Search results
1 – 10 of 865Santhosh Srinivas and Huigang Liang
While every firm is striving to embrace digital transformation (DT) to form new differentiating business capabilities, there are dark sides to such initiatives, and it is…
Abstract
Purpose
While every firm is striving to embrace digital transformation (DT) to form new differentiating business capabilities, there are dark sides to such initiatives, and it is essential to acknowledge, identify and address them. The purpose of this paper is to identify and emperically demonstrate the impact of such darksides of DT. While a firm's DT effort may have many dark sides, the authors identify data breaches as the most critical one and focus on proving their impact since it can inflict significant damage to the firm.
Design/methodology/approach
Through the lens of paradox theory, the authors argue that the DT efforts of a firm will lead to increased risk and severity of data breaches. The authors developed a one-of-a-kind longitudinal data set by combining data from multiple sources, including 3604 brands over a 10-year period, and employed a DT performance scorecard to evaluate a firm's DT effort across four key digital selling touchpoints: site, mobile, digital marketing and social media.
Findings
The findings of this study show that a firm's DT efforts pertaining to its mobile and digital marketing platforms significantly increase the likelihood and severity of a data breach event indicating that these two channels are most vulnerable and need heightened attention from firms. Furthermore, the findings suggest that the negative repercussions of some DT initiatives may be minimized as the firm becomes more innovative. The findings can help firms re-strategize their DT efforts by promoting security and also encouraging a balanced communication strategy.
Originality/value
This research is one of the first to identify, recognize and empirically illustrate the downsides of a DT effort that is otherwise thought to provide only benefits.
Details
Keywords
Data breaches are an increasing phenomenon in today's digital society. Despite the preparations an organization must take to prevent a data breach, it is still necessary to…
Abstract
Purpose
Data breaches are an increasing phenomenon in today's digital society. Despite the preparations an organization must take to prevent a data breach, it is still necessary to develop strategies in the event of a data breach. This paper explores the key recovery areas necessary for data breach recovery.
Design/methodology/approach
Stakeholder theory and three recovery areas (customer, employee and process recovery) are proposed as necessary theoretical lens to study data breach recovery. Three data breach cases (Anthem, Equifax, and Citrix) were presented to provide merit to the argument of the proposed theoretical foundations of stakeholder theory and recovery areas for data breach recovery research.
Findings
Insights from these cases reveal four areas of recovery are necessary for data breach recovery – customer recovery, employee recovery, process recovery and regulatory recovery.
Originality/value
These areas are presented in the data recovery areas model and are necessary for: (1) organizations to focus on these areas when resolving data breaches and (2) future data breach recovery researchers in developing their research in the field.
Details
Keywords
Erik Framner, Simone Fischer-Hübner, Thomas Lorünser, Ala Sarah Alaqra and John Sören Pettersson
The purpose of this paper is to develop a usable configuration management for Archistar, which utilizes secret sharing for redundantly storing data over multiple independent…
Abstract
Purpose
The purpose of this paper is to develop a usable configuration management for Archistar, which utilizes secret sharing for redundantly storing data over multiple independent storage clouds in a secure and privacy-friendly manner. Selecting the optimal secret sharing parameters, cloud storage servers and other settings for securely storing the secret data shares, while meeting all of end user’s requirements and other restrictions, is a complex task. In particular, complex trade-offs between different protection goals and legal privacy requirements need to be made.
Design/methodology/approach
A human-centered design approach with structured interviews and cognitive walkthroughs of user interface mockups with system administrators and other technically skilled users was used.
Findings
Even technically skilled users have difficulties to adequately select secret sharing parameters and other configuration settings for adequately securing the data to be outsourced.
Practical implications
Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.
Originality/value
The authors present novel human computer interaction (HCI) guidelines for a usable configuration management, which propose to automatically set configuration parameters and to solve trade-offs based on the type of data to be stored in the cloud. Through these automatic settings, not only system administrators but also non-technical users will be able to easily derive suitable configurations.
Details
Keywords
Alexandre Cappellozza, Gustavo Hermínio Salati Marcondes de Moraes, Gilberto Perez and Alessandra Lourenço Simões
This paper aims to investigate the influence of moral disengagement, perceived penalty, negative experiences and turnover intention on the intention to violate the established…
Abstract
Purpose
This paper aims to investigate the influence of moral disengagement, perceived penalty, negative experiences and turnover intention on the intention to violate the established security rules.
Design/methodology/approach
The method used involves two stages of analysis, using techniques of structural equation modeling and artificial intelligence with neural networks, based on information collected from 318 workers of organizational information systems.
Findings
The model provides a reasonable prediction regarding the intention to violate information security policies (ISP). The results revealed that the relationships of moral disengagement and perceived penalty significantly influence such an intention.
Research limitations/implications
This research presents a multi-analytical approach that expands the robustness of the results by the complementarity of each analysis technique. In addition, it offers scientific evidence of the factors that reinforce the cognitive processes that involve workers’ decision-making in security breaches.
Practical implications
The practical recommendation is to improve organizational communication to mitigate information security vulnerabilities in several ways, namely, training actions that simulate daily work routines; exposing the consequences of policy violations; disseminating internal newsletters with examples of inappropriate behavior.
Social implications
Results indicate that information security does not depend on the employees’ commitment to the organization; system vulnerabilities can be explored even by employees committed to the companies.
Originality/value
The study expands the knowledge about the individual factors that make information security in companies vulnerable, one of the few in the literature which aims to offer an in-depth perspective on which individual antecedent factors affect the violation of ISP.
Details
Keywords
Ornella Tanga Tambwe, Clinton Ohis Aigbavboa and Opeoluwa Akinradewo
Data represents a critical resource that enables construction companies’ success; thus, its management is very important. The purpose of this study is to assess the benefits of…
Abstract
Purpose
Data represents a critical resource that enables construction companies’ success; thus, its management is very important. The purpose of this study is to assess the benefits of construction data risks management (DRM) in the construction industry (CI).
Design/methodology/approach
This study adopted a quantitative method and collected data from various South African construction professionals with the aid of an e-questionnaire. These professionals involve electrical engineers, quantity surveyors, architects and mechanical, as well as civil engineers involved under a firm, or organisation within the province of Gauteng, South Africa. Standard deviation, mean item score, non-parametric Kruskal–Wallis H test and exploratory factor analysis were used to analyse the retrieved data.
Findings
The findings revealed that DRM enhances project and company data availability, promotes confidentiality and enhances integrity, which are the primary benefits of DRM that enable the success of project delivery.
Research limitations/implications
The research was carried out only in the province of Gauteng due to COVID-19 travel limitations.
Practical implications
The construction companies will have their data permanently in their possession and no interruption will be seen due to data unavailability, which, in turn, will allow long-term and overall pleasant project outcomes.
Originality/value
This study seeks to address the benefits of DRM in the CI to give additional knowledge on risk management within the built environment to promote success in every project.
Details