in research and the innovative application of these models to logistics operators (DHL, UPS, Poste Italiane and others). This paper brings together academic and industry perspectives and operations models in an integrated business digital transformation. This paper defines an original optimal operations model for a 5PL operator and can add sustainable value to organizations and society. In doing so, it outlines different solution requirements, the critical success factors and the challenges for solutions and brings logistical performance objectives when implementing a digital business transformation.

This paper aimed to test a proposed framework highlighting strategic green marketing initiatives and how they drive new technology implementation towards green corporate performance, underpinned by institutional isomorphism.

The study used a quantitative method and convenience sampling approach in gathering data using adapted questionnaires to solicit first-hand information from 225 employees of small and medium-sized enterprises (SMEs) in the tourism and hospitality sector underpinned by the theory of institutional isomorphism.

The study shows that green communication and green strategy alignment have significant predictive effects on new technology implementation. Cultural isomorphism significantly moderated the effects of implementing new technology (i.e. green communication and strategy alignment). In addition, “new technology implementation had a significant predictive effect on green corporate performance”. Meanwhile, the moderation effect of “green creative behaviour on the new technology-green corporate performance dyad was positive but insignificant.”

The study’s novel framework confirms how green communication strategy and green strategy alignment complement cultural isomorphism to explain the impact of new technology implementation on green corporate performance, underpinned by institutional isomorphism.

This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.

The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.

The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.

The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.

In the modern digital realm, while artificial intelligence (AI) technologies pave the way for unprecedented opportunities, they also give rise to intricate cybersecurity issues, including threats like deepfakes and unanticipated AI-induced risks. This study aims to address the insufficient exploration of AI cybersecurity awareness in the current literature.

Using in-depth surveys across varied sectors (N = 150), the authors analyzed the correlation between the absence of AI risk content in organizational cybersecurity awareness programs and its impact on employee awareness.

A significant AI-risk knowledge void was observed among users: despite frequent interaction with AI tools, a majority remain unaware of specialized AI threats. A pronounced knowledge difference existed between those that are trained in AI risks and those who are not, more apparent among non-technical personnel and sectors managing sensitive information.

This study paves the way for thorough research, allowing for refinement of awareness initiatives tailored to distinct industries.

It is imperative for organizations to emphasize AI risk training, especially among non-technical staff. Industries handling sensitive data should be at the forefront.

Ensuring employees are aware of AI-related threats can lead to a safer digital environment for both organizations and society at large, given the pervasive nature of AI in everyday life.

Unlike most of the papers about AI risks, the authors do not trust subjective data from second hand papers, but use objective authentic data from the authors’ own up-to-date anonymous survey.