Search results

Employee security behaviors are the cornerstone for achieving holistic organizational information security. Recent studies in the information systems (IS) security literature have used neutralization and moral disengagement (MD) perspectives to examine employee rationalizations of noncompliant security behaviors. Extending this prior work, the purpose of this paper is to identify mechanisms of security education, training, and awareness (SETA) programs and deterrence as well as employees’ organizational commitment in influencing MD of security policy violations and develop a theoretical model to test the proposed relationships.

The authors validate and test the model using the data collected from six large multinational organizations in Korea using survey-based methodology. The model was empirically analyzed by structural equation modeling.

The results suggest that security policy awareness (PA) plays a central role in reducing MD of security policy violations and that the certainty of punishment and immediacy of enforcing penalties are instrumental toward reducing such MD; however, the higher severity of penalties does not have an influence. The findings also suggest that SETA programs are an important mechanism in creating security PA.

The paper expands the literature in IS security that has examined the role of moral evaluations. Drawing upon MD theory and social cognitive theory, the paper points to the central role of SETA and security PA in reducing MD of security policy violations, and ultimately the likelihood of this behavior. The paper not only contributes to theory but also provides important insights for practice.

The conceptualisation of technology adoption has largely been based on the Bass or some Bass-derived model – notably, the logistic model. Logistic-type models offer limited insights regarding the adoption process dynamics or the utility value of their results. The purpose of this paper is to outline an alternative technology adoption framework based on complex adaptive networks.

An agent-based methodological approach is proposed. In it the actors, factors, goals, and adaptive learning influences driving solar energy technology adoption (SETA) process are first substantiated by empirical evidence gathered using field questionnaires and then incorporated in the simulation of a dynamic complex adaptive network of SETA. The complex adaptive network model is based on simple heuristic rules applied using a modified preferential attachment scheme within a NetLogo simulation environment.

The interim results suggest an emergent network where prominent hub “driver” agents underlining the robustness of the model are statistically discernible.

The research is limited to solar photovoltaic and solar water heating technology adoption in Botswana households; however, its results are far-reaching.

These results can be related to sustainable energy policy design. There, targeted incentive mechanisms can be formulated against the backdrop of the identified environmental factors and actors; the aim being to accelerate and cascade SETA.

The results could also be cascaded to other sectors and other non-solar technologies, thus providing a general alternative framework for enabling the widespread adoption of technologies.

This research therefore represents a novel way of utilizing the new science of networks to accelerate SETA.

The study aims to investigate some of the interventions which have been introduced by the South African Government through its various agencies (Sector Education Training Authorities or SETA, for example) to support youth entrepreneurship and explore the challenges these agencies face, namely policy development, operational and pedagogic impediments.

The approach used to collect data was twofold; first, desk research was conducted on selected work in the area of entrepreneurial education and training. The second source of information was from empirical investigations on the impact made by the various Sector Education Training Authorities (SETAs) in supporting small, medium and micro enterprises (SME) levy payers in skills development. In addition to the information from SETAs, data are also used from impact assessment studies conducted for the South African Department of Trade and Industry and the Department of Science and Technology.

The study found that there are no inter‐disciplinary approaches in entrepreneurship training that make entrepreneurship education accessible to all students, and where appropriate, create teams for the development and exploitation of business ideas. Another finding is the fact that business/engineering students with different backgrounds are not connected.

This study has explored the nature of youth entrepreneurial education development through well‐designed entrepreneurial development efforts. An appropriate scheme in terms of cultivating an entrepreneurial spirit around training and concentrating efforts on supporting the growth of new ventures is suggested.

Our research aim is to propose a support model for problem‐solving oriented learning (PSOL) and implement a humancentric system that supports learners and thereby develops their ability. We propose a human‐centric interactive framework for PSOL by employing the research results in the educational psychology field. The characteristic of our research is that our system understands the principle knowledge to support users through human‐computer interactions. It is very important to clarify the principle knowledge of the target application domain and develop the system based on it. We call the principle knowledge as ontology. By embedding ontology into the basis of a system, we can implement a more positive navigation function. In this paper, we analyze the learners’ cognitive activities in PSOL, propose a support model that encourages self‐regulated planning processes, and illustrate an interactive environment for making effective problem‐solving and learning processes based on the ontology.

The present study aims to identify and investigate the antecedents of enhanced level of cyber-security at the organisational level from both the technical and the human resource perspective using human–organisation–technology (HOT) theory.

The study has been conducted on 151 professionals who have expertise in dealing with cyber-security in organisations in sectors such as retail, education, healthcare, etc. in India. The analysis of the data is carried out using partial least squares based structural equation modelling technique (PLS-SEM).

The results from the study suggest that “legal consequences” and “technical measures” adopted for securing cyber-security in organisations are the most important antecedents for enhanced cyber-security levels in the organisations. The other significant antecedents for enhanced cyber-security in organisations include “role of senior management” and “proactive information security”.

This empirical study has significant implications for organisations as they can take pre-emptive measures by focussing on important antecedents and work towards enhancing the level of cyber-security.

The originality of this research is combining both technical and human resource perspective in identifying the determinants of enhanced level of cyber-security in the organisations.

The purpose of this paper is to examine online purchase behaviours amongst young consumers in Australia and the USA. It also aims to develop and test a theoretical framework of young consumers’ online purchase behaviour.

Data were collected through online surveys targeting young online shoppers in Australia and the USA. A multi-group structural equation modelling was used to test the proposed structural model and hypotheses.

The model shows a good fit with the data. Young consumers in Australia and the USA have positive attitude towards online shopping that significantly affects their online purchase intentions. Social motive negatively impacts online purchase intentions in the Australian sample. Escapism and value motives positively affect Australian and American young shoppers’ online purchase intentions. Young consumers in Australia and the USA are very familiar with the online shopping process. The familiarity strongly triggers their information search behaviour that leads to online purchase intentions.

The results of this paper assist the marketers and policy makers to target and appeal to this young segment, based on their unique motivations, values and characteristics.

Using the generational cohort theory, this paper contributes to the extant literature by providing insights on the Australian and American young generation’s unique values and characteristics that influence their online purchase behaviours. This research also contributes insights for the marketers and policy makers to improve their marketing efforts and services and appeal to this young segment, based on their unique values and characteristics.

Decision theoretic utility analysis has long been proposed as a method for analyzing the monetary impact of training. Increasing complexity in the training environment requires, however, that additions be made to the basic algebraic assessment formulas. One such addition may include the effect of levy‐grant systems that stem from legislation and are designed to incentivize employer provided training EPT). The impact of such incentive systems on the bottom‐line of a company is a vital consideration in what training to apply and whether to participate in the grant incentive activities. Interest in the range of evaluation techniques is increasing. This article accordingly adjusts the basic decision theoretic utility analysis techniques for the special case of a levy‐grant incentive, using South Africa as a case study. It is hoped that the principles used here can thus be extrapolated to other skills development systems, allowing both organizations and policy makers to make optimal decisions.

This study aims to identify the implications of security behaviour determinants for security management to propose respective guidelines which can be integrated with current security management practices, including those following the widely adopted information security standards ISO 27001, 27002, 27003 and 27005.

Based on an exhaustive analysis of related literature, the authors identify critical factors influencing employee security behaviour and ISP compliance. The authors use these factors to perform a gap analysis of widely adopted information security standards ISO 27001, 27002, 27003 and 27005 and identify issues not covered or only partially addressed. Drawing on the implications of security behaviour determinants and the identified gaps, the authors provide guidelines which can enhance security management practices.

The authors uncover the factors shaping security behaviour barely or partly considered in the ISO information security standards ISO 27001, 27002, 27003 and 27005, including top management participation, accommodating individual characteristics, embracing the cultural context, encouraging employees to comply out of habit and considering the cost of compliance. Furthermore, the authors provide guidelines to security managers on enhancing their security management practices when implementing the above ISO Standards.

This study offers guidelines on how to create and design security management practices whilst implementing ISO standards (ISO 27001, ISO 27002, ISO 27003, ISO 27005) so as to enhance ISP compliance.

This study analyses the role and implications of security behaviour determinants, discusses discrepancies and conflicting findings in related literature, provides a gap analysis of commonly used information security standards (ISO 27001, 27002, 27003 and 27005) and proposes guidelines on enhancing security management practices towards improving ISP compliance.

This study aims to develop a conceptual model and assess the extent to which pre-, during- and post-employment HR security controls are applied in organizations to manage information security risks.

The conceptual model is developed based on the agency theory and the review of theoretical, empirical and practitioner literature. Following, empirical data are collected through a survey from 134 IT professionals, internal audit personnel and HR managers working within five major industry sectors in a developing country to test the organizational differences in pre-, during- and post-employment HR security measures.

Using analysis of variance, the findings reveal significant differences among the organizations. Financial institutions perform better in employee background checks, terms and conditions of employment, management responsibilities, security education, training and awareness and disciplinary process. Conversely, healthcare institutions outperform other organizations in post-employment security management. The government public institutions perform the worst among all the organizations.

An integration of a conceptual model with HR security controls is an area that is under-researched and under-reported in information security and human resource management literature. Accordingly, this research on HR security management contributes to reducing such a gap and adds to the existing HR security risk management literature. It, thereby, provides an opportunity for researchers to conduct comparative studies between developed and developing nations or to benchmark a specific organization’s HR security management.