Search results

1 – 10 of 115
To view the access options for this content please click here
Article
Publication date: 11 February 2019

Mohamed Abdelhamid, Victoria Kisekka and Spyridon Samonas

The purpose of this study is to understand why individuals choose to avoid using e-services due to security concerns and perceived risk when these factors are affected by…

Abstract

Purpose

The purpose of this study is to understand why individuals choose to avoid using e-services due to security concerns and perceived risk when these factors are affected by the perceived degree of government cybersecurity preparedness against cyberattacks.

Design/methodology/approach

The authors adopt the information systems success model to predict the role of government security preparedness efforts in influencing the determinants of e-services avoidance. The conceptual model includes four variables: security concerns, perceived risk of cyberattacks, perceived government cybersecurity preparedness and e-services avoidance. Data from 774 participants were used to analyze our conceptual model.

Findings

First, the findings show that security concerns regarding personal information safety and perceived risk of cyberattacks are barriers to e-services use, with the former having a stronger effect. Second, the findings showed that perceived government cybersecurity preparedness significantly reduces security concerns and perceived risk of cyberattacks. Third, the post hoc group analysis between individuals with a bachelor’s degree or higher versus those without a bachelor’s degree showed that the effect of both security concerns and perceived risk of cyberattacks on e-services avoidance was greater for individuals without a bachelor’s degree. The same relationship between perceived risk of cyberattacks and e-services avoidance was not supported for individuals with a bachelor’s degree or higher.

Originality/value

Extant privacy research fails to adequately examine the role of institutional factors, such as government efforts, and how these mitigate or amplify cybersecurity concerns and risks related to e-services. This research takes the first step toward addressing this limitation by examining the influence of government cybersecurity preparedness efforts on the determinants of e-services avoidance.

Details

Information & Computer Security, vol. 27 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 3 May 2016

V. Gerard Comizio, Behnam Dayanim and Laura Bain

To provide financial institutions an overview of the developments in cybersecurity regulation of financial institutions during 2015 by the United States, the United…

Abstract

Purpose

To provide financial institutions an overview of the developments in cybersecurity regulation of financial institutions during 2015 by the United States, the United Kingdom, and the European Union, as well as guidance for developing effective cyber-risk management programs in light of evolving cyber-threats and cyber-regulatory expectations.

Design/methodology/approach

Reviews US, UK and EU regulatory developments in the cybersecurity area and provides several best practice tips financial institutions should consider and implement to improve their cybersecurity compliance programs.

Findings

While cyber-threats and financial regulators’ expectations for cyber-security are constantly evolving, recent guidance and enforcement efforts by the US, UK and EU illustrate the need for financial institutions to develop effective cybersecurity programs that address current regulatory compliance requirements and prepare for emergency cyber responses.

Practical implications

Financial institutions should utilize the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool to assess their cyber-risk profile and cyber-preparedness.

Originality/value

Practical guidance from experienced financial regulatory and privacy lawyers that provides a survey of the current regulatory environment and recommendations for cyber-security compliance.

Details

Journal of Investment Compliance, vol. 17 no. 1
Type: Research Article
ISSN: 1528-5812

Keywords

To view the access options for this content please click here
Book part
Publication date: 6 September 2021

Abstract

Details

The Role of Law Enforcement in Emergency Management and Homeland Security
Type: Book
ISBN: 978-1-78769-336-4

To view the access options for this content please click here
Article
Publication date: 5 June 2020

Hassan Younies and Tareq Na'el Al-Tawil

The purpose of this paper is to explore the extent to which cybercrime laws protect citizens and businesses in the United Arab Emirates (UAE). Pertinent questions over the…

Abstract

Purpose

The purpose of this paper is to explore the extent to which cybercrime laws protect citizens and businesses in the United Arab Emirates (UAE). Pertinent questions over the lax regulatory environment and incomprehensible cybersecurity policies have influenced the discussions.

Design/methodology/approach

This paper will first offer a global outlook of cybersecurity laws and legislation. The global outlook will present the basis for examining best practices that the UAE could emulate. The paper will then examine the legislative landscape of cyber laws in the UAE, including cross-country comparisons. The comparisons are critical, as the country’s cybercrime laws are in their infancy phase.

Findings

The UAE has taken decisive and proactive measures to deter the threat of cybercrimes and cyberattacks. The UAE strategy comprehensive strategy has been effective in protecting the economy and populations from the adverse effects of cybercrimes. The success lies in the enactment of comprehensive and streamlines laws and regulations with harsher penalties. The stringent legal measures, including longer jail terms, stiffer fines and deportation of foreigners, have ensured robust deterrence to cybercriminals.

Originality/value

The analysis has shown that the UAE has a higher score of preparedness against cybercrimes and cyberattacks. The UAE has specifically crafted a broader and effective legislative framework of cybercrime laws. Although the UAE has comprehensive cybercrime laws, the remarkable level of technological advances in the country makes citizens and businesses lucrative targets. The UAE now has the burden of doubling down its legal efforts to deter emerging cybersecurity risks.

Details

Journal of Financial Crime, vol. 27 no. 4
Type: Research Article
ISSN: 1359-0790

Keywords

To view the access options for this content please click here
Book part
Publication date: 6 September 2021

Eileen M. Decker, Matthew Morin and Eric M. Rosner

Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also…

Abstract

Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also face a constant stream of cyberattacks through varied methods by actors with myriad motivations. These threats are not expected to diminish in the near future. As a result, homeland security and national security professionals at all levels of government must understand the unique motivations and capabilities of malicious cyber actors in order to better protect against and respond to cyberattacks. This chapter outlines the most common cyberattacks; explains the motivations behind these attacks; and describes the federal, state, and local efforts to address these threats.

Details

The Role of Law Enforcement in Emergency Management and Homeland Security
Type: Book
ISBN: 978-1-78769-336-4

Keywords

To view the access options for this content please click here
Article
Publication date: 1 December 2020

Aldo M. Leiva and Michel E. Clark

To examine the COVID-19 pandemic’s effects on regulated entities within the context of cybersecurity, US Securities and Exchange Commission (SEC) compliance, and parallel…

Abstract

Purpose

To examine the COVID-19 pandemic’s effects on regulated entities within the context of cybersecurity, US Securities and Exchange Commission (SEC) compliance, and parallel proceedings.

Design/methodology/approach

Describes the SEC’s ability to conduct its operations within the telework environment, its commitment and ability to monitor the securities market, its enhanced monitoring of the adverse effects of SEC-regulated companies from COVID-19, its guidance to public companies of disclosure obligations related to cybersecurity risks and incidents, the SEC Office of Compliance and Examinations’s (OCIE’s) focus on broker-dealers’ and investment advisories’ cybersecurity preparedness, the role and activities of the SEC Division of Enforcement’s Cyber Unit, and parallel proceedings on cyberbreaches and incidents by different agencies, branches of government or private litigants.

Findings

SEC-regulated entities face many challenges in trying to maintain their ongoing business operations and infrastructure due to severe financial pressures, the threat of infection to employees and customers, and cybersecurity risks posed by remote operations from hackers and fraudsters. The SEC has reemphasized that its long-standing focus on cybersecurity and resiliency within the securities industry will continue, including ongoing vigilance over companies’ efforts to identify, assess, and address the inherent, heightened cybersecurity risks of teleworking and the resource reallocation that business need to sustain their operations until a safe and effective vaccine is developed for COVID-19.

Originality/value

Expert analysis and guidance from experienced lawyers with expertise in securities, litigation, government enforcement, information technology, data protection, privacy and cybersecurity.

Details

Journal of Investment Compliance, vol. 21 no. 2/3
Type: Research Article
ISSN: 1528-5812

Keywords

To view the access options for this content please click here
Article
Publication date: 17 June 2020

Rajni Goel, Anupam Kumar and James Haddow

This study aims to develop a framework for cybersecurity risk assessment in an organization. Existing cybersecurity frameworks are complex and implementation oriented. The…

Abstract

Purpose

This study aims to develop a framework for cybersecurity risk assessment in an organization. Existing cybersecurity frameworks are complex and implementation oriented. The framework can be systematically used to assess the strategic orientation of a firm with respect to its cybersecurity posture. The goal is to assist top-management-team with tailoring their decision-making about security investments while managing cyber risk at their organization.

Design/methodology/approach

A thematic analysis of existing publications using content analysis techniques generates the initial set of keywords of significance. Additional factor analysis using the keywords provides us with a framework comprising of five pillars comprising prioritize, resource, implement, standardize and monitor (PRISM) for assessing a firm’s strategic cybersecurity orientation.

Findings

The primary contribution is the development of a novel PRISM framework, which enables cyber decision-makers to identify and operationalize a tailored approach to address risk management and cybersecurity problems. PRISM framework evaluation will help organizations identify and implement the most tailored risk management and cybersecurity approach applicable to their problem(s).

Originality/value

The new norm is for companies to realize that data stratification in cyberspace extends throughout their organizations, intertwining their need for cybersecurity within business operations. This paper fulfills an identified need improve the ability of company leaders, as CIOs and others, to address the growing problem of how organizations can better handle cyber threats by using an approach that is a methodology for cross-organization cybersecurity risk management.

Details

Information & Computer Security, vol. 28 no. 4
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 3 June 2014

David Petron, Michael Wolk and Edward McNicholas

– To alert broker-dealers to several regulatory developments relating to cybersecurity threats.

Abstract

Purpose

To alert broker-dealers to several regulatory developments relating to cybersecurity threats.

Design/methodology/approach

Reviews four regulatory developments in the cybersecurity area and provides several steps broker-dealers should undertake to review and improve their cybersecurity and information technology protocols and practices.

Findings

While FINRA’s new cybersecurity sweep appears to be an exploratory and learning exercise to obtain regulatory knowledge and intelligence, firms should be cognizant of the fact that both FINRA and the SEC have imposed significant sanctions against Firms when it has found inadequate cyber security policies and procedures.

Practical implications

Broker-dealers should review the White House’s recent Framework for Improving Critical Infrastructure Cybersecurity and evaluate their own cybersecurity preparedness under the key areas of the Framework.

Originality/value

Practical guidance from experienced privacy and securities regulatory lawyers that consolidates several recent developments in one piece.

To view the access options for this content please click here
Expert briefing
Publication date: 8 July 2021

The cost, frequency and sophistication of cyberattacks is increasing worldwide, widening the gap between cyber preparedness and threat levels. Yet the continued lack of…

Details

DOI: 10.1108/OXAN-DB262652

ISSN: 2633-304X

Keywords

Geographic
Topical
To view the access options for this content please click here
Expert briefing
Publication date: 19 December 2018

EU cybersecurity.

Details

DOI: 10.1108/OXAN-DB240699

ISSN: 2633-304X

Keywords

Geographic
Topical
1 – 10 of 115