Search results

The threat of cybercrime is pervasive. Corporations cannot be convinced, out of sheer luck or naïve conviction, that they will remain unaffected. When targeted, the stark reality is that a company also incurs a liability risk. This paper aims to explore the boundaries of liability resulting from a data breach and privacy concerns according to the emerging regulations on cybersecurity.

The nature of cybercrime and its constant evolution is analysed as a threat of liability. Its distinctly modern developments require consideration. In response to the threat of hackers, the protection that a corporation can invoke is also considered as a mitigating factor in ascribing liability.

Preventative steps to protect a corporation from cyberthreats must remain a consistent priority in the running of a company. The influence of human behaviour has become a foreseeable element in cybersecurity and as such the management of unreliable user behaviour is a key determining factor in ascribing liability in hindsight.

Foresight is everything in the prevention of cyberattacks. Cyberattacks can no longer be dismissed as an unlikely eventuality. Legislation on data security and data privacy is demanding higher standards of preventative action, under the duty of care to stakeholders. There is a substantial literature deficit on data security and data liability regulations in light of the liability risk incurred by cyberattacks.

This paper aims to develop a framework for critical information infrastructure (CII) protection in smart government, an alternative measure for common cybersecurity frameworks such as NIST Cybersecurity Framework and ISO 27001. Smart government is defined as the government administration sector of CII due to its similarity as a core of smart technology.

To ensure the validity of the data, the research methodology used in this paper follows the predicting malfunctions in socio-technical systems (PreMiSTS) approach, a variation of the socio-technical system (STS) approach specifically designed to predict potential issues in the STS. In this study, PreMiSTS was enriched with observation and systematic literature review as its main data collection method, thematic analysis and validation by experts using fuzzy Delphi method (FDM).

The proposed CII protection framework comprises several dimensions: objectives, interdependency, functions, risk management, resources and governance. For all those dimensions, there are 20 elements and 41 variables.

This framework can be an alternative guideline for CII protection in smart government, particularly in government administration services.

The author uses PreMiSTS, a socio-technical approach combined with thematic analysis and FDM, to design a security framework for CII protection. This combination was designed as a mixed-method approach to improve the likelihood of success in an IT project.

Board gender diversity is an important component of sound corporate governance. This paper aims to examine the influence that female board directors in listed firms in Korea have on effective investment decisions.

The authors used 4,117 data items related to finance and governance from FnGuide for listed Korean firms between 2014 and 2019. The authors analyzed the data using Heckman’s two-stage regression, controlling the ordinary least square regression and endogeneity, to resolve the problem of selection bias. Gender diversity was measured using the existence/absence of female directors on boards (dummy variable) and the ratio of female directors on boards (BLAUt-1 index and SHANNONt-1 index).

Female board directors influenced the suppression of under-investment for the enhancement of corporate value, but not the suppression of over-investment. Additionally, female directors played a complementary role in under-investment to mitigate corporate risk, but not in intra-industry competition. Kanter’s classification of board types indicated that the skewed board and tilted board have a significant effect on under-investment and play a complementary role in corporate risk.

First, this study is about only Korean firms. Second, this study relies on corporate actual data but does not account for the factors that affect human behavior or how such behaviors can evolve. Third, the authors included as many appropriate variables as possible when setting the research model, but there may be missing correlation variables.

The authors’ results have policy implications, as they can be used as a basis to establish policies related to gender diversity in Korea, where there are currently insufficient empirical studies on women’s participation on the boards of directors. Moreover, with the amended FISCMA, which mandates that firms must hire at least one female director, Korean firms need to implement practical employment policies that can benefit firms, by selecting capable female directors rather than engaging in tokenism.

This study empirically examines gender diversity in the boards of Korean firms that have implemented the female quota system for the first time and considers female board directors’ roles in undertaking effective corporate investment decisions. This insight can guide change management and help firms avoid tokenism – a possible corporate response to pressures arising from the debates about feminism in Korea and gender diversity legislation.

The purpose of this paper is to investigate the applicability of cloud computing (CC) and the challenges that contribute to more successful projects with a major sustainable construction development.

The previous studies provided information on CC implementation barriers, which were then evaluated by 104 construction stakeholders through a questionnaire survey. As a result, the exploratory factor analysis (EFA) approach was used to investigate these barriers. Furthermore, a partial least square structural equation model was used to build a model of these barriers (PLS-SEM).

The EFA results revealed that the above-noted factors are in a close relation with three key components, i.e. social, economic and communication. In addition, the proposed model results found the social barrier a key challenge to the implementation of CC.

The results from this study can help decision-makers to improve the approaches regarding data fragmentation that has great effects on the execution of all construction projects. The focus of the paper is to enhance the data fragmentation processes. In addition, the results would be useful to strengthen the sustainability of existing construction projects by enhancing the implementation of CC.

The novelty of this research work will provide a solid foundation for critically assessing and appreciating the different barriers affecting the adoption of CC.

This study aims to assess the essential elements of internal organisational capability that influence the cybersecurity effectiveness of a construction firm. An extended McKinsey 7S model is used to analyse the relationship between a construction firm's cybersecurity effectiveness and nine internal capability elements: shared values, strategy, structure, systems, staff, style, skills, relationships with third parties and regulatory compliance.

Based on a quantitative research strategy, this study collected data through a cross-sectional survey of professionals working in the construction sector in the United Kingdom (UK). The collected data was analysed using descriptive and inferential statistical methods.

The findings underlined systems, regulatory compliance, staff and third-party relationships as the most significant elements of internal organisational capability influencing a construction firm's cybersecurity effectiveness, organised in order of importance.

Future research possibilities are proposed including the extension of the proposed diagnostic model to consider additional external factors, examining it under varying industrial relationship conditions and developing a dynamic framework that helps improve cybersecurity capability levels while overseeing execution outcomes to ensure success.

The extended McKinsey 7S model can be used as a diagnostic tool to assess the organisation's internal capabilities and evaluate the effectiveness of implemented changes. This can provide specific ways for construction firms to enhance their cybersecurity effectiveness.

This study contributes to the field of cybersecurity in the construction industry by empirically assessing the effectiveness of cybersecurity in UK construction firms using an extended McKinsey 7S model. The study highlights the importance of two additional elements, third-party relationships and construction firm regulatory compliance, which were overlooked in the original McKinsey 7S model. By utilising this model, the study develops a concise research model of essential elements of internal organisational capability that influence cybersecurity effectiveness in construction firms.