Search results

Economic sanctions imposed by the EU and United States on Russia have brought significant changes into Russian foreign economic policy, in particular leading to deepening cooperation with Asian countries and China in particular. The present contribution aims to shed light on the influence of sanctions on Russian multinational enterprises (MNEs) internationalization toward China using the example of energy and information and communication technology (ICT) industries.

The chapter builds on case study analysis. The choice of sectors allows us to highlight the recent strategic trends in the internationalization of oil and gas industry, dominated by state-owned multinationals, and in ICT by privately owned companies.

Our results provide empirical data for understanding the influence of sanctions on MNEs from the country being under the sanctions. In the case of Russian oil and gas industry and ICTs, research indicates that the shift toward China was not initiated primarily by the sanctions. In both cases, expansion to Asian markets was correlated with business interests in the Chinese market. However, changes in geopolitical and macroeconomic business environment accelerated Russian MNE’s pivot to China, for the purposes of attracting capital and reaching new markets in context of deteriorating relations with western partners. The cases demonstrate a moderating role of the industry in the context of sanctions, helping compensate for the slowdown of economic relations with traditional partners.

The novelty of the chapter is to delineate the consequences of sanctions on MNEs from the country being under sanctions. In this way, it illustrates the role of geopolitical environment in intensifying internationalization of Russian MNEs toward China.

The aim of this research is to analyse the impact of relative advantage, compatibility, ease of use, visibility, voluntariness, image, result demonstrability and trialability on intention to use internet security software using a model developed based on perceived characteristics of innovation by Moore and Benbasat (1991) among undergraduate students.

Using an intercept survey method, 425 responses were collected from a Malaysian public university using a closed questionnaire which was gotten from the literature. The authors used the SmartPLS software which is a second-generation structural equation modelling software that can be used to model latent variables with negligible requirements.

The results show that relative advantage, compatibility, visibility, voluntariness, result demonstrability and trialability had a positive effect on use of internet security software while ease of use and image was not significant.

The most important predictor was trialability which sends a clear signal to software developers that users would like to be able to try the software before making a decision to purchase and use. However, the research is limited to students only. Therefore, future research can be extended to wider population.

The result of this paper provides beneficial information to the internet security software developers about what factors affect users’ intentions to buy their products.

The authors used the comprehensive innovation diffusion theory to test the security behaviour of under graduate students from a developing country’s perspectives. Many other similar studies have been done in the developed country’s context. Thus, this paper adds to the literature from a developing country’s perspective.

The purpose of this paper is to examine social media security risks and existing mitigation techniques in order to gather insights and develop best practices to help organizations address social media security risks more effectively.

This paper begins by reviewing the disparate discussions in literature on social media security risks and mitigation techniques. Based on an extensive review, some key insights were identified and summarized to help organizations more effectively address social media security risks.

Many organizations do not have effective social media security policy in place and are unsure of how to develop effective social media security strategies to mitigate social media security risks. This paper provides guidance to organizations to mitigate social media security risks that may threaten the organizations.

The paper consolidates the fragmented discussion in literature and provides an in‐depth review of social media security risks and mitigation techniques. Practical insights are identified and summarized from an extensive literature review. Sharing these insights has the potential to encourage more discussion on best practices for reducing the risks of social media to organizations.

International Business, International Entrepreneurship, International Marketing.

Advanced undergraduate and graduate students are the primary audience. The case can also be used in executive classes with emerging economies as a focus.

Kaspersky Lab is a provider of information technology (IT) security products such as anti-virus, anti-spam and network security software. It is Russia's largest software company and the only Russian firm that ranked among the world's top 100 software companies. This case presents several interesting features of the company and its environment. The foci of the case are on potential barriers facing firms based in emerging economies in their internationalization initiatives and negative country of origin effects associated with emerging economies.

The learning objectives of this case include:

• To identify internal and external sources of competitive advantage for a developing world originated successful entrepreneurial firm.

• To assess the potential barriers facing an emerging economy-based firm in the internationalization process and analyse whether such barriers differ across economies of various characteristics.

• To evaluate whether the natures of obstacles and challenges faced by an emerging economy-based firm is different in a newly evolving industry.

• To analyze how an emerging economy-based firm can overcome some of the barriers to internationalization.

To identify internal and external sources of competitive advantage for a developing world originated successful entrepreneurial firm.

To assess the potential barriers facing an emerging economy-based firm in the internationalization process and analyse whether such barriers differ across economies of various characteristics.

To evaluate whether the natures of obstacles and challenges faced by an emerging economy-based firm is different in a newly evolving industry.

To analyze how an emerging economy-based firm can overcome some of the barriers to internationalization.

Sharing information security best practices between experts via knowledge management systems is valuable for improving information security practices, exchanging expertise, mitigating security risks, spreading knowledge, reducing costs and saving efforts. The purpose of this paper is developing a conceptual model to enhance the transfer of information security best practices between professionals in virtual communities through a Web-based knowledge management system to exchange their successful experience in handling different information security situations.

The model is validated by surveying 17 experts’ reviews on the correctness of the model’s structure and its related components through applying deep rich peer debriefing to test suitability. Quantitative data has been collected to achieve confirmatory results.

The resulting model incorporates five main components that support the formal mechanism for the acquisition and dissemination of knowledge: identification, classification, storage, validation and sharing. The success of knowledge sharing is highly dependent on the active collaboration of community members and highly influenced by motivation. Validating transferred knowledge is vital for ensuring the credibility of the system.

To the best of the author’s knowledge, this paper is one of the first to highlight the role of integrating knowledge management to enhance the effective share and reuse of information security best practices knowledge. The research results can support researchers investigating the topic and generate trustworthy literature to guide information security virtual community developers.

Users’ mistakes due to poor cybersecurity skills result in up to 95 per cent of cyber threats to organizations. Threats to organizational information systems continue to result in substantial financial and intellectual property losses. This paper aims to design, develop and empirically test a set of scenarios-based hands-on tasks to measure the cybersecurity skills of non-information technology (IT) professionals.

This study was classified as developmental in nature and used a sequential qualitative and quantitative method to validate the reliability of the Cybersecurity Skills Index (CSI) as a prototype-benchmarking tool. Next, the prototype was used to empirically test the demonstrated observable hands-on skills level of 173 non-IT professionals.

The importance of skills and hands-on assessment appears applicable to cybersecurity skills of non-IT professionals. Therefore, by using an expert-validated set of cybersecurity skills and scenario-driven tasks, this study established and validated a set of hands-on tasks that measure observable cybersecurity skills of non-IT professionals without bias or the high-stakes risk to IT.

Data collection was limited to the southeastern USA and while the sample size of 173 non-IT professionals is valid, further studies are required to increase validation of the results and generalizability.

The validated and reliable CSI operationalized as a tool that measures the cybersecurity skills of non-IT professionals. This benchmarking tool could assist organizations with mitigating threats due to vulnerabilities and breaches caused by employees due to poor cybersecurity skills.

The purpose of this paper is to highlight the importance of cyber security education as a means of enabling skilled professionals and ensuring adequate awareness amongst end users.

The discussion examines the contribution made by the Kaspersky Academy student conference series, and then proceeds to consider some related questions posed to Eugene Kaspersky as the founder of the programme.

The question and answer segment of the discussion identifies the ways in which academic qualifications and professional certifications can align to support a rounded security education for those aiming to become practitioners.

The discussion provides a clear insight into the importance of security education and how it is being actively supported by one of the leading companies in the industry.

As cyber-attacks continue to grow, organisations adopting the internet-of-things (IoT) have continued to react to security concerns that threaten their businesses within the current highly competitive environment. Many recorded industrial cyber-attacks have successfully beaten technical security solutions by exploiting human-factor vulnerabilities related to security knowledge and skills and manipulating human elements into inadvertently conveying access to critical industrial assets. Knowledge and skill capabilities contribute to human analytical proficiencies for enhanced cybersecurity readiness. Thus, a human-factored security endeavour is required to investigate the capabilities of the human constituents (workforce) to appropriately recognise and respond to cyber intrusion events within the industrial control system (ICS) environment.

A quantitative approach (statistical analysis) is adopted to provide an approach to quantify the potential cybersecurity capability aptitudes of industrial human actors, identify the least security-capable workforce in the operational domain with the greatest susceptibility likelihood to cyber-attacks (i.e. weakest link) and guide the enhancement of security assurance. To support these objectives, a Human-factored Cyber Security Capability Evaluation approach is presented using conceptual analysis techniques.

Using a test scenario, the approach demonstrates the capacity to proffer an efficient evaluation of workforce security knowledge and skills capabilities and the identification of weakest link in the workforce.

The approach can enable organisations to gain better workforce security perspectives like security-consciousness, alertness and response aptitudes, thus guiding organisations into adopting strategic means of appropriating security remediation outlines, scopes and resources without undue wastes or redundancies.

This paper demonstrates originality by providing a framework and computational approach for characterising and quantify human-factor security capabilities based on security knowledge and security skills. It also supports the identification of potential security weakest links amongst an evaluated industrial workforce (human agents), some key security susceptibility areas and relevant control interventions. The model and validation results demonstrate the application of action research. This paper demonstrates originality by illustrating how action research can be applied within socio-technical dimensions to solve recurrent and dynamic problems related to industrial environment cyber security improvement. It provides value by demonstrating how theoretical security knowledge (awareness) and practical security skills can help resolve cyber security response and control uncertainties within industrial organisations.