Search results

1 – 10 of 15
Article
Publication date: 2 June 2022

Kane Smith and Gurpreet Dhillon

Cyberstalking is a growing threat to society, and policymakers should address it utilizing the input of constituents. For this, two key components are required: actionable…

4525

Abstract

Purpose

Cyberstalking is a growing threat to society, and policymakers should address it utilizing the input of constituents. For this, two key components are required: actionable objectives informed by the values of society and the means of implementation to maximize their potential benefits. The process should be guided by the constituent's values, requiring the elicitation of intrinsic values as individual preferences that are extrapolated to society at large.

Design/methodology/approach

The authors utilize Keeney's (1990) public value forum and Sen's (1999) social choice theory (Sen, 1999) to elicit and convert these intrinsic values to serve as the basis for developing public policy to prevent cyberstalking.

Findings

The results demonstrate a strong desire by participants to have clear regulations, policies and procedures developed in concert with industry and enforced by the government that elucidate required protections against cyberstalking in combination with strong technical controls. These policies should guide technical control development and implementation, but leave ultimate control in the hands of technology users to decide what controls they want to utilize.

Originality/value

This study is the first to utilize Keeney's (1988) public value forum in the context of cyberstalking to develop quantitative measures regarding technology users' desired cybersecurity protections against cyberstalking. The authors provide a decision-making framework for policymakers to develop a new policy based on the input of their constituents in a manner that maximizes their potential utility and ultimate benefit.

Details

Internet Research, vol. 33 no. 1
Type: Research Article
ISSN: 1066-2243

Keywords

Article
Publication date: 14 February 2019

David Lewis Coss and Gurpreet Dhillon

To effectively develop privacy policies and practices for cloud computing, organizations need to define a set of guiding privacy objectives that can be applied across their…

1139

Abstract

Purpose

To effectively develop privacy policies and practices for cloud computing, organizations need to define a set of guiding privacy objectives that can be applied across their organization. It is argued that it is important to understand individuals’ privacy values with respect to cloud computing to define cloud privacy objectives.

Design/methodology/approach

For the purpose of this study, the authors adopted Keeney’s (1994) value-focused thinking approach to identify privacy objectives with respect to cloud computing.

Findings

The results of this study identified the following six fundamental cloud privacy objectives: to increase trust with cloud provider, to maximize identity management controls, to maximize responsibility of information stewardship, to maximize individual’s understanding of cloud service functionality, to maximize protection of rights to privacy, and to maintain the integrity of data.

Research limitations/implications

One limitation is generalizability of the cloud privacy objectives, and the second is research bias. As this study focused on cloud privacy, the authors felt that the research participants’ increased knowledge of technology usage, including that of cloud technology, was a benefit that outweighed risks associated with not having a random selection of the general population. The newness and unique qualities of privacy issues in cloud computing are better fitted to a qualitative study where issues can emerge naturally through a holistic approach opposed to trying to force fit an existing set of variables or constructs into the context of privacy and cloud computing.

Practical implications

The findings of this research study can be used to assist management in the process of formulating a cloud privacy policy, develop cloud privacy evaluation criteria as well as assist auditors in developing their privacy audit work plans.

Originality/value

Currently, there is little to no guidance in the literature or in practice as to what organizations need to do to ensure they protect their stakeholders privacy in a cloud computing environment. This study works at closing this knowledge gap by identifying cloud privacy objectives.

Details

Information & Computer Security, vol. 27 no. 2
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 11 June 2018

Kane J. Smith, Gurpreet Dhillon and Karin Hedström

In this paper, using values of individuals in a Swedish health-care organization, electronic identity management objectives related to security are defined.

Abstract

Purpose

In this paper, using values of individuals in a Swedish health-care organization, electronic identity management objectives related to security are defined.

Design/methodology/approach

By using value-focused thinking, eliciting values from interviews of three groups of health-care staff’s objective hierarchies for three stakeholder groups are identified and defined. Objective hierarchies allow comparison across multiple stakeholder groups such that strategic objectives for identity management can be compared and contrasted.

Findings

This qualitative investigation, which used value-focused thinking, revealed 94 subobjectives, grouped into 12 fundamental and 14 means objectives, which are essential for developing measures that address potential value conflicts in a health-care organization around electronic identity management. The objectives developed in this study are grounded socioorganizationally and provide a way forward in developing measures aimed to reducing potential conflicts at a policy level.

Originality/value

In a final synthesis, congruence (or lack thereof) in the electronic identity management approach for a Swedish health organization is suggested. This also creates a foundation to evaluate and weight different objectives for strategic decision management.

Details

Information & Computer Security, vol. 26 no. 2
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 2 October 2019

Kane J. Smith and Gurpreet Dhillon

Blockchain holds promise as a potential solution to the problem of cybersecurity in financial transactions. However, difficulty exists for both the industry and organizations in…

1306

Abstract

Purpose

Blockchain holds promise as a potential solution to the problem of cybersecurity in financial transactions. However, difficulty exists for both the industry and organizations in assessing this potential solution. Hence, it is important to understand how organizations in the financial sector can address these concerns by exploring blockchain implementation for financial transactions in the context of cybersecurity. To do this, the problem question is threefold: first, what objectives are important based on the strategic values of an organization for evaluating cybersecurity to improve the security of financial transactions? Second, how can they be used to ensure the cybersecurity of financial transactions in a financial organization? Third, how can these objectives be used to evaluate blockchain as a potential solution for enhancing the cybersecurity of organizations in the financial sector relative to existing cybersecurity methods? The paper aims to discuss this issue.

Design/methodology/approach

To accomplish this goal we utilize Keeney’s (1992) multi-objective decision analytics technique, termed value-focused thinking (VFT), to demonstrate how organizations can assess a blockchain solution’s value to maximize value-add within financial organization.

Findings

The presented model clearly demonstrates the viability of using Keeney’s (1992) VFT technique as a multi-criteria decision analysis tool for assessing blockchain technology. Further, a clear explanation of how this model can be extended and adapted for individual organizational use is provided.

Originality/value

This paper engages both the academic literature as well as an expert panel to develop an assessment model for blockchain technology related to financial transactions by providing a useful method for structuring the decision-making process of organizations around blockchain technology.

Details

Managerial Finance, vol. 46 no. 6
Type: Research Article
ISSN: 0307-4358

Keywords

Article
Publication date: 1 March 2001

Gurpreet Dhillon, David Coss and Ray Hackney

In interpreting the role of disruptive technologies in the relative success and failure of firms, this paper uses Christensen’s principles to review the strategies of Amazon.com…

4997

Abstract

In interpreting the role of disruptive technologies in the relative success and failure of firms, this paper uses Christensen’s principles to review the strategies of Amazon.com and Barnes & Nobel. The core argument of the paper is based on the assertion that firms that fail to recognize the uniqueness of a disruptive technology fall short of succeeding in their line of business. The argument is conducted by reviewing the various aspects of disruptive technology, as they relate to the business of selling books online. In a final synthesis, insights based on occurrences within the US e‐business context are presented.

Details

Logistics Information Management, vol. 14 no. 1/2
Type: Research Article
ISSN: 0957-6053

Keywords

Content available
Article
Publication date: 1 June 2004

Gurpreet Dhillon

323

Abstract

Details

Business Process Management Journal, vol. 10 no. 3
Type: Research Article
ISSN: 1463-7154

Article
Publication date: 9 February 2010

Mário Caldeira and Gurpreet Dhillon

The purpose of this paper is to present organizational competencies for gaining information technology (IT) benefits within organizations. Following the analysis of 16 in‐depth…

1986

Abstract

Purpose

The purpose of this paper is to present organizational competencies for gaining information technology (IT) benefits within organizations. Following the analysis of 16 in‐depth case studies, a set of six high level, fundamental competencies and 17 facilitating competencies are identified. A framework for orchestrating the organizational competencies is also presented. The results of this research would be useful to academics in developing measures for assessing the level of organizational competence and for practitioners in identifying and nurturing competencies for organizational benefits realization.

Design/methodology/approach

The methodology involved two phases. Phase 1 entailed conducting 16 extensive case studies. Case study methodology employed follows guidelines provided by Yin and Benbasat et al. Case studies are a suitable means to collect the data since the notion of competencies in delivering IT benefits has not been well understood in the literature. By analyzing and understanding the particular situation and factors in each organization in an in‐depth manner, the paper develops a sound interpretation of the abilities that organizations need to have in place to deliver IT benefits.

Findings

In order to gain business benefits from IT investments, organizations must develop competencies to exploit IT. These competencies involve individual skills and organizational processes that enable those skills to be effectively applied. This paper identifies 23 competencies categorized into fundamental and facilitating competencies that firms need to have in place if IT services are to be delivered adequately and business benefits achieved. Also developed is a network of competences based on the data collected in the 16 cases studied.

Research limitations/implications

Like any research, this paper has its limitations. Given the qualitative and interpretive nature of the research, a lot of assertions are interpretations of the authors. While in the literature, this has been argued as a valid way to undertake research, clearly there are biases that creep into the research.

Practical implications

The model of competencies presented forms a good basis for enterprises to fine‐tune their abilities for harnessing IT.

Originality/value

While management researchers have been researching the notion of organizational competence for a while, it has not been well considered in the information systems arena; it is felt that this research makes a positive contribution to that effect.

Details

Business Process Management Journal, vol. 16 no. 1
Type: Research Article
ISSN: 1463-7154

Keywords

Article
Publication date: 1 October 1999

Gurpreet Dhillon

This paper argues that many of the losses owing to computer‐related fraud could be avoided if organizations adopt a more pragmatic approach in dealing with such incidents. The…

5155

Abstract

This paper argues that many of the losses owing to computer‐related fraud could be avoided if organizations adopt a more pragmatic approach in dealing with such incidents. The paper suggests that in implementing controls, both within organizations and computer systems, a balanced approach be adopted. Such an approach should place equal emphasis on technical, formal and informal interventions. The argument is conducted by reviewing the nature of security breaches that have taken place in different parts of the world.

Details

Information Management & Computer Security, vol. 7 no. 4
Type: Research Article
ISSN: 0968-5227

Keywords

Article
Publication date: 1 October 2000

Gurpreet Dhillon and Mário Caldeira

The aim of this paper is to develop an understanding of the adoption and use of EDI in the Portuguese clothing and textile industry. The inherent argument is that although such…

923

Abstract

The aim of this paper is to develop an understanding of the adoption and use of EDI in the Portuguese clothing and textile industry. The inherent argument is that although such inter‐organizational systems in small and medium‐sized enterprises facilitate competitiveness through collaboration, the successful deployment of such systems is not solely a function of transaction costs and the resource base of an organization, as has been argued in the literature. In fact the values and attitudes of senior management play a critical role in the adoption of inter‐organizational systems. Various issues are analyzed by critically reviewing the literature, which has traditionally focused either on reducing transaction costs or managing the resource base. The argument of this paper is conducted by evaluating managers’ beliefs and attitudes towards the use of EDI within the Portuguese clothing and textile industry.

Details

Information Management & Computer Security, vol. 8 no. 4
Type: Research Article
ISSN: 0968-5227

Keywords

Article
Publication date: 1 April 1997

Gurpreet Dhillon and Ray Hackney

Argues that by interpreting the semantic content of different actions, it will be possible to draw boundaries between those aspects of a system that can be computerized and those…

1586

Abstract

Argues that by interpreting the semantic content of different actions, it will be possible to draw boundaries between those aspects of a system that can be computerized and those that will best serve the purpose if left alone. This will dissuade systems developers from being caught in the technology trap. The argument is conducted in the context of developing IT‐based medical thesauri for drug use management.

Details

Health Manpower Management, vol. 23 no. 2
Type: Research Article
ISSN: 0955-2065

Keywords

1 – 10 of 15