Search results

The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.

This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?

In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.

This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.

Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.

Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.

Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.

The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security practices. The purpose of this study is to examine how objective cyber awareness is distributed throughout society.

This study draws on a large national survey of adults to examine the relationship between individual factors – such as demographic attributes and socioeconomic resources – and information security awareness. The study estimates several statistical models using weighted logistic regression to model objective information security awareness.

The results indicate that socioeconomic resources such as income and education have a significant effect on individuals’ information security awareness with richer and more highly educated individuals exhibiting greater awareness of important security practices and tools. Additionally, age and gender represent consistent and clear informational gaps in society as older individuals and females are significantly less knowledgeable about an array of information security practices than younger individuals and males, respectively.

The findings have important implications for our understanding of information security behavior and user vulnerability in an increasingly digital and connected society. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks. While digital technology will continue to permeate many aspects of daily life – from financial transactions to health services to social interactions – the findings here indicate that some users may be far more exposed and vulnerable to attack than others.

This study contributes to our understanding of general user information security awareness using a large survey and statistical models to generalize about the public’s information security awareness across multiple domains and stimulates future research on public knowledge of information security. The findings indicate that some users may be far more exposed and vulnerable to attack than others. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks.

This study investigates CSR reporting’s role in debt access and cost of debt with the moderating role of external assurance and GRI adoption in emerging markets. Such an investigation will help facilitate external fund flow to firms in better terms.

We collected data from 16 emerging markets between 2008 and 2019 from the Thomson Reuters Eikon and ran fixed effects regression analysis and robustness tests by addressing endogeneity concerns, adopting alternative sample and integrating additional control variables.

The results show that CSR reporting has a positive association with access to debt and a negative association with the cost of debt. Furthermore, both external assurance and GRI adoption do not significantly moderate between CSR reporting and access to debt and cost of debt. Hence, creditors in emerging markets are not interested in CSR report assurance and GRI framework adoption and do not integrate them into their lending decisions.

Emerging markets are unique settings characterized by high growth rates, limited capital availability, high debt costs and weak institutional environments. Thus, reaching debt with convenient conditions is critical for emerging market firms to finance their growth. Hence, our study will help emerging market firms reach external funding more easily and in better terms via CSR transparency. Besides, our investigation is based on a broad sample of emerging markets, and hence updates prior emerging market studies conducted in single-country settings. Lastly, we test the complementarity of third-party assurance and GRI adoption to CSR reporting in loan contracting.

Prior studies mostly tested the association between carbon emissions and firm value in certain contexts. This study aims to advance the existing literature by concentrating on three indicators of greening in corporations namely resource use, emissions and eco-innovation, and examining their value relevance in the stock market at the global level. Furthermore, we deepen the investigation by exploring the moderating role of eco-innovation and the CSR committee between greening in corporations and market value.

The data for the study were retrieved from the Thomson Reuters Eikon database for the years between 2002 and 2019 and contain 17,961 firm-year observations which are analyzed through fixed-effects regression.

The results reveal that while resource usage is viewed as value-relevant by the market, the emissions and eco-innovation are not. However, despite eco-innovation per se not being value-relevant, its interaction with resource usage and emissions is value-relevant. Furthermore, CSR committees undertake a very critical role in translating greening practices into market value.

While the results for emissions support the cost-concerned school, the findings for resource usage confirm the value creation school. Furthermore, the interaction effect of eco-innovation and CSR committee confirms the resource-based theory and stakeholder theory, respectively.

Investors regard eco-innovation-induced pro-environmental behaviors as value-relevant. These results propose firms replace eco-innovation at the focal point in developing environmental strategies and connecting other greening efforts to it. Moreover, CSR committees are critical to corporations in translating greening practices into firm value by developing and implementing disclosure and communication strategies.

The study’s originality stems from investigating the synergetic effect that eco-innovation and CSR committees generate in translating greening practices to greater market value at a global scale.

This paper offers an empirical overview of European emergency managers' institutional arrangements and guidelines for using social media in risk and crisis communication.

The authors collected and analysed material including publicly accessible relevant legal acts, policy documents, official guidelines, and press reports in eight European countries – Germany, Italy, Belgium, Sweden, Hungary, Finland, Norway, and Estonia. Additionally, the authors carried out 95 interviews with emergency managers in the eight countries between September 2019 and February 2020.

The authors found that emergency management institutions' social media usage is rarely centrally controlled and social media crisis communication was regulated with the same guidelines as crisis communication on traditional media. Considering this study's findings against the backdrop of existing research and practice, the authors find support for a “mixed arrangement” model by which centralised policies work in tandem with decentralised practices on an ad hoc basis.

Comparative insights about institutional arrangements and procedural guidelines on social media crisis communication in the studied countries could inform the future policies concerning social media use in other emergency management systems.

This study includes novel, cross-national comparative data on the institutional arrangements and guidelines for using social media in emergency management in the context of Europe.

The COVID-19 pandemic has significantly affected service small- and medium-sized enterprises (SMEs), increasing the importance of understanding how these businesses can become more resilient and how service innovation can be an effective strategy to increase their adaptive capacity and survival. This study aims to examine the role of dynamic capabilities in service innovation as a factor explaining the resilience of SMEs in Puerto Rico and the Dominican Republic during the COVID-19 crisis and its impact on service innovation. Additionally, the authors assess whether service innovation has a significant impact on value cocreation in these businesses.

This study used a quantitative method by surveying 118 SME owners in Puerto Rico and the Dominican Republic. The data were analyzed using partial least-squares structural equation modeling.

The results reflect important theoretical contributions by analyzing resilience from an innovation perspective instead of a retrospective approach, which is an area that has not been analyzed in the literature. Additionally, theoretical contributions to marketing services in SMEs are discussed, which is an underresearched topic. The results advance by discussing the role of service innovation through the reconfiguration of resources and how this can be an effective strategy to increase value cocreation with customers during crises.

This study is original in that it analyzes resilience from the perspective of innovation, and not from a retrospective approach. It offers a vision in response to the need for studies that provide a clearer conceptualization of resilience in small businesses. This highlights the importance of considering regional differences and service innovation as effective strategies to enhance resilience and value cocreation with customers.

This paper aims to provide an examination of the use of the concept of resilience and its use in service organisation, ecosystem-related literature and the wider social sciences.

This paper provides a critical review and commentary on the resilience literature in the social and business sciences and its relevance to service organisations.

Two main approaches towards resilience are identified (engineering and socio-ecological resilience) with each having different assumptions about the nature of resilience with corresponding implications for policymaking, indicator selection and application in a service context. These approaches operate at different scales and possess different properties with respect to the likelihood of enacting transformative service marketing.

Different conceptualisations of resilience have profound implications for resilience-related policymaking as well as understanding change and adaptation in service ecosystems and organisations.

The transformative possibilities of resilience are connected to the active enhancement and construction of social capacity by service organisations and the persistent resilience of the resilience concept.

This paper highlights the importance of clearly defining the resilience concept and its implications for research and transformative service organisations.

This study employs Stein Rokkan's methodological approach to analyse state formation in the Greater Middle East. It develops a conceptual framework distinguishing colonial, populist and democratic pacts, suitable for analysis of state formation and nation-building through to the present period. The framework relies on historical institutionalism. The methodology, however, is Rokkan's. The initial conceptual analysis also specifies differences between European and the Middle Eastern state formation processes. It is followed by a brief and selective discussion of historical preconditions. Next, the method of plotting singular cases into conceptual-typological maps is applied to 20 cases in the Greater Middle East (including Afghanistan, Iran and Turkey). For reasons of space, the empirical analysis is limited to the colonial period (1870s to the end of World War 1). Three typologies are combined into one conceptual-typological map of this period. The vertical left-hand axis provides a composite typology that clarifies cultural-territorial preconditions. The horizontal axis specifies transformations of the region's agrarian class structures since the mid-19th century reforms. The right-hand vertical axis provides a four-layered typology of processes of external intervention. A final section presents selected comparative case reconstructions. To the authors' knowledge, this is the first time such a Rokkan-style conceptual-typological map has been constructed for a non-European region.