Search results
1 – 10 of over 5000Eylem Thron, Shamal Faily, Huseyin Dogan and Martin Freer
Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at…
Abstract
Purpose
Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.
Design/methodology/approach
Overall, 26 interviews were conducted with 21 participants from industry and academia.
Findings
The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.
Originality/value
The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.
Details
Keywords
Mohan Thite and Ramanathan Iyer
Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information…
Abstract
Purpose
Despite ongoing reports of insider-driven leakage of confidential data, both academic scholars and practitioners tend to focus on external threats and favour information technology (IT)-centric solutions to secure and strengthen their information security ecosystem. Unfortunately, they pay little attention to human resource management (HRM) solutions. This paper aims to address this gap and proposes an actionable human resource (HR)-centric and artificial intelligence (AI)-driven framework.
Design/methodology/approach
The paper highlights the dangers posed by insider threats and presents key findings from a Leximancer-based analysis of a rapid literature review on the role, nature and contribution of HRM for information security, especially in addressing insider threats. The study also discusses the limitations of these solutions and proposes an HR-in-the-loop model, driven by AI and machine learning to mitigate these limitations.
Findings
The paper argues that AI promises to offer many HRM-centric opportunities to fortify the information security architecture if used strategically and intelligently. The HR-in-the-loop model can ensure that the human factors are considered when designing information security solutions. By combining AI and machine learning with human expertise, this model can provide an effective and comprehensive approach to addressing insider threats.
Originality/value
The paper fills the research gap on the critical role of HR in securing and strengthening information security. It makes further contribution in identifying the limitations of HRM solutions in info security and how AI and machine learning can be leveraged to address these limitations to some extent.
Details
Keywords
Taro Komatsu, Kaoru Ghalawinji-Yamamoto, Yukari Iwama and Sayo Hattori
The purpose of this paper is to explore how vulnerable refugee children's education can be supported in the first asylum country during a long-term, complex crisis. More…
Abstract
Purpose
The purpose of this paper is to explore how vulnerable refugee children's education can be supported in the first asylum country during a long-term, complex crisis. More specifically, the authors examine the impact of a remedial education (RE) program on academically challenged Syrian refugees' sustained learning and well-being in Jordan during a protracted emergency.
Design/methodology/approach
Using the 2012 United Nations human security framework, the authors analyze the quantitative results of program evaluation, supplemented by qualitative surveys and stakeholder interviews that asked about the aspirations of refugee children and their guardians, their school experience and the refugee–host community relationship.
Findings
The authors' data suggest that the program enhanced targeted Syrians' protection and empowerment. Their increased sense of safety and improved academic performance and learning motivation were likely owing to child-friendly classroom management and pedagogies that facilitated interactive and differentiated learning. Their human security was further strengthened when they learned with Jordanian children who experienced similar academic challenges and with teachers sympathetic to their plight. Meanwhile, a human security framework calls for humanitarian agencies' strategic engagement with local partners to ensure refugees' learning continuity.
Originality/value
Refugee education studies in first asylum countries are rare. Even rarer are studies focusing on academically low-achieving refugees with full consideration of the protracted and complex nature of a crisis. This study suggests effective measures to increase their human security while calling for humanitarian aid organizations to use long-term thinking.
Details
Keywords
A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and…
Abstract
Purpose
A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and socio-cognitive theories. This study aims to explore human and contextual factors influencing cyber security behaviour in organizations while drawing implications for cyber-security in higher education institutions.
Design/methodology/approach
A systematic literature review has been implemented. The reviewed studies have revealed various human and contextual factors that influence cyber-security behaviour in organizations, notably higher education institutions.
Research limitations/implications
This review study offers practical implications for constructing and keeping a robust cyber-security organizational culture in higher education institutions for the sustainable development goals of cyber-security training and education.
Originality/value
The value of the current review arises in that it presents a comprehensive account of human factors affecting cyber-security in organizations, a topic that is rarely investigated in previous related literature. Furthermore, the current review sheds light on cyber-security in higher education from the weakest link perspective. Simultaneously, the study contributes to relevant literature by gaining insight into human factors and socio-technological controls related to cyber-security in higher education institutions.
Details
Keywords
Hamada Elsaid Elmaasrawy and Omar Ikbal Tawfik
This paper aims to examine the impact of the assurance and advisory role of internal audit (ADRIA) on organisational, human and technical proactive measures to enhance…
Abstract
Purpose
This paper aims to examine the impact of the assurance and advisory role of internal audit (ADRIA) on organisational, human and technical proactive measures to enhance cybersecurity (CS).
Design/methodology/approach
The questionnaire was used to collect data for 97 internal auditors (IAu) from the Gulf Cooperation Council countries. The authors used partial least squares (PLS) to test the hypotheses.
Findings
The results show a positive effect of the ADRIA on each of the organisational proactive measures, human proactive measures and technical proactive measures to enhance CS. The study also found a positive effect of the confirmatory role of IA on both human proactive measures and technical proactive measures to enhance CS. No effect of the confirmatory role of IA on the organisational proactive measures is found.
Research limitations/implications
This study focused on only three proactive measures to enhance CS, and this study was limited to the opinions of IAu. In addition, the study was limited to using regression analysis according to the PLS method.
Practical implications
The results of this study show that managers need to consider the influential role of IA as a value-adding activity in reducing CS risks and activating proactive measures. Also, IAu must expand its capabilities, skills and knowledge in CS auditing to provide a bold view of cyber threats. At the same time, the institutions responsible for preparing IA standards should develop standards and guidelines that help IAu to play assurance and advisory roles.
Originality/value
To the best of the authors’ knowledge, this is the first study of its kind that deals with the impact of the assurance and ADRIA on proactive measures to enhance CS. In addition, the study determines the nature of the advisory role and the assurance role of IA to strengthen CS.
Details
Keywords
Migrant women face unique difficulties, such as labour discrimination, limited sexual and reproductive health (SRH) services, obstacles to family reunification, gender-based…
Abstract
Migrant women face unique difficulties, such as labour discrimination, limited sexual and reproductive health (SRH) services, obstacles to family reunification, gender-based violence (GBV) and human trafficking. 1 The European Commission's labour integration approach currently fails to account for these difficulties. Civil society organisations (CSOs) and non-governmental organisations (NGOs) attempt to fill these gaps but lack capacity and funding. The European Commission's current approach does not respect human dignity and impedes the migrant community's integration and inclusion. This chapter discusses sexual assault and gender-based violence, which may be disturbing to some readers.
This issue is relevant and important because migrant women comprise a large portion of the migrant population 2 and are a vital part of the migrant community. The methodology used in this chapter is a human security framework with a people-centred approach to policy that empowers those impacted by it. Research for this chapter was conducted using news articles, academic articles, UN reports and publications. Based on this, the European Commission must take a holistic and binding approach that protects the rights and dignity of migrant women.
There are multiple approaches that the European Commission can take to incorporate human dignity into its policies towards women and migration, such as applying international conventions and implementing policies that account for migrant women. All approaches must be realistic and required of all member states.
Details
Keywords
This paper aims to investigate cyber security awareness of the staff of Estonian libraries and gives an overview why libraries could be a target of cyber attacks and why…
Abstract
Purpose
This paper aims to investigate cyber security awareness of the staff of Estonian libraries and gives an overview why libraries could be a target of cyber attacks and why librarians need cyber security at first place.
Design/methodology/approach
The data used in this paper is based on a review of relevant literature to provide an overview of the concept of cyber security, and the results of the original online survey created by the paper’s author, conducted among Estonian librarians. The online questionnaire was developed using the world-recognised human aspects of information security questionnaire (HAIS-Q), which is based on the knowledge-attitudes-behaviour (KAB) methodology. A total of 388 completed questionnaires were returned from employees of academic, specialised, public and school libraries. The results are interpreted on the basis of descriptive statistics and Kruger and Kearney approach.
Findings
The final score of library employees is 86, which is classified as good, but based on the result, two focus areas need more attention than previously, which are the use of devices and prevention and handling of incidents.
Originality/value
The cyber behaviour of library employees has not been widely studied in the world using HAIS-Q and KAB models, and to the best of the authors’ knowledge, no research has been previously carried out in the Estonian library context into cyber security awareness.
Details
Keywords
Kabir Md Shahin and Moyenul Hasan
This paper aims to examine the prevailing Rohingya refugee crisis from political and humanitarian perspectives and explores the political and humanitarian aspects of the Rohingya…
Abstract
Purpose
This paper aims to examine the prevailing Rohingya refugee crisis from political and humanitarian perspectives and explores the political and humanitarian aspects of the Rohingya refugee crisis.
Design/methodology/approach
Relevant literature has been reviewed for conceptual understanding. This study is descriptive and qualitative in nature and based on secondary sources of data.
Findings
The main causes of the Rohingya crisis such as political and humanitarian aspects. Issues such as discrimination and homelessness, and national security concerns that regional politics scapegoated the Rohingya to exacerbate regional tensions. Moreover, armed conflicts, political radicalization, security concerns, human rights violations and low media attention compared to other displaced families have made the future of the Rohingyas very uncertain.
Practical implications
The Rohingya crisis has far-reaching implications for domestic and regional politics as well as for relations with major world powers. In the context of regional security and geopolitics, this study provides insight into the polarization and politicization of the Rohingya minority.
Originality/value
This research offers a vital exploration of the Rohingya refugee crisis, delving into its multifaceted political and humanitarian dimensions, contributing fresh insights to address a pressing global concern.
Details
Keywords
N’guessan Yves-Roland Douha, Karen Renaud, Yuzo Taenaka and Youki Kadobayashi
Smart-home security involves multilayered security challenges related to smart-home devices, networks, mobile applications, cloud servers and users. However, very few studies…
Abstract
Purpose
Smart-home security involves multilayered security challenges related to smart-home devices, networks, mobile applications, cloud servers and users. However, very few studies focus on smart-home users. This paper aims to fill this gap by investigating the potential interests of adult smart-home users in cybersecurity awareness training and nonfinancial rewards that may encourage them to adopt sound cybersecurity practices.
Design/methodology/approach
A total of 423 smart-home users between the ages of 25 and 64 completed a survey questionnaire for this study, with 224 participants from Japan and 199 from the UK.
Findings
Cultural factors considerably influence adult smart-home users’ attitudes toward cybersecurity. Specifically, cultural differences impact their willingness to participate in cybersecurity awareness training, their views on the importance of cybersecurity training for children and senior citizens and their preference for nonfinancial rewards as an incentive for good cybersecurity behavior. These results highlight the need to consider cultural differences and their potential impact when developing and implementing cybersecurity programs that target smart-home users.
Practical implications
This research has two main implications. First, it provides insights for information security professionals on the importance of designing cost-effective and time-efficient cybersecurity awareness training programs for smart-home users. Second, the findings may assist governments in establishing nonfinancial incentives to encourage greater uptake of cybersecurity practices among smart-home users.
Originality/value
The paper investigates whether adult smart-home users are willing to spend time and money to engage in cybersecurity awareness training and to encourage their children and elderly parents to participate in training, as well. In addition, the paper examines incentives, especially nonfinancial rewards, that may motivate adult smart-home users to adopt cybersecurity behaviors at home. Furthermore, the paper analyses demographic differences among smart-home users in Japan and the UK.
Details