Search results

In the context of the globalization of markets and free trade, the importance of the Internet in the systems of negotiation, communication, and data exchange grows, which puts the problem of information security at the forefront. Actions and improvement activities on the management of confidential information are becoming increasingly important in organizations.

However, information is not just stored in computers; information can be on paper, on a disc, and in the minds of those who work for the organization. Information becomes part of the heritage, and it must be preserved throughout its entire life cycle.

Nowadays, the mere use of some information defence technology is no longer enough; therefore, it becomes essential to implement an efficient Information Security Management System (ISMS) to guarantee a competitive advantage compared to competitors. ISO/IEC 27001 standard outlines the structure for implementing an ISMS and helps organizations manage and protect information assets.

Cyber management of organizations includes eliminating security gaps, ensuring information confidentiality, and protecting customers' data. In addition, production and planning, protecting cyber and digital infrastructure are included in the chapter. The chapter deals with these issues in the context of strategy and management. In addition, the conflicts arising from competitors to access the tacit knowledge (confidential information, commercial secrets, commercial relations, customers, and tenders) of the businesses are discussed in the chapter. Cyber conflicts have now turned into a business-to-business war. Businesses have become targets in cyberwars. This chapter, therefore, examines these issues in depth.

This research explores the implications for risk management of “People Risk.” In particular how online digital behaviors, particularly from young people entering the workplace for the first time, might impact on the work setting and how risk management might mitigate impact on the employee and organization.

A mixed methods approach was used to consider these implications and draws from a number of data sources in the United Kingdom including a database of self-review data around online safety policy and practice from over 2000 schools, a survey of over 1000 14–16 year olds and their attitudes toward sexting, and a survey of over 500 undergraduate students. In addition the work considers existing risk management approaches and the models therein and how they might be applied to people risk.

The dataset analyzed in this exploration show an education system in the United Kingdom that is not adequately preparing young people with an awareness of the implications of digital behavior in their lives and the survey data shows distorted social norms that might have serious consequences in the workplace.

This research should raise concerns for managers in the workplace who need to be aware of the changes in “normal” behavior and how these potentially harmful practices may be mitigated in the workplace.

The research provides a strong evidence base for a change in “acceptable” social behavior by children and young people alongside an education system not promoting effective awareness. These two datasets combined highlight potential new risks to the workplace.

In the current scenario, cybersecurity issues have emerged to be a major challenge for firms to deal with. The increased use of technologies has increased radically the volume and typology of information produced, exchanged, and managed by firms thus creating conditions for cybersecurity incidents or information breaches. In this situation, it becomes paramount for firms to recognize cybersecurity risks and be prepared to prevent them through the implementation of approaches and technologies able to ensure a high level of protection.

In this chapter, we provide a framework for analyzing and managing cybersecurity risks. We employed a case study strategy to understand how the risk analysis process is carried out within an Information Security company. The study and observations obtained from this case study have permitted to define a framework useful for SME to deal with cybersecurity issues.

The paper investigates whether firms’ exposure to information security risk influences firms’ costs of capital. Most IT firms highly rely on computer systems and network appliances; it may cause disasters if firms are involved in great information security risk. In the sample of Taiwan’s semiconductor firms during 2005–2016, we show that ISO 27001-certified firms (a well-known information security certificate) have lower costs of debt, but whether firms are ISO 27001-certified is not associated with firms’ costs of equity. Our findings are consistent with modern financial theories: debt holders, as put writers to firms’ value, benefit from firms’ lower information security risk, and better corporate governance, and thus lower firms’ costs of debt. On the other hand, equity holders should hold efficient portfolio through diversification and thus firms’ costs of equity should not be influenced by firms’ information security risk, which belongs to idiosyncratic risk in the portfolio theory.

The prevalence of crises is a real phenomenon that demands proper planning and implementation of measures to preempt and curb its consequences on both national economies and business operations. Crisis is one of the concepts that cannot be overlooked, pervasive in nature, and does not necessarily denote negativity. Crisis is no longer an unusual, arbitrary, or minor characteristic of today's business environment. As far as the business environment continues to be volatile and unpredictable, it is unlikely that business organizations would be free from crises. Crises are noted to be a vital part of a business context and can serve as an avenue for positive change and creativity if the right tools and techniques are employed to properly manage them. On the other hand, crises can jeopardize the continued existence of the organization and obstruct the achievement of its goals. Thus, the debilitating ramifications of crises on business growth, survival and overall success calls for adoption of sustainable crisis management approaches in this new business world order that is framed by Industry 5.0, digitalization, and green business practices. The primary purpose of this article is to establish how modern crisis management methods could lead to sustainable organizational development. The current study departs from existing studies in the literature by systematically presenting methods to anticipate, solve, and transform business crises into advantage. The chapter also throws light on how organizations should manage business crises that may well be accelerated by Industry 5.0 and its components; digitalization and sustainable development.

Prior research (Harrast, Olsen, & Sun, 2023) analyzes the eight emerging topics to be included in future CPA exams and discusses their importance to career success and appropriate teaching locus in light of survey evidence. They find that the general topic of data analytics is the most important of the eight emerging topics. To further understand the topics most important to career success, this study analyzes subtopics underlying the eight emerging topics. The results show that advanced Excel analysis tools, data visualization, and data extraction, transformation, and loading (ETL) are the most important data analytics subskills for career success according to professionals and that these topics should be both introduced and emphasized in the accounting curriculum. The results provide useful information to educators to prioritize general emerging topics and specific subtopics in the accounting curriculum by taking into account the most pressing needs of the profession.