Search results

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

The purpose of this paper is to try to reach the main factors that could put national security at risk as a result of government cloud computing programs.

The paper adopts the analytical approach to first lay foundations of the relation between national security, cybersecurity and cloud computing, then it moves to analyze the main vulnerabilities that could affect national security in cases of government cloud computing usage.

The paper reached several findings such as the relation between cybersecurity and national security as well as a group of factors that may affect national security when governments shift to cloud computing mainly pertaining to storing data over the internet, the involvement of a third party, the lack of clear regulatory frameworks inside and between countries.

Governments are continuously working on developing their digital capacities to meet citizens’ demands. One of the most trending technologies adopted by governments is “cloud computing”, because of the tremendous advantages that the technology provides; such as huge cost-cutting, huge storage and computing capabilities. However, shifting to cloud computing raises a lot of security concerns.

The value of the paper resides in the novelty of the topic, which is a new contribution to the theoretical literature on relations between new technologies and national security. It is empirically important as well to help governments stay safe while enjoying the advantages of cloud computing.

Research on employee non-/compliance to information security policies suffers from inconsistent results and there is an ongoing discussion about the dominating survey research methodology and its potential effect on these results. This study aims to add to this discussion by investigating discrepancies between what the authors claim to measure (theoretical properties of variables) and what they actually measure (respondents’ interpretations of the operationalized variables). This study asks: How well do respondents’ interpretations of variables correspond to their theoretical definitions? What are the characteristics of any discrepancies between variable definitions and respondent interpretations?

This study is based on in-depth interviews with 17 respondents from the Swedish public sector to understand how they interpret questionnaire measurement items operationalizing the variables Perceived Severity from Protection Motivation Theory and Attitude from Theory of Planned Behavior.

The authors found that respondents’ interpretations in many cases differ substantially from the theoretical definitions. Overall, the authors found four principal ways in which respondents interpreted measurement items – referred to as property contextualization, extension, alteration and oscillation – each implying more or less (dis)alignment with the intended theoretical properties of the two variables examined.

The qualitative method used proved vital to better understand respondents’ interpretations which, in turn, is key for improving self-reporting measurement instruments. To the best of the authors’ knowledge, this study is a first step toward understanding how precise and uniform definitions of variables’ theoretical properties can be operationalized into effective measurement items.

The purpose of the study is to identify cybersecurity threats that hinder the adoption of digital banking and provide sustainable strategies to combat cybersecurity risks in the banking industry.

Systematic literature review guidelines were used to conduct a quantitative synthesis of empirical evidence regarding the impact of cybersecurity threats and risks on the adoption of digital banking.

A total of 84 studies were initially examined, and after applying the selection and eligibility criteria for this systematic review, 58 studies were included. These selected articles consistently identified identity theft, malware attacks, phishing and vishing as significant cybersecurity threats that hinder the adoption of digital banking.

With the country’s banking sector being new in this area, this study contributes to the scant literature on cyber security, which is mostly in need due to the myriad breaches that the industry has already suffered thus far.

The human factor is the most important defense asset against cyberattacks. To ensure that the human factor stays strong, a cybersecurity culture must be established and cultivated in a company to guide the attitudes and behaviors of employees. Many cybersecurity culture frameworks exist; however, their practical application is difficult. This paper aims to demonstrate how an established framework can be applied to determine and improve the cybersecurity culture of a company.

Two surveys were conducted within eight months in the internal IT department of a global software company to analyze the cybersecurity culture and the applied improvement measures. Both surveys comprised the same 23 questions to measure cybersecurity culture according to six dimensions: cybersecurity accountability, cybersecurity commitment, cybersecurity necessity and importance, cybersecurity policy effectiveness, information usage perception and management buy-in.

Results demonstrate that cybersecurity culture maturity can be determined and improved if accurate measures are derived from the results of the survey. The first survey showed potential for improving the dimensions of cybersecurity accountability, cybersecurity commitment and cybersecurity policy effectiveness, while the second survey proved that these dimensions have been improved.

This paper proves that practical application of cybersecurity culture frameworks is possible if they are appropriately tailored to a given organization. In this regard, scientific research and practical application combine to offer real value to researchers and cybersecurity executives.

This study aims to deepen the understanding of the challenges and implications entailed by deploying mobile clinics in conflict zones to reach populations affected by violence and cut off from health-care services.

This research combines an integrated literature review and an instrumental case study. The literature review comprises two targeted reviews to provide insights: one on conflict zones and one on mobile clinics. The case study describes the process and challenges faced throughout a mobile clinic deployment during and after the Iraq War. The data was gathered using mixed methods over a two-year period (2017–2018).

Armed conflicts directly impact the populations’ health and access to health care. Mobile clinic deployments are often used and recommended to provide health-care access to vulnerable populations cut off from health-care services. However, there is a dearth of peer-reviewed literature documenting decision support tools for mobile clinic deployments.

This study highlights the gaps in the literature and provides direction for future research to support the development of valuable insights and decision support tools for practitioners.

The total defence (TD) concept constitutes a joint endeavour between the military forces and civil defence structures within a TD state. Logistics is essential for such joint collaboration to work; however, the mismatch between military and civil defence logistics structures poses challenges for such joint collaboration. The purpose of this paper is to identify logistics concept areas within the TD framework that allow for military and civil defence collaborations from a logistics operations perspective.

Pattern-matching analysis is used to compare patterns found in the investigated case with those prescribed from the literature and predicted to occur. The study seeks to identify logistics concepts within TD from the literature and from the events describing the Swedish response to the Covid-19 pandemic. Pattern matching thus allows for the reconciliation of logistics concepts from the literature to descriptions of how the response was handled, albeit under a TD framework.

Findings show quite distinct foci between the theoretical and observational realms in terms of logistics applications. While the theoretical realm identifies four main logistics concepts, the observational realm identifies five logistics conceptual themes. This goes on to show an incongruence between the military and civil parts of the TD.

This study provides basis for further research into the applications and management of logistics activity within TD and emergency response.

Logistics applications within TD have not, until now, received much attention in the literature. Given this knowledge gap, this study is of original value.

We study five exogenous shocks: climate, violence, price hikes, spoilage and the COVID-19 lockdown. We analyze the association between these shocks and trader characteristics, reflecting trader vulnerability.

Using primary survey data on 1,100 Nigerian maize traders for 2021 (controlling for shocks in 2017), we use probit models to estimate the probabilities of experiencing climate, violence, disease and cost shocks associated with trader characteristics (gender, size and region) and to estimate the probability of vulnerability (experiencing severe impacts).

Traders are prone to experiencing more than one shock, which increases the intensity of the shocks. Price shocks are often accompanied by violence, climate and COVID-19 shocks. The poorer northern region is disproportionately affected by shocks. Northern traders experience more price shocks while Southern traders are more affected by violence shocks given their dependence on long supply chains from the north for their maize. Female traders are more likely to experience violent events than men who tend to be more exposed to climate shocks.

The data only permit analysis of the general degree of impact of a shock rather than quantifying lost income.

This paper is the first to analyze the incidence of multiple shocks on grain traders and the unequal distribution of negative impacts. It is the first such in Africa based on a large sample of grain traders from a primary survey.

This paper explores the convergence of Education 4.0 and Industry 4.0 and presents a Twin Peaks model for their seamless integration.

A high-level literature review is conducted to identify and discuss the important challenges and opportunities offered by both Education 4.0 and Industry 4.0. A novel Twin Peaks model is devised for the convergence of these domains and to cope with the challenges effectively.

The proposed Twin Peak model for the convergence of Education 4.0 and Industry 4.0 suggests that the development of these two domains is interdependent. It emphasizes ethical considerations, inclusivity and understanding the concerns of stakeholders from both education and industry. We have also explained how continuous incremental adaptation within the proposed Twin Peaks model might assist in addressing concerns of one sector with the opportunities of the other.

First, Education 4.0 and Industry 4.0 are reviewed in terms of opportunities and challenges they present. Second, a novel Twin Peaks model for the convergence of Education 4.0 and Industry 4.0 is presented. The proposed discovers that the convergence is adaptive, iterative and must be ethically sound while considering the broader societal implications of the digital transformation. Third, this study also acts as a torch-bearer for the necessity for more research of this kind to guarantee that our educational ecosystem is adaptable and capable of producing the skills required for success in the era of IR4.0.

Through its advanced computational capabilities, cyber–physical systems (CPS) proffer solutions to some of the cultural challenges plaguing the effective delivery of facilities management (FM) mandates. This study aims to explore the drivers for the uptake of CPS for FM functions using a qualitative approach – the Delphi technique.

Using the Delphi technique, the study selected experts through a well-defined process entailing a pre-determined set of criteria. The experts gave their opinions in two iterations which were subjected to statistical analyses such as the measure of central tendency and interquartile deviation in ascertaining consensus among the experts and the Mann–Whitney U test in establishing if there is a difference in the opinions given by the experts.

The study’s findings show that six of the identified drivers of the uptake of CPS for FM were attributed to be of very high significance, while 12 were of high significance. Furthermore, it was revealed that there is no significant statistical difference in the opinions given by experts in professional practice and academia.

The study’s outcome provides the requisite insight into the propelling measures for the uptake of CPS for FM by organisations and, by extension, aiding digital transformation for effective FM delivery.

To the best of the authors’ knowledge, evidence from the literature suggests that no study has showcased the drivers of the incorporation of CPS for FM. Hence, this study fills this gap in knowledge by unravelling the significant propelling measures of the integration of CPS for FM functions.