Search results

Effective information security management (ISM) contributes to building a healthy organizational digital ecology. However, few studies have built an analysis framework for critical influencing factors to discuss the combined influence mechanism of multiple factors on ISM performance (ISMP). This study aims to explore the critical success factors and understand how these factors contribute to ISMP.

This study used a mixed-method approach to achieve this study’s research goals. In Study 1, the authors conducted a qualitative analysis to take a series of International Organization for Standardization/International Electrotechnical Commission standard documents as the basis to refine the critical factors that may influence organizations’ ISMP. In Study 2, the authors built a research model based on the organizational control perspective and used the survey-based partial least squares-based structural equation modeling (PLS-SEM) approach to understand the relationships between these factors in promoting ISMP. In Study 3, the authors used the fuzzy set qualitative comparative analysis (fsQCA) method to empirically analyze the complex mechanisms of how the combinations of the factors affect ISMP.

The following three research findings are obtained. First, based on the text-based qualitative analysis, the authors refined the critical success factors that may increase ISMP, including information security policies (ISP), top management support (TMS), alignment (ALI), information security risk assessment (IRA), information security awareness (ISA) and information security culture (ISC). Second, the PLS-SEM testing results confirmed TMS is the antecedent variable motivating organization’s formation (ISP) and information control (ISC) approaches; these two types of organization control approaches increase IRA, ISA and ALI and then promote ISMP directly and indirectly. Third, the fsQCA testing results found two configurations that can achieve high ISMP and one driving path that leads to non-high ISMP.

This study extends knowledge by exploring configuration factors to improve or impede the performances of organizations’ ISM. To the best of the authors’ knowledge, this study is one of the first to explore the use of the fsQCA approach in information security studies, and the results not only revealed causal associations between single factors but also highlighted the critical role of configuration factors in developing organizational ISMP. This study calls attention to information security managers of an organization should highlight the combined effect between the factors and reasonably allocate organizational resources to achieve high ISMP.

While the potential for digital innovation (DI) to transform organizational practices is widely acknowledged in the information systems (IS) literature, there is very limited understanding on the socio-political nature of institutional interactions that determine DI and affect organizational practices in social cash organizations. Drawing on the neo-institutionalist vision, the purpose of the study is to examine the unique set of institutional exchanges that influence the transition to digital social cash payments that give rise to new institutional arrangements in social cash organizations.

The paper draws on an in-depth case study of a government social cash organization in Pakistan. Qualitative data were collected using 30 semi-structured interviews from key organizational members and stakeholders.

The results suggest that DI is determined by the novel intersections between the coercive (techno-economic, regulatory), normative (socio-organizational), mimetic (international) and covert power (political) forces. Hence, DI is not a technologically deterministic output, but rather a complex socio-political process enacted through dialogue, negotiation and conflict between institutional actors. Technology is socially embedded through the process of institutionalization that is coupled by the deinstitutionalization of established organizational practices for progressive transformation.

The research has implications for government social cash organizations especially in the Global South. Empirically, the authors gained rare access to, and support from a government-backed social cash organization in Pakistan (an understudied country in the Global South), which made the data and the consequent analyses even invaluable. This made the empirical contribution within this geographical setting even more worthy, since this case study has received little attention from indigenous scholars in the past. The empirical findings showcased a unique set of contextual factors that were subject to BISP and interpreted through an account of socio-cultural sensitivities.

The paper provides practical implications for policymakers and practitioners, emphasizing the need to address institutional challenges, including covert power, during the implementation of digitalization projects in the public sector. The paper has certain potential for inspiring future e-government related (or public sector focused) studies. The paper may guide both private and government policy-makers and practitioners in presenting how to overcome certain institutional challenges while planning and implementing large scale multi-stakeholder digitization projects in similar country contexts. So while there is scope of linking the digitization of public sector organizations to anti-corruption measures in other Global South countries, the paper may not be that straightforward with the private sector involvement.

The paper offers rich social insights on the institutional interchanges that occur between the social actors for the innovation of technology. Especially, the paper highlights the social-embeddedness nature of technology that underpins the institutionalization of new organizational practices. These have implications on how DI is viewed as a socio-political process of change.

This study contributes to neo-institutional theory by theorizing covert power as a political force that complements the neo-institutional framework. This force is subtle but also resistive for some political actors as the force shifts the equilibrium of power between different institutional actors. Furthermore, the paper presents the social and practical implications that guide policymakers and practitioners by taking into consideration the unique institutional challenges, such as covert power, while implementing large scale digital projects in the social cash sector.

The study focuses on influential factors of collaboration on government data security by the Chinese government.

The article explores the case of e-government in the Chinese centralized unitary state system context, using a structured–pragmatic–situational (SPS) approach and the boundary theory as an analytical lens.

The findings indicate that e-government operates in highly interconnected environments where the safe flow of government data requires collaborative and cross-boundary strategies. Any organization is a potential “weakest link”. In addition, collaboration is fragmented by ambiguous accountability and organizational inertia across government departments, resources differences and limited visibility and measurability of security efforts across government levels and conflicts and uncertainties in principal–agent relationships. The solutions for those obstacles are also discussed from the multi-function, multi-level and multi-actor dimensions, respectively. A multi-dimensional overarching security model for the flow of government data is proposed.

The study advances the technology-oriented micro-analysis of previous studies on government data security to cross-organizational revealing at the macrolevel by connecting streams of research in information systems and public administration. These findings will contribute to making the safe flow of government data more resilient in the transformation of e-government.

The current body of empirical research regarding the impact of trust in the cybersecurity commitment of institutions on digital payment usage has focused solely on a macro-level analysis, overlooking the intricate dynamics between institutions' cybersecurity commitments and the trust levels of digital payment users. In light of this limitation, this study aims to offer a more comprehensive understanding of this complex relationship.

A case study was conducted on digital payment users in India through the critical realist lens. To gather data, interviews and focus group discussions were conducted with digital payment users from various regions of the country.

The citizen-centric outcomes of the national cybersecurity commitment (performance and responsiveness) are the most prominent and impactful trust indicators. These outcomes play a crucial role in shaping digital payment users' perception and trust in the cybersecurity commitment of public institutions. Individuals' value positions also influence trust judgments, as it is essential to recognize the value tensions that may arise due to security implementation and their congruence with citizens' values.

The findings of this study have significant implications for policymakers. They are potentially an artifact of the security and perception of digital payment users and the cultural uniqueness of digital payment users in India.

The study proposes a holistic understanding of the relationship between institutions' cybersecurity commitments and the trust levels of digital payment users. It offers a qualitative evaluation of how digital payment users perceive and construe efficient information security management implemented by public institutions.

Know your customer (KYC), accounting standards, issuance, clearing, and trade settlement became the major barrier to implement accounting, accountability and assurance process in supply chain finance (SCF). Blockchain technology features have the potential to solve accounting problems. This research focuses on exploring how blockchain technology provides solutions to overcome the barriers of accounting process in SCF. The benefits, opportunities, costs and risks related to blockchain adoption are also explored.

Multi-case study and qualitative methods are used with a framework based on blockchain role to overcome the accounting process barriers. Ten blockchain projects in SCF and 29 interviews of participants as a unit of analysis are considered.

The findings indicate that blockchain technology offers solutions to solve accounting, accountability and assurance problems in SCF. Validity, verification, smart contracts, automation and enduring data on trade transactions potentially solve those barriers. However, it is also necessary to consider costs such as implementation, technology, education and integration costs. Then there are possible risks such as regulatory compliance, operational, code development and scalability risk. This finding reflects the current status of blockchain technology roles in SCF.

This study unveils blockchain's SCF accounting potential, emphasizing multi-case method limitations and future research prospects. Diverse contexts challenge findings' applicability, warranting cross-industry studies for deeper insights. Addressing selection bias and integrating quantitative measures can enhance understanding of blockchain's accounting impact.

Accounting professionals can get an idea of the future direction and impact of blockchain technology on accounting, accountability and assurance processes.

This study provides initial findings on the potential, costs and risks of blockchain that is beneficial for parties involved in SCF, especially for banks and insurance underwriters. In addition, the findings also provide direction for the contribution of blockchain technology to accounting theory in the future.

The purpose of this paper is to advance our understanding of international crisis mediation by introducing and examining the nested insider-partial mediator (NIPM) concept, a nuanced perspective on IPM behavior. This study challenges the traditional view of effective mediators as external, unbiased entities by delving into the behavior and contribution of mediators who are deeply embedded in the conflict environment, such as South Korea’s unique position in navigating the US–DPRK crisis in 2017–2018. By analyzing South Korea’s dual role as mediator and negotiator and its employment of both nondirective and directive mediation strategies, the paper demonstrates the potential effectiveness of NIPMs in managing complex biases and contributing to de-escalation in intense crisis scenarios.

This paper uses a focused single-case study approach to analyze South Korea’s role as an NIPM. Using a process-tracing methodology, it examines how contextual factors such as relationships, interests and inherent biases influenced South Korea’s mediation strategies in this complex geopolitical scenario. Empirical evidence was retrieved from public sources, including official statements and press interviews, providing an empirical foundation for understanding NIPM behavior. This approach facilitates a detailed study of South Korea’s unique mediation role within the intricate dynamics of the Korean Peninsula conflict.

The study’s findings illustrate the pivotal role NIPMs can play in complex international conflicts, underlining the significant potential of NIPMs in crisis prevention. The findings highlight South Korea’s adept navigation through intricate geopolitical dynamics, leveraging its unique insider position and established relationships with both the USA and North Korea. This behavior was instrumental in mitigating a potentially explosive situation, steering the crisis toward negotiation and de-escalation. The research underscores the effectiveness of the NIPM framework in understanding the nuanced behavior of mediators who are deeply integrated into multi-level conflicts, influenced by their connections, interests and inherent biases.

This research not only broadens the theoretical framework of insider-partial mediation by introducing the concept of NIPM, but also has practical implications for policymakers and practitioners in leveraging regional mediation strategies for international crisis mitigation. The study underscores the importance of mediators’ deep-rooted connections, biases and vested interests in influencing their mediation tactics, thus offering a comprehensive understanding of the multifaceted nature of international mediation in complex geopolitical conflicts.

Despite a growing body of research focusing on the dark side of sharing economy development, arguments are fragmented and incomplete. This study aims to address the gap by integrating existing viewpoints based on a provider’s perspective.

This study conducted a bibliometric analysis using text mining and clustering algorithm techniques to measure the scope of scientific output on this topic and identify the main research themes.

Through the bibliometric analysis, this study developed an integrative framework based on the platform providers’ internal management issues and external conflicts with consumers, society, government regulations and traditional business. It also identified significant gaps within each research theme and proposed a future research agenda.

Sharing economy development has not yet been fully understood and regulated, leading to unprecedented challenges to existing business systems. The study addresses knowledge gaps and advances the understanding of the dark side of the sharing economy based on the provider’s internal management and interplay with external forces. It offers a roadmap for future research to advance understanding of the “hidden” dark side of the sharing economy.

Although cloud storage services can bring users valuable convenience, they can be technically complex and intrinsically insecure. Therefore, this research explores the concerns of academic users regarding cloud security and technical issues and how such problems may influence their continuous use in daily life.

This qualitative study used a semi-structured interview approach comprising six main open-ended questions to explore the information security and technical issues for the continuous use of cloud storage services by 20 undergraduate students in Hong Kong.

The analysis revealed cloud storage service users' major security and technical concerns, particularly synchronization and backup issues, were the most significant technical barrier to the continuing personal use of cloud storage services.

Existing literature has focused on how cloud computing services could bring benefits and security and privacy-related risks to organizations rather than security and technical issues of personal use, especially in the Asian academic context.

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.

The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.

The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.

The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.

Firms are increasingly pressured to comply with mandatory supply chain transparency (SCT) regulations. Drawing on information processing theory (IPT), this study aims to show how blockchain technology can address information uncertainty and equivocality in assuring regulatory compliance in an interorganizational network (ION).

IPT is applied in a single case study of an ION in the mining industry that aimed to implement blockchain to address mandatory SCT regulations. The authors build on a rich proprietary data set consisting of interviews and substantial secondary material from actors along the supply chain.

The case shows that blockchain creates equality between actors, enables compliance and enhances efficiency in an ION, reducing information uncertainty and equivocality arising from conflict minerals regulation. The system promotes engagement and data sharing between parties while protecting commercial sensitive information. The lack of central authority prevents larger partners from taking control. The system provides mineral provenance and a regulation-compliant record. System cost analysis shows that the system is efficient as it is inexpensive relative to volumes and values of metals transacted. Issues were identified related to collecting richer human rights data for assurance and compliance with due diligence regulations.

The authors provide some of the first evidence in the operations and supply chain management literature of the specific architecture, costs and limitations of using blockchain for SCT. Using an IPT lens in an ION setting, the authors demonstrate how blockchain-based systems can address two key IPT challenges: environmental uncertainty and equivocality.