Search results

1 – 7 of 7
Article
Publication date: 9 February 2023

Anusha Bhana and Jacques Ophoff

Organisations use a variety of technical, formal and informal security controls but also rely on employees to safeguard information assets. This relies heavily on compliance and…

Abstract

Purpose

Organisations use a variety of technical, formal and informal security controls but also rely on employees to safeguard information assets. This relies heavily on compliance and constantly challenges employees to manage security-related risks. The purpose of this research is to explore the homeostatic mechanism proposed by risk homeostasis theory (RHT), as well as security fatigue, in an organisational context.

Design/methodology/approach

A case study approach was used to investigate the topic, focusing on data specialists who regularly work with sensitive information assets. Primary data was collected through semi-structured interviews with 12 data specialists in a large financial services company.

Findings

A thematic analysis of the data revealed risk perceptions, behavioural adjustments and indicators of security fatigue. The findings provide examples of how these concepts manifest in practice and confirm the relevance of RHT in the security domain.

Originality/value

This research illuminates homeostatic mechanisms in an organisational security context. It also illustrates links with security fatigue and how this could further impact risk. Examples and indicators of security fatigue can assist organisations with risk management, creating “employee-friendly” policies and procedures, choosing appropriate technical security solutions and tailoring security education, training and awareness activities.

Details

Information & Computer Security, vol. 31 no. 3
Type: Research Article
ISSN: 2056-4961

Keywords

Open Access
Article
Publication date: 16 July 2021

Karen Renaud and Jacques Ophoff

There is widespread concern about the fact that small- and medium-sized enterprises (SMEs) seem to be particularly vulnerable to cyberattacks. This is perhaps because smaller…

6266

Abstract

Purpose

There is widespread concern about the fact that small- and medium-sized enterprises (SMEs) seem to be particularly vulnerable to cyberattacks. This is perhaps because smaller businesses lack sufficient situational awareness to make informed decisions in this space, or because they lack the resources to implement security controls and precautions.

Design/methodology/approach

In this paper, Endsley’s theory of situation awareness was extended to propose a model of SMEs’ cyber situational awareness, and the extent to which this awareness triggers the implementation of cyber security measures. Empirical data were collected through an online survey of 361 UK-based SMEs; subsequently, the authors used partial least squares modeling to validate the model.

Findings

The results show that heightened situational awareness, as well as resource availability, significantly affects SMEs’ implementation of cyber precautions and controls.

Research limitations/implications

While resource limitations are undoubtedly a problem for SMEs, their lack of cyber situational awareness seems to be the area requiring most attention.

Practical implications

The findings of this study are reported and recommendations were made that can help to improve situational awareness, which will have the effect of encouraging the implementation of cyber security measures.

Originality/value

This is the first study to apply the situational awareness theory to understand why SMEs do not implement cyber security best practice measures.

Details

Organizational Cybersecurity Journal: Practice, Process and People, vol. 1 no. 1
Type: Research Article
ISSN: 2635-0270

Keywords

Article
Publication date: 3 April 2024

Tim Wright, Zainab Ruhwanya and Jacques Ophoff

The COVID-19 pandemic necessitated a significant shift in how employees executed their professional responsibilities. Concurrently, the incidence of cybercrime experienced a…

Abstract

Purpose

The COVID-19 pandemic necessitated a significant shift in how employees executed their professional responsibilities. Concurrently, the incidence of cybercrime experienced a noteworthy surge due to the increased utilisation of cyberspace. The abrupt transition to telecommuting altered the interpersonal dynamics inherent in traditional work environments. This paper aims to examine the impact of interpersonal factors on the cybercrime preventative measures adopted by telecommuting employees.

Design/methodology/approach

A conceptual model, grounded in the Theory of Interpersonal Behaviour, is evaluated through an online survey. The data set comprises responses from 209 employees in South Africa, and the analysis uses partial least squares structural equation modelling.

Findings

The results reveal substantial predictive power to explain cybercrime preventative behaviours. Notably, the study underscores the significant influence of habit and affect on intention and subsequent behaviour.

Practical implications

The results suggest that practitioners should give due attention to emotional dimensions (affect) as a catalyst for information security behaviour. The formulation of employees’ information security responsibilities should be pragmatic, fostering subconscious compliance to establish routine behaviour (habit).

Originality/value

This research underscores the pivotal roles played by habit and emotions in shaping behavioural patterns related to information security. Furthermore, it provides researchers with an illustrative model for operationalising these constructs within the realm of security. The results contribute additional perspectives on the repercussions of the COVID-19 pandemic on cybercrime preventative behaviours.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 17 June 2021

Karen Renaud, Graham Johnson and Jacques Ophoff

The purpose of this paper is to reveal the lived experiences of dyslexics in engaging with all kinds of alphanumeric authentication mechanisms.

Abstract

Purpose

The purpose of this paper is to reveal the lived experiences of dyslexics in engaging with all kinds of alphanumeric authentication mechanisms.

Design/methodology/approach

A significant proportion of the world’s population experiences some degree of dyslexia, which can lead to spelling, processing, sequencing and retention difficulties. Passwords, being essentially sequences of alphanumeric characters, make it likely that dyslexics will struggle with these, even more so than the rest of the population. Here, this study explores the difficulties people with dyslexia face, their general experiences with passwords, the coping strategies they use and the advice they can provide to developers and others who struggle with passwords. This paper collects empirical data through semi-structured interviews with 13 participants. Thematic analysis was used to provide an in-depth view of each participant’s experience.

Findings

The main contribution of this paper is to provide evidence related to the inaccessibility dimensions of passwords as an authentication mechanism, especially for dyslexics and to recommend a solution direction.

Research limitations/implications

There is a possible volunteer bias, as this study is dealing with self-reported data including historical and reflective elements and this paper is seeking information only from those with self-declared or diagnosed dyslexia. Furthermore, many expressed interest or curiosity in the relationship between dyslexia and password difficulties, for some a motivation for their participation. Finally, given that the participants told us that dyslexics might hide, it is possible that the experiences of those who do hide are different from those who chose to speak to us and thus were not hiding.

Originality/value

A few authors have written about the difficulties dyslexics face when it comes to passwords, but no one has asked dyslexics to tell them about their experiences. This paper fills that gap.

Details

Information & Computer Security, vol. 29 no. 4
Type: Research Article
ISSN: 2056-4961

Keywords

Open Access
Article
Publication date: 29 September 2021

Gurvirender Tejay and Gary Klein

684

Abstract

Details

Organizational Cybersecurity Journal: Practice, Process and People, vol. 1 no. 1
Type: Research Article
ISSN: 2635-0270

Article
Publication date: 22 September 2020

Umesh Bamel, Vijay Pereira, Manlio Del Giudice and Yama Temouri

This paper examines the leading publication trends including the extent and impact of intellectual capital research in the Journal of Intellectual Capital (JIC) over a two-decade…

1486

Abstract

Purpose

This paper examines the leading publication trends including the extent and impact of intellectual capital research in the Journal of Intellectual Capital (JIC) over a two-decade period (2000–2020). The bibliometric analysis offers the description of publications trends such as key authors, articles, cited references, institutions and countries— in other words the extent and impact in the field. This paper also presents the knowledge structure (including conceptual, intellectual and social structures) of JIC, that is prominent themes, co-citation and bibliographic networks.

Design/methodology/approach

In order to achieve research objectives, we collected the bibliographic information of the articles published in JIC for the period 2000 to 2020 from the Scopus database on 11.04.2020. The bibliographic information of 737 documents were analysed using to open source analysis tool, that is bibliometrics package in r software and VOSviewer. These tools were used to create the graphical visualization of bibliographic data on basis of co-occurrence, co-citation and bibliographic coupling.

Findings

The results show that the journal is progressing in terms of publication quantity and reputation in the field. To date, 737 documents have been published in JIC, which includes 659 research articles, eight editorials, seven notes and 63 review papers. This paper also portrays the author impact list in terms of most impactful articles published in JIC. Country-wise Italy, Australia, and USA exert maximum influence on JIC scholarship.

Originality/value

Bibliographic analysis offers a comprehensive understanding of past trends and presents the future direction of a journal.

Article
Publication date: 3 July 2018

Ki-Soon Han and Pooja Garg

This paper aims to explore the role of workplace democracy in generating psychological capital, which is an inevitable paradigm for the contemporary organizations. The study also…

1733

Abstract

Purpose

This paper aims to explore the role of workplace democracy in generating psychological capital, which is an inevitable paradigm for the contemporary organizations. The study also provides a conceptual framework which connotes the nexus between the two constructs.

Design/methodology/approach

The study is qualitative in nature and uses content analysis to identify the determinants of workplace democracy and psychological capital. Furthermore, the study used SPSS macro, i.e. PROCESS, a computational tool for calculating inter-coder reliability by using KALPHA, i.e. Krippendorff’s alpha reliability estimate (Hayes, 2013; Krippendorff, 2011).

Findings

The present study adds to the literature by signaling the dire need for building democratic workplaces and offers significant insights for the management and human resource practitioners to cultivate workplace democracy to build their employees’ psychological strengths, which in turn will result in enhanced organizational outcomes.

Originality/value

The present study brings attention toward the necessity for a shift in the generic organizational strategies and instigate organizations to nurture a democratic setup for developing employees’ psychological capital.

Details

Management Research Review, vol. 41 no. 9
Type: Research Article
ISSN: 2040-8269

Keywords

1 – 7 of 7