Search results

The impact of stress on personal and work-related outcomes has been studied in the information systems (IS) literature across several professions. However, the cybersecurity profession has received little attention despite numerous reports suggesting stress is a leading cause of various adverse professional outcomes. Cybersecurity professionals work in a constantly changing adversarial threat landscape, are focused on enforcement rather than compliance, and are required to adhere to ever-changing industry mandates – a work environment that is stressful and has been likened to a war zone. Hence, this literature review aims to reveal gaps and trends in the current extant general workplace and IS-specific stress literature and illuminate potentially fruitful paths for future research focused on stress among cybersecurity professionals.

Using the systematic literature review process (Okoli and Schabram, 2010), the authors examined the current IS research that studies stress in organizations. A disciplinary corpus was generated from IS journals and conferences encompassing 30 years. The authors analyzed 293 articles from 21 journals and six conferences to retain 77 articles and four conference proceedings for literature review.

The findings reveal four key research opportunities. First, the demands experienced by cybersecurity professionals are distinct from the demands experienced by regular information technology (IT) professionals. Second, it is crucial to identify the appraisal process that cybersecurity professionals follow in assessing security demands. Third, there are many stress responses from cybersecurity professionals, not just negative responses. Fourth, future research should focus on stress-related outcomes such as employee productivity, job satisfaction, job turnover, etc., and not only security compliance among cybersecurity professionals.

This study is the first to provide a systematic synthesis of the IS stress literature to reveal gaps, trends and opportunities for future research focused on stress among cybersecurity professionals. The study presents several novel trends and research opportunities. It contends that the demands experienced by cybersecurity professionals are distinct from those experienced by regular IT professionals and scholars should seek to identify the key characteristics of these demands that influence their appraisal process. Also, there are many stress responses, not just negative responses, deserving increased attention and future research should focus on unexplored stress-related outcomes for cybersecurity professionals.

The purpose of this paper is to describe how the voluntary living wage (LW) in the UK is set. It examines how this calculation relates to contemporary approaches to setting wage floors, both in relation to their goal of supporting adequate living standards and in relation to the place of wage floors in the labour mark.

The paper examines how compulsory and voluntary wage floors are being determined, in the UK and in particular the role of public consensus in contributing to the calculation and adoption of a LW. It then reflects on the future sustainability of a system of wage floors in which the concept of the LW plays a significant role.

The central finding is that widespread support for wages delivering socially acceptable minimum living standards has transformed the context in which low pay is being addressed in the UK. The LW idea has stimulated more decisive efforts to do so; however, if a compulsory version of a LW were to reach a level shown to be harming jobs, this could seriously undermine such efforts. Moreover, the extent to which adequate wages are compatible with high employment levels can also be influenced by state support for households, especially tax credits and Universal Credit.

The paper clarifies how the setting of the UK LW contributes to objectives related both to living standards and to labour markets, and critically addresses some key issues raised.

This research aims to determine to what extent corporate social responsibility (CSR) actions developed by bank entities in Spain improve the vulnerable customers' emotions and quality perception of the banking service. Consequently, this increases the quality of their relationship regarding satisfaction, trust and engagement.

Data from 734 vulnerable banking customers were analyzed through structural equations modeling (EQS 6.2) to test the relationships of the proposed variables.

Vulnerable customers' emotional disposition exerts a strong influence on their perceived service quality. The antecedent effect is concentrated primarily on the CSR towards the client, with a residual secondary weight on the CSR towards society. These positive service emotions are determinants of the outcome quality perceived by vulnerable customers, directly in terms of higher satisfaction and trust and indirectly through engagement.

This research contributes to understanding how financial service providers should adapt to the specific characteristics and needs of vulnerable clients by adopting a strategy of approach, personalization and humanization of the service that seems to move away from the actions implemented by the banking industry in recent years.

This study has adopted a theoretical and empirical perspective on the impact of CSR on service emotions and outcome quality of vulnerable banking customers. Moreover, banks can adopt a dual conception of CSR: a macro and external scope toward society and a micro and internal scope toward customers.

The concept of information security culture, which recently gained increased attention, aims to comprehensively grasp socio-cultural mechanisms that have an impact on organizational security. Different measurement instruments have been developed to measure and assess information security culture using survey-based tools. However, the content, breadth and face validity of these scales vary greatly. This study aims to identify and provide an overview of the scales that are used to measure information security culture and to evaluate the rigor of reported scale development and validation procedures.

Papers that introduce a new or adapt an existing scale of information security culture were systematically reviewed to evaluate scales of information security culture. A standard search strategy was applied to identify 19 relevant scales, which were evaluated based on the framework of 16 criteria pertaining to the rigor of reported operationalization and the reported validity and reliability of the identified scales.

The results show that the rigor with which scales of information security culture are validated varies greatly and that none of the scales meet all the evaluation criteria. Moreover, most of the studies provide somewhat limited evidence of the validation of scales, indicating room for further improvement. Particularly, critical issues seem to be the lack of evidence regarding discriminant and criterion validity and incomplete documentation of the operationalization process.

Researchers focusing on the human factor in information security need to reach a certain level of agreement on the essential elements of the concept of information security culture. Future studies need to build on existing scales, address their limitations and gain further evidence regarding the validity of scales of information security culture. Further research should also investigate the quality of definitions and make expert assessments of the content fit between concepts and items.

Organizations that aim to assess the level of information security culture among employees can use the results of this systematic review to support the selection of an adequate measurement scale. However, caution is needed for scales that provide limited evidence of validation.

This is the first study that offers a critical evaluation of existing scales of information security culture. The results have decision-making value for researchers who intend to conduct survey-based examinations of information security culture.