Search results
1 – 10 of 461Kashmira Ganji and Nikhat Afshan
In response to the growing interest in Internet of Things (IoT) technology and its profound implications for businesses and individuals, this bibliometric study focuses on a…
Abstract
Purpose
In response to the growing interest in Internet of Things (IoT) technology and its profound implications for businesses and individuals, this bibliometric study focuses on a critical yet understudied aspect, i.e. cybersecurity. As IoT adoption grows, so do concerns regarding user privacy and data security. This study aims to provide a comprehensive understanding of the current research in this vital area, shedding light on research trends, gaps and emerging themes.
Design/methodology/approach
The study conducted a bibliometric analysis and systematic review of literature spanning over two decades (2013–2023). Bibliometric analysis is conducted using Biblioshiny which is R-software-based advanced analytical tool. Further, VOSviewer is used to conduct network analysis. The study highlights the evolving landscape of IoT cybersecurity, emphasizing interdisciplinary intersections and the ethical dimensions of IoT technologies.
Findings
The study uncovers crucial concerns related to IoT adoption, emphasizing the urgent need for comprehensive cybersecurity protocols. It identifies emerging themes such as artificial intelligence and blockchain integration, indicating a shift toward interdisciplinary solutions. Furthermore, the research highlights ethical gaps in current IoT discussions, emphasizing the importance of responsible innovation.
Research limitations/implications
Businesses can bolster their cybersecurity strategies, policymakers can craft informed regulations and researchers are encouraged to explore IoT’s ethical dimensions.
Originality/value
This study pioneers a nuanced analysis of IoT cybersecurity, filling a crucial gap in the existing business and management literature. By synthesizing a decade of scholarly work, it provides foundational insights for researchers, businesses and policymakers. The research not only informs academic discourse but also offers practical guidance for enhancing IoT security measures and fostering ethical innovation.
Details
Keywords
Michael J Rooney, Yair Levy, Wei Li and Ajoy Kumar
The increased use of Information Systems (IS) as a working tool for employees increases the number of accounts and passwords required. Despite being more aware of password…
Abstract
Purpose
The increased use of Information Systems (IS) as a working tool for employees increases the number of accounts and passwords required. Despite being more aware of password entropy, users still often participate in deviant password behaviors, known as “password workarounds” or “shadow security.” These deviant password behaviors can put individuals and organizations at risk, resulting in a data breach. This paper aims to engage IS users and Subject Matter Experts (SMEs), focused on designing, developing and empirically validating the Password Workaround Cybersecurity Risk Taxonomy (PaWoCyRiT) – a 2x2 taxonomy constructed by aggregated scores of perceived cybersecurity risks from Password Workarounds (PWWAs) techniques and their usage frequency.
Design/methodology/approach
This research study was a developmental design conducted in three phases using qualitative and quantitative methods: (1) A set of 10 PWWAs that were identified from the literature were validated by SMEs along with their perspectives on the PWWAs usage and risk for data breach; (2) A pilot study was conducted to ensure reliability and validity and identify if any measurement issues would have hindered the results and (3) The main study data collection was conducted with a large group of IS users, where also they reported on coworkers' engagement frequencies related to the PWWAs.
Findings
The results indicate that statistically significant differences were found between SMEs and IS users in their aggregated perceptions of risks of the PWWAs in causing a data breach, with IS users perceiving higher risks. Engagement patterns varied between the two groups, as well as factors like years of IS experience, gender and job level had statistically significant differences among groups.
Practical implications
The PaWoCyRiT taxonomy that the we have developed and empirically validated is a handy tool for organizational cyber risk officers. The taxonomy provides organizations with a quantifiable means to assess and ultimately mitigate cybersecurity risks.
Social implications
Passwords have been used for a long time to grant controlled access to classified spaces, electronics, networks and more. However, the dramatic increase in user accounts over the past few decades has exposed the realization that technological measures alone cannot ensure a high level of IS security; this leaves the end-users holding a critical role in protecting their organization and personal information. Thus, the taxonomy that the authors have developed and empirically validated provides broader implications for society, as it assists organizations in all industries with the ability to mitigate the risks of data breaches that can result from PWWAs.
Originality/value
The taxonomy the we have developed and validated, the PaWoCyRiT, provides organizations with insights into password-related risks and behaviors that may lead to data breaches.
Details
Keywords
Ifeyinwa Juliet Orji and Chukwuebuka Martinjoe U-Dominic
Cybersecurity has received growing attention from academic researchers and industry practitioners as a strategy to accelerate performance gains and social sustainability…
Abstract
Purpose
Cybersecurity has received growing attention from academic researchers and industry practitioners as a strategy to accelerate performance gains and social sustainability. Meanwhile, firms are usually prone to cyber-risks that emanate from their supply chain partners especially third-party logistics providers (3PLs). Thus, it is crucial to implement cyber-risks management in 3PLs to achieve social sustainability in supply chains. However, these 3PLs are faced with critical difficulties which tend to hamper the consistent growth of cybersecurity. This paper aims to analyze these critical difficulties.
Design/methodology/approach
Data were sourced from 40 managers in Nigerian 3PLs with the aid of questionnaires. A novel quantitative methodology based on the synergetic combination of interval-valued neutrosophic analytic hierarchy process (IVN-AHP) and multi-objective optimization on the basis of a ratio analysis plus the full multiplicative form (MULTIMOORA) is applied. Sensitivity analysis and comparative analysis with other decision models were conducted.
Findings
Barriers were identified from published literature, finalized using experts’ inputs and classified under organizational, institutional and human (cultural values) dimensions. The results highlight the most critical dimension as human followed by organizational and institutional. Also, the results pinpointed indigenous beliefs (e.g. cyber-crime spiritualism), poor humane orientation, unavailable specific tools for managing cyber-risks and skilled workforce shortage as the most critical barriers that show the highest potential to elicit other barriers.
Research limitations/implications
By illustrating the most significant barriers, this study will assist policy makers and industry practitioners in developing strategies in a coordinated and sequential manner to overcome these barriers and thus, achieve socially sustainable supply chains.
Originality/value
This research pioneers the use of IVN-AHP-MULTIMOORA to analyze cyber-risks management barriers in 3PLs for supply chain social sustainability in a developing nation.
Details
Keywords
Ahmed Ali Otoom, Issa Atoum, Heba Al-Harahsheh, Mahmoud Aljawarneh, Mohammed N. Al Refai and Mahmoud Baklizi
The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity…
Abstract
Purpose
The purpose of this paper is to present the educational computer emergency response team (EduCERT) framework, an integrated response mechanism to bolster national cybersecurity through collaborative efforts in the higher education sector. The EduCERT framework addresses this gap by enhancing cyber security and mitigating cybercrime through collaborative incident management, knowledge sharing and university awareness campaigns.
Design/methodology/approach
The authors propose an EduCERT framework following the design science methodology. The framework is developed based on literature and input from focus group experts. Moreover, it is grounded in the principles of the technology-organization-environment framework, organizational learning and diffusion of innovations theory.
Findings
The EduCERT has eight components: infrastructure, governance, knowledge development, awareness, incident management, evaluation and continuous improvement. The framework reinforces national cybersecurity through cooperation between universities and the National Computer Emergency Response Team. The framework has been implemented in Jordan to generate a cybersecurity foundation for higher education. Evaluating the EduCERT framework’s influence on national cybersecurity highlights the importance of adopting comprehensive cyber-security policies and controls. The framework application shows its relevance, effectiveness, adaptability and alignment with best practices.
Research limitations/implications
Despite the impact of applying the framework in the Jordanian context, it is essential to acknowledge that the proposed EduCERT framework’s practical implementation may encounter challenges specific to diverse international educational environment sectors. However, framework customization for global applicability could address varied educational institutions in other countries.
Practical implications
Furthermore, the proposed EduCERT framework is designed with universal applicability that extends beyond the specific country’s context. The principles and components presented in the framework can serve as valuable design advice for establishing collaborative and resilient cybersecurity frameworks in educational settings worldwide. Therefore, the research enhances the proposed framework’s practical utility and positions it as an invaluable contribution to the broader discourse on global cybersecurity in academia.
Originality/value
This paper enhances national cybersecurity in the higher education sector, addressing the need for a more integrated response mechanism. The EduCERT framework demonstrates its effectiveness, adaptability and alignment with best practices, offering valuable guidance for global educational institutions.
Details
Keywords
The growth of the internet, access to technology and rapid digital transformations have paved the way for developing attack surfaces for individuals and organizations. There is a…
Abstract
Purpose
The growth of the internet, access to technology and rapid digital transformations have paved the way for developing attack surfaces for individuals and organizations. There is a dire need to provide cybersecurity awareness most effectively. Gamification-based platforms have evolved to make cybersecurity education more engaging and effective. This study explores the gamification platforms available for cybersecurity training and awareness, the extent to which they are used and their benefits and challenges.
Design/methodology/approach
PRISMA 2020 was used to conduct the systematic literature review.
Findings
The study comprehends the game design elements and their role in the effectiveness of cybersecurity training and awareness. The study unveils that traditional education methodologies are insignificant in cybersecurity awareness, and gamification-based platforms are more beneficial. The paper summarizes the implications of the findings and further postulates future research directions.
Originality/value
This work comprehends the various forms of gamification platforms and frameworks available for cybersecurity training and will motivate further development of gamification platforms. This paper will help academia, private and public organizations and game designers enhance their gamification-based cybersecurity education interventions.
Details
Keywords
Naurin Farooq Khan, Hajra Murtaza, Komal Malik, Muzammil Mahmood and Muhammad Aslam Asadi
This research aims to understand the smartphone security behavior using protection motivation theory (PMT) and tests the current PMT model employing statistical and predictive…
Abstract
Purpose
This research aims to understand the smartphone security behavior using protection motivation theory (PMT) and tests the current PMT model employing statistical and predictive analysis using machine learning (ML) algorithms.
Design/methodology/approach
This study employs a total of 241 questionnaire-based responses in a nonmandated security setting and uses multimethod approach. The research model includes both security intention and behavior making use of a valid smartphone security behavior scale. Structural equation modeling (SEM) – explanatory analysis was used in understanding the relationships. ML algorithms were employed to predict the accuracy of the PMT model in an experimental evaluation.
Findings
The results revealed that the threat-appraisal element of the PMT did not have any influence on the intention to secure smartphone while the response efficacy had a role in explaining the smartphone security intention and behavior. The ML predictive analysis showed that the protection motivation elements were able to predict smartphone security intention and behavior with an accuracy of 73%.
Research limitations/implications
The findings imply that the response efficacy of the individuals be improved by cybersecurity training programs in order to enhance the protection motivation. Researchers can test other PMT models, including fear appeals to improve the predictive accuracy.
Originality/value
This study is the first study that makes use of theory-driven SEM analysis and data-driven ML analysis to bridge the gap between smartphone security’s theory and practice.
Details
Keywords
The purpose of this paper that will address in this paper are: how to implement and test a reliable Block-chain-based energy system for the EU energy payments and logistic? What…
Abstract
Purpose
The purpose of this paper that will address in this paper are: how to implement and test a reliable Block-chain-based energy system for the EU energy payments and logistic? What are the main results, impacts and implications of a Block-chain-based energy system for the EU energy payments and logistic?
Design/methodology/approach
The main aim of this study is to propose a Block-chain-based method to offer a secure, reliable and transparent method for energy logistic and payments for European Energy Transactions. To accomplish that aim, the research method of the study follows the design science research approach of smart contracts in the EU Energy logistic and payments. This research approach mainly consists of five sequential steps which are (1) problem and motivation identification, (2) solution objectives definition, (3) design and development and (4) demonstration and evaluation.
Findings
Results of data model demonstrate that the Block-chain-based energy system here can be used for any EU energy payments and logistics. Based on the data results of the model that mentioned above enhance the security and the integrity of the energy payments and logistic by using cryptographic techniques and consensus mechanisms to prevent and detect any tampering or falsification of the data on the Block-chain.
Originality/value
This paper represents a genuine piece of research that contributes to the field by providing new insights and understanding. The findings presented are the result of rigorous analysis and have not been previously published or submitted elsewhere for consideration.
Details
Keywords
Amruta Chandrakant Amune and Himangi Pande
Security is the major issue that motivates multiple scholars to discover security solutions apart from the advantages of wireless sensor networks (WSN) such as strong…
Abstract
Purpose
Security is the major issue that motivates multiple scholars to discover security solutions apart from the advantages of wireless sensor networks (WSN) such as strong compatibility, flexible communication and low cost. However, there exist a few challenges, such as the complexity of choosing the expected cluster, communication overhead, routing selection and the energy level that affects the entire communication. The ultimate aim of the research is to secure data communication in WSN using prairie indica optimization.
Design/methodology/approach
Initially, the network simulator sets up clusters of sensor nodes. The simulator then selects the Cluster Head and optimizes routing using an advanced Prairie Indica Optimization algorithm to find the most efficient communication paths. Sensor nodes collect data, which is securely transmitted to the base station. By applying prairie indica optimization to WSNs, optimize key aspects of data communication, including secure routing and encryption, to protect sensitive information from potential threats.
Findings
The Prairie Indica Optimization, as proposed, achieves impressive results for networks comprising 50 nodes, with delay, energy and throughput values of 77.39 ms, 21.68 J and 22.59 bps. In the case of 100-node networks, the achieved values are 80.95 ms, 27.74 J and 22.03 bps, significantly surpassing the performance of current techniques. These outcomes underscore the substantial improvements brought about by the Prairie Indica Optimization in enhancing WSN data communication.
Originality/value
In this research, the Prairie Indica Optimization is designed to enhance the security of data communication within WSN.
Details
Keywords
Mohammad A. Hassanain, Ali Al-Marzooq, Adel Alshibani and Mohammad Sharif Zami
This paper evaluates the factors influencing the utilization of the Internet of Things (IoT) for sustainable facilities management (SFM) practices in Saudi Arabia.
Abstract
Purpose
This paper evaluates the factors influencing the utilization of the Internet of Things (IoT) for sustainable facilities management (SFM) practices in Saudi Arabia.
Design/methodology/approach
A mixed approach, combining a literature review, pilot-testing and questionnaire survey, was adopted to evaluate the factors. Twenty-seven factors were identified and grouped into four groups: technical, business and organizational, operational and security and privacy. The questionnaire was distributed to 30 facilities managers and 30 IoT specialists, totaling 60 practitioners, to determine the effect index of each factor. The practitioners' consensus on the ranking of the factors was then determined.
Findings
The study identifies the top-ranking factors as: “Difficulty in ensuring data security and protection,” “Difficulty in ensuring data privacy and confidentiality” and “Limited awareness and understanding of IoT benefits and capabilities.” These factors highlight the challenges to successful IoT implementation in the FM sector. The FM sector could benefit from utilizing IoT while maintaining the security, privacy and effectiveness of building operations by successfully addressing these concerns. A high level of consensus on the ranking of the factors was observed between facilities managers and IoT specialists. This was substantiated by a Spearman’s rank correlation coefficient of 0.79.
Originality/value
This study enriches the literature by combining practical insights from facilities managers with technical expertise from IoT specialists on the factors impacting IoT implementation in the Saudi Arabian FM sector. Beyond academic contributions, it provides practical insights for industry professionals, fostering a culture of knowledge-sharing and guiding future research in this field.
Details
Keywords
Dien Van Tran, Phuong Van Nguyen, Demetris Vrontis, Sam Thi Ngoc Nguyen and Phuong Uyen Dinh
Government employees must comply with policies on information security regulations, online security practices, social networking usage, internet addiction, online cyberthreats and…
Abstract
Purpose
Government employees must comply with policies on information security regulations, online security practices, social networking usage, internet addiction, online cyberthreats and other related habits. These activities are considered cybersecurity behaviors. Government social media (GSM) accounts are increasingly used to educate employees about cybersecurity risks. To support the effectiveness of cybersecurity practices in government organizations, the purpose of this study is to investigate the impacts of GSM and organizational policy compliance on employees’ cybersecurity awareness, motivation and behaviors.
Design/methodology/approach
Data were obtained by administering a questionnaire survey to public personnel in Vietnam. A total of 330 valid responses were obtained, and the research hypotheses were tested using partial least squares–structural equation modeling.
Findings
First, cybersecurity awareness enhances information protection motivation and employee protective behavior. Second, GSM has positive impacts on cybersecurity knowledge and information protection motivation. Third, there is a strong positive association between information protection motivation and employee protective behavior. Finally, while organizational compliance significantly increases cybersecurity awareness, its impact on employee protective behavior is ind irect.
Originality/value
This research enhances the literature on the behavioral dimension of cybersecurity. The primary objective of this study is to assess the influence of cybersecurity awareness on protective behaviors rather than intents and attitudes alone. Furthermore, this research integrates protection motivation theory and cultivation theory to provide a more thorough assessment of cybersecurity awareness and protective behavior. By investigating the impact of GSM on the level of cybersecurity awareness among employees within government organizations, this study provides valuable insights into the efficacy of recent governmental initiatives aimed at fostering cybersecurity.
Details