Search results

The aim of this study is to encourage management boards to recognize that employees play a major role in the management of information security. Thus, these issues need to be addressed efficiently, especially in organizations in which data are a valuable asset.

Before developing the instrument for the survey, first, effective measurement built upon existing literature review was identified and developed and the survey questionnaires were set according to past studies and the findings based on qualitative analyses. Data were collected by using cross-sectional questionnaire and a Likert scale, whereby each question was related to an item as in the work of Witherspoon et al. (2013). Data analysis was done using the SPSS.3B.

Based on the results from three surveys and findings, a principle of information security compliance practices was proposed based on the authors’ proposed nine-five-circle (NFC) principle that enhances information security management by identifying human conduct and IT security-related issues regarding the aspect of information security management. Furthermore, the authors’ principle has enabled closing the gap between technology and humans in this study by proving that the factors in the present study’s finding are interrelated and work together, rather than on their own.

The main objective of this study was to address the lack of research evidence on what mobilizes and influences information security management development and implementation. This objective has been fulfilled by surveying, collecting and analyzing data and by giving an account of the attributes that hinder information security management. Accordingly, a major practical contribution of the present research is the empirical data it provides that enable obtaining a bigger picture and precise information about the real issues that cause information security management shortcomings.

In this sense, despite the fact that this study has limitations concerning the development of a diagnostic tool, it is obviously the main procedure for the measurements of a framework to assess information security compliance policies in the organizations surveyed.

The present study’s discoveries recommend in actuality that using flexible tools that can be scoped to meet individual organizational needs have positive effects on the implementation of information security management policies within an organization. Accordingly, the research proposes that organizations should forsake the oversimplified generalized guidelines that neglect the verification of the difference in information security requirements in various organizations. Instead, they should focus on the issue of how to sustain and enhance their organization’s compliance through a dynamic compliance process that involves awareness of the compliance regulation, controlling integration and closing gaps.

The rapid growth of information technology (IT) has created numerous business opportunities. At the same time, this growth has increased information security risk. IT security risk is an important issue in industrial sectors, and in organizations that are innovating owing to globalization or changes in organizational culture. Previously, technology-associated risk assessments focused on various technology factors, but as of the early twenty-first century, the most important issue identified in technology risk studies is the human factor.

This study aims to identify the implications of security behaviour determinants for security management to propose respective guidelines which can be integrated with current security management practices, including those following the widely adopted information security standards ISO 27001, 27002, 27003 and 27005.

Based on an exhaustive analysis of related literature, the authors identify critical factors influencing employee security behaviour and ISP compliance. The authors use these factors to perform a gap analysis of widely adopted information security standards ISO 27001, 27002, 27003 and 27005 and identify issues not covered or only partially addressed. Drawing on the implications of security behaviour determinants and the identified gaps, the authors provide guidelines which can enhance security management practices.

The authors uncover the factors shaping security behaviour barely or partly considered in the ISO information security standards ISO 27001, 27002, 27003 and 27005, including top management participation, accommodating individual characteristics, embracing the cultural context, encouraging employees to comply out of habit and considering the cost of compliance. Furthermore, the authors provide guidelines to security managers on enhancing their security management practices when implementing the above ISO Standards.

This study offers guidelines on how to create and design security management practices whilst implementing ISO standards (ISO 27001, ISO 27002, ISO 27003, ISO 27005) so as to enhance ISP compliance.

This study analyses the role and implications of security behaviour determinants, discusses discrepancies and conflicting findings in related literature, provides a gap analysis of commonly used information security standards (ISO 27001, 27002, 27003 and 27005) and proposes guidelines on enhancing security management practices towards improving ISP compliance.

This paper aims to investigate empirically whether Islamic securities enhance economic growth in the Southeast Asian region based on the endogenous growth theory using the non-parametric analysis.

This paper applies panel quantile regression with Markov chain Monte Carlo optimization as an optimal non-parametric approach to investigate the effect of Islamic securities on economic growth starting from 2013Q4 to 2019Q4 in Southeast Asia. Total issued Islamic securities holdings are employed as a measure for Islamic securities, while the gross domestic product is employed as a proxy for economic growth. The sample includes all working Islamic financial foundations in the top progressive Islamic securities markets' countries of Southeast Asia (Malaysia, Indonesia and Brunei Darussalam).

The findings confirm that the increase of issuing Islamic securities in Islamic capital markets of Southeast Asia is increasing the levels of economic growth, reflecting the weighty role of the Islamic capital market development as an active contributor to economic growth.

This research would fill the literature gap by exploring Islamic securities–economic growth nexus in Southeast Asia using a robust non-parametric approach based on the endogenous growth theory for better estimation results. The findings of this review serve as a roadmap for financial analysts, policymakers and decision makers to stimulate the Islamic securities markets as another source of finance which can promote the economic growth.

This research is the first that investigates empirically the Islamic securities–economic growth nexus in Southeast Asia using a new empirical investigation built on the non-parametric analysis and outlined within the theoretical context of the endogenous growth model to gain robust evidence about this nexus.

In today's digital economy, information secrecy is one of the essential apprehensions for businesses. Because of the uncertainty and multiple interpretations, most of the reviewed literature regarding business decision‐making revealed that decisions tend to be more fluid, inaccurate, and informal. Recently, the number of organizations that have disclosed their information has been raised. The aim of this research is to theorize and empirically measure the effects of information disclosure on the accuracy of business decision‐making.

This study presents a proposed conceptual framework, which assists businesses in evaluating the extent to which information secrecy has a substantial effect on decision‐making accuracy. The primary research purpose is explanatory and the conceptual framework was empirically tested to measure the effects of the proposed five independent variables: information security rules and regulations, secured internal and external business communication, security consciousness management support, business security culture, and superior deterrent efforts on efficient information security, the consequences of which on accurate decision‐making processes are considered a dependent variable.

The results of this study, which are based on the use of the proposed conceptual framework, indicate that information security has a substantial effect on generating accurate, effective and efficient business decisions. Information security could undermine decision accuracy when information collected has little effect on the purpose and time of decisions.

The findings of this study present some insights into the strategic choices of any organizations and, to improve the efficiency of the decisions taken, they must improve the level and efficiency of information secrecy.

The purpose of this paper is to apply security policies over the mobile ad hoc networks. A mobile ad hoc network refers to infrastructure-less, persistently self-designing systems; likewise, there is a noteworthy innovation that supplies virtual equipment and programming assets according to the requirement of mobile ad hoc network.

It faces different execution and effectiveness-based difficulties. The major challenge is the compromise of performance because of unavailable resources with respect to the MANET. In order to increase the MANET environment’s performance, various techniques are employed for routing and security purpose. An efficient security module requires a quality-of-service (QoS)-based security policy. It performs the task of routing and of the mobile nodes, and it also reduces the routing cost by finding the most trusted node.

The experimental results specify that QoS-based security policy effectively minimizes the cost, response time as well as the mobile makespan (routing cost and response time) of an application with respect to other existing approaches.

In this paper, the authors proposed an enhancement of Cross Centric Intrusion Detection System named as PIHNSPRA Routing Algorithm (PIHNSPRA).

It maps the security with the secure IDS communication and distributes the packets among different destinations, based on priority. This calculation is proposed for the purpose of routing and security by considering greatest throughput with least routing cost and reaction time.

When the concept is applied to practical applications. Quality of Service introduced in the proposed research reduces the cost of routing and improves the throughput.

The proposed calculation is tested by NS2 simulator and the outcomes showed that the execution of the calculation is superior to other conventional algorithms.

This study aims to determine the impacts of the Bahrain Government framework [cyber-trust program (CTP)] on the cybersecurity maturity of government entities and how the CTP can impact the cybersecurity of government entities in the Kingdom of Bahrain.

The authors used a quantitative and qualitative approach. The data were collected by conducting semi-structured interviews with the information technology experts in the Bahrain Government entities participating in the CTP. Also, quantitative data was obtained through a questionnaire distributed to relevant people in the information technology field.

The findings of this study suggest that the CTP had a significant impact on the cybersecurity assurance of the government entities that participated in the CTP; it increased the employees’ awareness, reduced the number of cyberattacks and optimized the available resources. The findings also highlighted the role of top management in the success of the implementation of the CTP. The results also ensure that the CTP’s maturity model affected the cybersecurity compliance of an organization and the implementation of cybersecurity policies and controls.

This study enhances cybersecurity researchers’ and practitioners’ understanding of the impact of the CTP and its components and evaluates its influence on Bahrain’s cybersecurity assurance.

This study implies that to achieve better cybersecurity, managers should focus on implementing the policies and controls provided by cybersecurity frameworks to enhance cybersecurity assurance.

This study aims to examine the relationship between blockchain technology (BCT) adoption and firm performance (FIP) mediated by cyber-security risk management (CSRM) in the context of Vietnam, a developing country. Besides, the mediating effect of risk-taking tendency (RTT) has been considered in the BCT–CSRM nexus.

Data is collected using a survey questionnaire of Vietnamese financial firms through strict screening steps to ensure the representativeness of the population. The ending pattern of 449 responses has been used for analysis.

The findings of partial least squares structural equation modeling demonstrated that CSRM has a positive effect on FIP and acts as a mediator in the BCT–FIP nexus. Furthermore, RTT moderates the relationship between BCT and CSRM significantly.

This study introduces the attractive attributes of applying BCT to CSRM. Accordingly, managers should rely on BCT and take advantage of it to improve investment resources, business activities and functional areas to enhance their firm's CSRM. Especially, managers should pay attention to enhancing their RTT, which improves FIP.

This study supplements the previous literature in the context of CSRM by indicating favorable effects of BCT and RTT. Additionally, this study identifies the effectiveness of RTT as well as its moderating role. Ultimately, this paper has been managed as a pioneering empirical study that integrates BCT, RTT and CSRM in the same model in a developing country, specifically Vietnam.

Providing high-quality e-banking services is considered a basic strategy for attracting and retaining customers with electronic-banking platforms. The purpose of this paper is to empirically investigate a comprehensive moderated mediated mechanism for enhancing customer loyalty toward e-banking platforms via e-banking service quality (EBSQ) practices. Reliability, website design, privacy and security and customer service and support are the dimensions of EBSQ.

Data were collected through structured questionnaires from a sample of 1,028 e-banking users in India. To test the hypotheses, a structural equation modeling approach was used.

The findings showed that of the EBSQ dimensions, reliability along with privacy and security enhanced customer loyalty to e-banking. The initial trust in e-banking mediates the effects of EBSQ dimensions on customer loyalty except for website design. The mediation effects of initial trust varied between high and low-involved consumers.

This study was conducted with e-banking users in one country using cross-sectional data. Hence, the model should be replicated among e-banking users in other countries and with the longitudinal data.

Establishing a loyal customer base is an important goal for banks. This study demonstrates which specific EBSQ dimensions banks should emphasize to enhance consumers’ initial trust and loyalty toward e-banking services.

This study suggests a moderated mediated mechanism for enhancing customer loyalty to e-banking, which incorporates initial trust as a mediator and consumer involvement as a moderator. It applies cognitive-motivation-relational theory to link EBSQ dimensions with customer loyalty. Thus, this study enables a better understanding of this theory in the e-banking context.

The basis for this study on electronic transferable records (ETRs) in the context of digitalizing cross-border trade is established in this chapter. It illustrates how the growing trend toward paperless trade and technological improvements is changing trade operations. This chapter focuses on the need to look into ETRs because of their capacity to influence business transactions while navigating complex legal issues. The specific goals of the study are outlined, including a review of the advantages, legality, difficulties and best practices of ETRs. This study aims to shed light on the possible advantages and disadvantages of ETRs, the legal framework that controls their use and the best practices for their efficient implementation. This study also seeks to provide informative recommendations for businesses and people that are considering using ETRs.

This study explores the evolving world of ETRs and their crucial function in international trade. Multidimensional technique is used to examine the transformative potential of ETRs from a variety of research angles. The research design is based on a comprehensive evaluation of the literature that includes a wide range of reliable sources, including academic papers, business reports and legal documents. The comprehensive retrieval of essential material is ensured through keyword searches in renowned academic databases and industry resources. The qualitative synthesis of secondary sources further enhances this methodology and allows for a complex examination of the implications of ETRs. The case study analysis provides practical information on the benefits, hazards and practical applications of ETRs. Multifaceted aspects are uncovered via a thematic approach and qualitative investigation, including potential advantages, hazards, implementation plans and regulatory frameworks.

ETRs offer a range of potential advantages for cross-border trade, encompassing augmented efficiency, reduced costs and heightened security. Nonetheless, their implementation also presents legal challenges and risks, spanning security and privacy concerns, legal ambiguities and technical complexities. Consequently, it is crucial for individuals and businesses to meticulously assess and mitigate these risks through the integration of robust security protocols, staying informed about legal developments and adhering to pertinent regulatory stipulations. In spite of these hurdles, the trajectory of ETR adoption is anticipated to remain on an upward trajectory, driven by increasing recognition of their potential benefits and the concurrent evolution of legal frameworks and technical standards.

Research limitations included the following: lack of adoption of ETRs internationally; and legal diversity and different legal systems results in different consideration of the ETRs. It makes reaching a unified ETR system more difficult.

It is necessary to develop clear policies and procedures and establish well-defined policies and procedures governing ETR use. These should encompass security guidelines, data protection measures and adherence to legal mandates. Regular review and updates are imperative. Stay current on legal developments: In light of the continuously evolving legal and regulatory landscape pertaining to ETRs, businesses and individuals must stay abreast of pertinent changes and seek professional counsel when necessary. Collaborate with partners and stakeholders: To ensure harmonization and standardization in ETR deployment, active collaboration with partners, regulators and industry associations is vital.

Enhance awareness and education: Investment in awareness and educational initiatives is crucial. Decision-makers should organize training programs, workshops and seminars to enhance understanding of ETRs’ potential benefits in cross-border trade among stakeholders. Socially, the use of ETR can achieve several political advantages for the society. It minimizes risks of corruption through enhancing tracing and auditing abilities for relevant authorities making it more difficult to engage in corrupt practices. That can promote integrity within government and public procurement system.

The development of standardized technical frameworks and interoperable platforms for ETRs could enhance their seamless integration into existing trade systems. Additionally, investigating the integration of emerging technologies like blockchain, IoT and AI into ETR ecosystems could unlock innovative solutions to security, authenticity and data management concerns. This study examines how ETRs can radically alter how trade is conducted on a global scale. This paper examines ETRs’ role in improving cross-border trade digitization by examining their advantages, legal difficulties and implementation techniques. The conclusions will aid firms, decision-makers and attorneys in navigating the constantly changing world of trade agreements. The study’s ultimate goal is to offer takeaways that support effective, secure and legally compliant integration of ETRs, ensuring that they operate as a catalyst for improved global trade efficacy and efficiency.

The authors seek to understand the formation of control- and security-related identities among organizational employees through and interpretive narrative analysis. The authors also seek to identify how the identities form over time and across contexts. Several identities are identified as well as the changes that may occur in the identities.

Few interpretive or critical studies exist in behavioral information security research to represent employee perspectives of power and control. Using qualitative interviews and narrative analysis of the interview transcripts, this paper analyzes the security- and control-related identities and values that employees adopt in organizational settings.

Two major categories of behavioral security compliance identities were identified: compliant and noncompliant. Specific identities within the compliant category included: faithful follower vs the reasoned follower, and other-preserving versus the self-preserving identities. The noncompliant category included: anti-authority identity, utilitarian identity, trusting identity and unaware identity. Furthermore, three patterns of identity changes were observed.

The authors’ narrative stories suggest that employee identities are complex and multi-faceted, and that they may be fluid and adaptive to situational factors. Future research should avoid assumptions that all employees are the same or that employee beliefs remain constant over time or in different contexts. Identities are also strongly rooted in individuals' rearing and other life experiences. Thus, security control is far broader than is studied in behavioral studies. The authors find that history matters and should be examined carefully.

The authors’ study provides insights that managers can use to enhance security initiatives. It is clear that different employees build different control-related identities. Managers must understand that their employees are unique and will not all respond to policies, punishments, and other forms of control in the same way. The narratives also suggest that many organizations lack appropriate programs to enhance employees' awareness of security issues.

The authors’ narrative analysis suggests that employee security identities are complex and multi-faceted, and that they are fluid and adaptive to situational factors. Research should avoid assumptions that all employees are the same or that their beliefs remain constant over time or in different contexts. Identities are also strongly rooted in individuals' rearing and other life experiences. Their history matters and should be examined carefully.