Search results

Employee security behaviors are the cornerstone for achieving holistic organizational information security. Recent studies in the information systems (IS) security literature have used neutralization and moral disengagement (MD) perspectives to examine employee rationalizations of noncompliant security behaviors. Extending this prior work, the purpose of this paper is to identify mechanisms of security education, training, and awareness (SETA) programs and deterrence as well as employees’ organizational commitment in influencing MD of security policy violations and develop a theoretical model to test the proposed relationships.

The authors validate and test the model using the data collected from six large multinational organizations in Korea using survey-based methodology. The model was empirically analyzed by structural equation modeling.

The results suggest that security policy awareness (PA) plays a central role in reducing MD of security policy violations and that the certainty of punishment and immediacy of enforcing penalties are instrumental toward reducing such MD; however, the higher severity of penalties does not have an influence. The findings also suggest that SETA programs are an important mechanism in creating security PA.

The paper expands the literature in IS security that has examined the role of moral evaluations. Drawing upon MD theory and social cognitive theory, the paper points to the central role of SETA and security PA in reducing MD of security policy violations, and ultimately the likelihood of this behavior. The paper not only contributes to theory but also provides important insights for practice.

Digital financial services (DFS) have substantial prospect to offer a number of reasonable, appropriate and secure banking services to the underprivileged in developing countries through pioneering technologies such as mobile phone based solutions, digital platforms and electronic money models. DFS allow unbanked people to obtain access to financial services through digital technologies. However, DFS face tough challenges of adoption. Realising this, the purpose of this paper is to identify such challenges and develop a framework.

The authors developed a framework of challenges by utilising interpretive structural modelling (ISM) and fuzzy MICMAC approach. The authors explored 18 such unique set of challenges culled from the literature and further gathered data from two sets of expert professionals. In the first phase, the authors gathered data from 29 professionals followed by 18 professionals in the second phase. All were pursuing Executive MBA programme from a metropolitan city in South India. The implementation of ISM and fuzzy MICMAC provided a precise set of driving, linkage and dependent variables that were used to derive a framework.

ISM model is split in eight different levels. The bottom level consists of a key driving challenge V11 (i.e. high cost and low return related problem), whereas the topmost level consists of two highly dependent challenges namely V1 (i.e. risk of using digital services) and V14 (i.e. lack of trust). The prescribed ISM model shows the involvement of “high cost and low return related problem (V11)”, which triggers further challenges of DFS.

None of the existing research has explored key challenges to DFS in detail nor formulated a framework for such challenges. To the best of the authors’ knowledge, this is the first paper on DFS that attempts to collate its challenges and incorporate them in a hierarchical model using ISM and further divide them into four categories of factors using fuzzy MICMAC analysis.

INTRODUCTION With the increasing importance of capital investment selection in modern business the field has attracted a large body of interest in the literature of the last two decades. It is the purpose of the survey to trace this development from the use of simple financial criteria for assessing investments to the use of more sophisticated financial measures, techniques for assessing risk in investments and finally complex models for selecting portfolios of investments.

This paper aims to provide an overview of theories used in the field of employees’ information systems (IS) security behavior over the past decade. Research gaps and implications for future research are worked out by analyzing and synthesizing existing literature.

This paper presents the results of a literature review comprising 113 publications. The literature review was designed to identify applied theories and to understand the cognitive determinants in the research field. A meta-model that explains employees’ IS security behavior is introduced by assembling the core constructs of the used theories.

The paper identified 54 used theories, but four behavioral theories were primarily used: Theory of Planned Behavior (TPB), General Deterrence Theory (GDT), Protection Motivation Theory (PMT) and Technology Acceptance Model (TAM). By synthesizing results of empirically tested research models, a survey of factors proven to have a significant influence on employees’ security behavior is presented.

Some relevant publications might be missing within this literature review due to the selection of search terms and/or databases. However, by conduction a forward and a backward search, this paper has limited this error source to a minimum.

This study presents an overview of determinants that have been proven to influence employees’ behavioral intention. Based thereon, concrete training and awareness measures can be developed. This is valuable for practitioners in the process of designing Security Education, Training and Awareness (SETA) programs.

This paper presents a comprehensive up-to-date overview of existing academic literature in the field of employees’ security awareness and behavior research. Based on a developed meta-model, research gaps are identified and implications for future research are worked out.

Mobile-based payment is increasing exponentially but in the developing country like India, consumers’ perception is highly positive in daily cash transaction. The purpose of this research is to identify and examine the important challenges for mobile wallet (m-wallet) implementation in India. In the wake of COVID-19, one of the transmission mechanisms of this virus has been the coins and paper money passed between a buyer and a seller. As such m-wallet considered as a convenience of payment has become a necessity in light of the pandemic.

The authors explored 19 unique sets of challenges selected from the literature and collected data from 14 experts from private sector, multinational corporations and mixed private and public partnership who have significant knowledge and experience of mobile payment implementation and use in their respective organisations. Also, the authors have used Interpretive Structural Modelling (ISM) methodology in developing a hierarchal model for the identified challenges. The authors implemented Cross-Impact Matrix Multiplication Applied to Classification (MICMAC) analysis to classify the identified challenges.

The ISM-based framework is divided into nine different hierarchical levels. “Lack of strong regulatory compliance (Ch6)” has been recognised as the most important challenge, which inhibited the mobile wallet implementation, whereas “Perception of customers about the value of using mobile wallets (Ch11)” is the most dependent critical challenge. There are seven hierarchical layers in between the top and the bottom level with the varied number of challenges based on their driving and dependence power.

This is the first research to the best of our knowledge that has not only comprehensively reviewed the m-wallet literature but also employed a unique ISM-MICMAC-based approach to develop a framework of challenges for the m-wallet implementation.

This study aims to identify the implications of security behaviour determinants for security management to propose respective guidelines which can be integrated with current security management practices, including those following the widely adopted information security standards ISO 27001, 27002, 27003 and 27005.

Based on an exhaustive analysis of related literature, the authors identify critical factors influencing employee security behaviour and ISP compliance. The authors use these factors to perform a gap analysis of widely adopted information security standards ISO 27001, 27002, 27003 and 27005 and identify issues not covered or only partially addressed. Drawing on the implications of security behaviour determinants and the identified gaps, the authors provide guidelines which can enhance security management practices.

The authors uncover the factors shaping security behaviour barely or partly considered in the ISO information security standards ISO 27001, 27002, 27003 and 27005, including top management participation, accommodating individual characteristics, embracing the cultural context, encouraging employees to comply out of habit and considering the cost of compliance. Furthermore, the authors provide guidelines to security managers on enhancing their security management practices when implementing the above ISO Standards.

This study offers guidelines on how to create and design security management practices whilst implementing ISO standards (ISO 27001, ISO 27002, ISO 27003, ISO 27005) so as to enhance ISP compliance.

This study analyses the role and implications of security behaviour determinants, discusses discrepancies and conflicting findings in related literature, provides a gap analysis of commonly used information security standards (ISO 27001, 27002, 27003 and 27005) and proposes guidelines on enhancing security management practices towards improving ISP compliance.

This study aims to identify key factors driving consumers' adoption of Open Banking. It extends the Unified Theory of Acceptance and Use of Technology (UTAUT) by integrating perceived risk, initial trust and financial literacy into an overarching conceptual model.

Measurement items of the theoretical constructs included in the conceptual model were adapted from related literature and a set of hypotheses was developed. The hypotheses of the conceptual model were subsequently assessed with partial least squares structural equation modeling using a dataset of 456 Australian survey respondents.

The model has strong explanatory power with an R² of 69.5%. Performance expectancy, effort expectancy, social influence and perceived risk are direct antecedents of consumers' usage intention of Open Banking. Social influence has a strong mediating effect on usage intention through performance expectancy. The effect of perceived risk is alleviated by effort expectancy and initial trust, while initial trust positively affects the effects of performance expectancy and effort expectancy on consumers' usage intention of Open Banking. Finally, financial literacy lowers initial trust towards Open Banking, possibly inducing consumer skepticism.

The results suggest that practitioners should focus on performance expectancy as a primary driver of Open Banking adoption, while understanding the role of other drivers, such as social influence and perceived risk in developing marketing strategies. Policy makers are recommended to adopt a governance approach to build initial trust amongst consumers.

This research contributes by providing an integrated and comprehensive model for explaining consumers' FinTech adoptions by extending the existing technology adoption model UTAUT to the Open Banking domain and integrating perceived risk, initial trust and financial literacy, thereby advancing and enriching the conceptual horizon of the extant literature.

Timely detection of emergency events and effective tracking of corresponding public opinions are critical in emergency management. As media are immediate sources of information on emergencies, the purpose of this paper is to propose cross-media analytics to detect and track emergency events and provide decision support for government and emergency management departments.

In this paper, a novel emergency event detection and opinion mining method is proposed for emergency management using cross-media analytics. In the proposed approach, an event detection module is constructed to discover emergency events based on cross-media analytics, and after the detected event is confirmed as an emergency event, an opinion mining module is used to analyze public sentiments and then generate public sentiment time series for early warning via a semantic expansion technique.

Empirical results indicate that a specific emergency can be detected and that public opinion can be tracked effectively and efficiently using cross-media analytics. In addition, the proposed system can be used for decision support and real-time response for government and emergency management departments.

This paper takes full advantage of cross-media information and proposes novel emergency event detection and opinion mining methods for emergency management using cross-media analytics. The empirical analysis results illustrate the efficiency of the proposed method.

The proposed method can be applied for detection of emergency events and tracking of public opinions for emergency decision support and governmental real-time response.

This research work contributes to the design of a decision support system for emergency event detection and opinion mining. In the proposed approaches, emergency events are detected by leveraging cross-media analytics, and public sentiments are measured using an auto-expansion of the domain dictionary in the field of emergency management to eliminate the misclassification of the general dictionary and to make the quantization more accurate.

The purpose of this paper is to investigate the information security behavior of mobile device users in the context of data breach. Much of the previous research done in user information security behavior have been in broad contexts, therefore creating needs of research that focuses on specific emerging technologies and trends such as mobile technology.

This study was an empirical study that gathered survey data from 390 mobile users. Delphi study and pilot study were conducted prior to the main survey study. Partial Least Square Structural Equation Modeling was used to analyze the survey data after conducting pre-analysis data screening.

This study shows that information security training programs must be designed by practitioners to target the mobile self-efficacy (MSE) of device users. It also reveals that practitioners must design mobile device management systems along with processes and procedures that guides users to take practical steps at protecting their devices. This study shows the high impact of MSE on users’ protection motivation (PM) to protect their mobile devices. Additionally, this study reveals that the PM of users influences their usage of mobile device security.

This study makes theoretical contributions to the existing information security literature. It confirms PM theory’s power to predict user behavior within the context of mobile device security usage. Additionally, this study investigates mobile users’ actual security usage. Thus, it goes beyond users’ intention.

This study sought to examine the extent to which outsourced contracts, buyer-supplier trust and supplier opportunistic behavior explain supplier performance in Ugandan Public Procuring and Disposing Entities (PDEs). This study was prompted by reports of long lead times, failure to match specifications, late deliveries, poor quality of services delivered, contract violations, and increased supplier cheating. Cross sectional data from 116 central government PDEs concerning outsourced contracts was collected using a self-administered questionnaire. Hierarchical regression was used to indicate what happens to a model that was developed as part of this research as different predictor variables are introduced. The findings revealed that outsourced contracts, buyer-supplier trust, and supplier opportunistic behavior are significant predictors of supplier performance. The study has both managerial and policy implications which are discussed in this paper.