Search results

This study is aimed at assessing the information security management practice with a focus on banking card security in selected financial institutions in Ethiopia, using an international information security standard as a benchmark. It is to identify the gaps and recommend best security practices to help financial institutions meet the required security compliance.

Two financial sectors were purposively selected. A total of twenty-five respondents (IT executives and IT staff) were included in the study. Quantitative data was collected using the PCI-DSS (Payment Card Industry Data Security Standard) security standard questionnaire. In addition, observation and document analysis were made.

The result shows that most of the essential security management activities in the financial sectors do not comply with the international security standard. Similarly, the level of most of the indispensable security requirements that should be in place is found to be below the acceptable level. The study also revealed major security factors that prohibit the financial sectors from PCI-DSS security standard compliance.

This study assessed the information security management practice with a focus on banking card security and tried to figure out the limitations of security practices of the organizations surveyed based on the standard adopted. The topic has not been well explored especially in the Ethiopia context. Hence, the result can positively influence security policies, particularly in the banking sector.

The purpose of this paper is to identify and discuss impediments in the compilation of an application for a search and seizure warrant for digital evidence and the structure of such a warrant in South African criminal cases.

This paper provides a brief overview of international and local impediments, followed by a detailed discussion of the implications of these impediments and how it is approached in various jurisdictions. The methodology of this paper consists of a literature review.

Addressing the impediments in the compilation of the application and the warrant will be beneficial for forensic investigators, the South African Police Service (SAPS) and the administration of justice in South Africa.

Search and seizures for digital evidence form part of civil, regulatory and criminal search and seizures. This study focuses on the search and seizure of digital evidence in criminal matters pursuant to mainly the provisions of the Criminal Procedure Act 51 of 1977 and the Cybercrimes Act 19 of 2020.

The originality of this paper lies in the approach to the drafting of applications for search and seizure warrants for digital information in South Africa. The contribution of the study is that, by using this approach, the SAPS can address the impediments during the application and compilation of the warrants, which would enhance the quality of investigations and contribute to the successful investigation and prosecution of crime in South Africa.

This paper tests whether Bayesian A/B testing yields better decisions that traditional Neyman-Pearson hypothesis testing. It proposes a model and tests it using a large, multiyear Google Analytics (GA) dataset.

This paper is an empirical study. Competing A/B testing models were used to analyze a large, multiyear dataset of GA dataset for a firm that relies entirely on their website and online transactions for customer engagement and sales.

Bayesian A/B tests of the data not only yielded a clear delineation of the timing and impact of the intellectual property fraud, but calculated the loss of sales dollars, traffic and time on the firm’s website, with precise confidence limits. Frequentist A/B testing identified fraud in bounce rate at 5% significance, and bounces at 10% significance, but was unable to ascertain fraud at the standard significance cutoffs for scientific studies.

None within the scope of the research plan.

Bayesian A/B tests of the data not only yielded a clear delineation of the timing and impact of the IP fraud, but calculated the loss of sales dollars, traffic and time on the firm’s website, with precise confidence limits.

Bayesian A/B testing can derive economically meaningful statistics, whereas frequentist A/B testing only provide p-value’s whose meaning may be hard to grasp, and where misuse is widespread and has been a major topic in metascience. While misuse of p-values in scholarly articles may simply be grist for academic debate, the uncertainty surrounding the meaning of p-values in business analytics actually can cost firms money.

There is very little empirical research in e-commerce that uses Bayesian A/B testing. Almost all corporate testing is done via frequentist Neyman-Pearson methods.

This chapter argues that the Americanisation of online policing has questionable impacts in Australian prosecutions involving drugs obtained and distributed through dark web cryptomarkets. The authors describe several Australian prosecutions of mid- and low-level dealers who have accessed drugs through the dark web and contrast these with the United States (US) case against the cryptomarket, AlphaBay. The discussion in this study emphasises how Australian police and courts view the relative weight of dark web activity associated with the domestic and transnational supply of illicit drugs that result in formal prosecutions. The authors suggest that large-scale forms of online and dark web police surveillance undertaken by US enforcement agencies reflect Ethan Nadelmann’s (Cops across borders: the internationalization of US criminal law enforcement, University Park: Pennsylvania State University Press, 1993) thesis on the Americanisation of global policing through transnational communications networks. The authors then explain how key elements of transnational dark web drug supply appear to have a marginal bearing on criminal investigations into low- and mid-level traffickers in Australia, which rely on conventional surveillance tactics to identify clandestine mail pickups, physical distribution methods, and irregular money trails. However, the authors then illustrate how the Americanisation of online policing that targets high-level entrepreneurs and seeks to dismantle or eliminate dark web cryptomarkets has important implications on Australian reforms aimed at enhancing online surveillance powers to target a range of crimes that are often wrongly associated with illicit drug cryptomarkets. The authors conclude by demonstrating how intensive dark web surveillance has limited direct impact on routine drug policing in Australia, with dark web communications simply another medium for facilitating the physical detection of illicit transnational drug transactions.

This paper aims to focus on the need for an enhanced anti-money laundering (AML) regulation for decentralised finance (DeFi) to protect the integrity of global financial systems against illicit activities. Research highlights the requirement for a robust regulatory strategy for the fast-paced DeFi evolvement.

This study used doctrinal legal research by analysing legislation, which involved creating use cases to illustrate different aspects of potential illicit activities via the DeFi ecosystem. Various DeFi applications were assessed for the potential regulatory responses and outcomes.

This paper offers valuable insight into the regulatory challenges presented by DeFi. This study addresses the blind spots leveraged by criminals afforded by the DeFi’s decentralised nature. This paper offers a comprehensive examination of DeFi regulatory challenges based on use-case scenarios and provides recommendations for regulators on how to address them effectively.

This paper proposes measures for regulatory authorities to minimise money laundering risks through new channels such as decentralised exchanges, non-custodial wallets and cross-chain bridges. This study concludes with the future directions for DeFi regulation and AML compliance.

The aim of this paper is to identify some of the challenges that need to be addressed to accelerate the deployment and adoption of smart health technologies for ubiquitous healthcare access. The paper also explores how internet of things (IoT) and big data technologies can be combined with smart health to provide better healthcare solutions.

The authors reviewed the literature to identify the challenges which have slowed down the deployment and adoption of smart health.

The authors discussed how IoT and big data technologies can be integrated with smart health to address some of the challenges to improve health-care availability, access and costs.

The results of this paper will help health-care designers, professionals and researchers design better health-care information systems.

Cyber resilience has emerged as an approach for seaports to deal with cyberattacks; it emphasizes ports’ ability to prepare for an attack and to keep operating and recover quickly. However, little research has been undertaken on the challenges of governing cyber risks in seaports. This study aims to address this gap.

Governing cyber resilience is shaped by distributed responsibilities, uncertainties and ambiguities. The authors use this conceptualization to explore the governance of cyber risks in seaports, taking the Port of Rotterdam as a case study and analyzing semistructured interviews with stakeholders, participatory observation and policy documents and legislation.

The authors found that many strategies for governing cyber risks remain dedicated to protecting computer systems against cyberattacks. Nevertheless, port stakeholders have also developed strategies in anticipation of disruptions. However, these strategies appear informal and uncoordinated due to a lack of information exchange, insufficient knowledge regarding cyber risks and disagreement about how to make the Port of Rotterdam cyber resilient. What mainly hampers the cyber resilience of the port is the lack of a comprehensive regulatory framework and economic incentives. The authors conclude that resilience is merely an ideal at the Port of Rotterdam, meaning related governance strategies remain incremental and await institutionalization.

This paper offers insights into the cyber resilience of critical socio-technical systems, which have been underexposed in cyber resilience debates, but, when exploited, can manifest in large-scale disruptions.

The impact of stress on personal and work-related outcomes has been studied in the information systems (IS) literature across several professions. However, the cybersecurity profession has received little attention despite numerous reports suggesting stress is a leading cause of various adverse professional outcomes. Cybersecurity professionals work in a constantly changing adversarial threat landscape, are focused on enforcement rather than compliance, and are required to adhere to ever-changing industry mandates – a work environment that is stressful and has been likened to a war zone. Hence, this literature review aims to reveal gaps and trends in the current extant general workplace and IS-specific stress literature and illuminate potentially fruitful paths for future research focused on stress among cybersecurity professionals.

Using the systematic literature review process (Okoli and Schabram, 2010), the authors examined the current IS research that studies stress in organizations. A disciplinary corpus was generated from IS journals and conferences encompassing 30 years. The authors analyzed 293 articles from 21 journals and six conferences to retain 77 articles and four conference proceedings for literature review.

The findings reveal four key research opportunities. First, the demands experienced by cybersecurity professionals are distinct from the demands experienced by regular information technology (IT) professionals. Second, it is crucial to identify the appraisal process that cybersecurity professionals follow in assessing security demands. Third, there are many stress responses from cybersecurity professionals, not just negative responses. Fourth, future research should focus on stress-related outcomes such as employee productivity, job satisfaction, job turnover, etc., and not only security compliance among cybersecurity professionals.

This study is the first to provide a systematic synthesis of the IS stress literature to reveal gaps, trends and opportunities for future research focused on stress among cybersecurity professionals. The study presents several novel trends and research opportunities. It contends that the demands experienced by cybersecurity professionals are distinct from those experienced by regular IT professionals and scholars should seek to identify the key characteristics of these demands that influence their appraisal process. Also, there are many stress responses, not just negative responses, deserving increased attention and future research should focus on unexplored stress-related outcomes for cybersecurity professionals.

Using a mixed methodology comprising interviews, case file analysis and descriptive statistics, this study aims to examine the experiences of all 43 young people in Wales subject to secure accommodation orders between 1st April 2016 and 31st March 2018.

Children in the UK aged 10–17 years who are deemed to be at a significant level of risk to themselves or others may be subject to a secure accommodation order, leading to time spent in a secure children’s home (SCH) on welfare grounds. Following a rise in the number of children in Wales referred to SCHs for welfare reasons, this paper describes these young people’s journeys into, through and out of SCHs, giving insight into their experiences and highlighting areas for policy and practice improvements.

Findings indicate that improvements in mental health support and placement availability are key in improving the experiences of this particularly vulnerable group of young people throughout their childhood.

Other practical implications of the study’s findings, such as improvements in secure transport arrangements, are also discussed.

While the findings are limited by the reliance on self-report methods and the size of the study, namely, the small number of young people with experience of SCHs who were able to participate, the findings build on the existing knowledge base around children’s residential accommodation and provide new insights into how best to support these children.