Search results
1 – 10 of 563Security assurance evaluation (SAE) is a well-established approach for assessing the effectiveness of security measures in systems. However, one aspect that is often overlooked in…
Abstract
Purpose
Security assurance evaluation (SAE) is a well-established approach for assessing the effectiveness of security measures in systems. However, one aspect that is often overlooked in these evaluations is the assurance context in which they are conducted. This paper aims to explore the role of assurance context in system SAEs and proposes a conceptual model to integrate the assurance context into the evaluation process.
Design/methodology/approach
The conceptual model highlights the interrelationships between the various elements of the assurance context, including system boundaries, stakeholders, security concerns, regulatory compliance and assurance assumptions and regulatory compliance.
Findings
By introducing the proposed conceptual model, this research provides a framework for incorporating the assurance context into SAEs and offers insights into how it can influence the evaluation outcomes.
Originality/value
By delving into the concept of assurance context, this research seeks to shed light on how it influences the scope, methodologies and outcomes of assurance evaluations, ultimately enabling organizations to strengthen their system security postures and mitigate risks effectively.
Details
Keywords
Thai Pham and Farkhondeh Hassandoust
Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec…
Abstract
Purpose
Information security (InfoSec) policy violations are of great concern to all organisations worldwide, especially in the financial industry. Although the importance of InfoSec policy has been highlighted for many decades, InfoSec breaches still occur due to a low level of employee compliance and a lack of engagement and competence in high-level management. However, previous studies have primarily investigated the behavioural aspects of InfoSec policy compliance at the individual level rather than the managerial factors involved in constructing InfoSec policy and developing its effectiveness. Thus, drawing on neo-institutional theory and a transformational leadership framework, this research investigated the influence of external mechanisms and transformational leadership on InfoSec policy effectiveness.
Design/methodology/approach
The research model was implemented using field survey data from professional managers in the financial sector.
Findings
The results reported that neo-institutional mechanisms and transformational leadership shape InfoSec policy effectiveness in an organisation.
Originality/value
This study broadens current InfoSec policy research from an individual level to a managerial perspective and enhances the existing literature on neo-institutional and transformational leadership in the context of InfoSec. It highlights the need to evaluate InfoSec policy based on external factors and to support transformational leadership styles that promote InfoSec policy enforcement and effectiveness.
Details
Keywords
Eloy Gil-Cordero, Pablo Ledesma-Chaves, Rocío Arteaga Sánchez and Ari Melo Mariano
The aim of this study is to examine the behavioral intention (BI) to adopt the Coinbase Wallet by Spanish users.
Abstract
Purpose
The aim of this study is to examine the behavioral intention (BI) to adopt the Coinbase Wallet by Spanish users.
Design/methodology/approach
A survey was administered to individuals residing in Spain between March and April 2021. There were 301 questionnaires analyzed. This research applies a new predictive model based on technology acceptance model (TAM) 2, the unified theory of acceptance and use of technology (UTAUT) model, the theory of perceived risk and the commitment trust theory. A mixed partial least squares structural equation modeling (PLS-SEM)/fuzzy-set qualitative comparative analysis (fsQCA) methodology was employed for the modeling and data analysis.
Findings
The results showed that all the variables proposed have a direct and positive influence on the intention to use a Coinbase Wallet. The findings present clear directions for traders, investors and academics focused on improving their understanding of the characteristics of these markets.
Originality/value
First, this study addresses important concerns relating to the adoption of crypto-wallets during the global pandemic. Second, this research contributes to the existing literature by adding electronic word of mouth (e-WOM), trust, web quality and perceived risk as new drivers of the intention to use the Coinbase Wallet, providing unique and innovative insights. Finally, the study offers a solid methodological contribution by integrating linear (PLS) and nonlinear (fsQCA) techniques, showing that both methodologies provide a better understanding of the problem and a more detailed awareness of the patterns of antecedent factors.
Details
Keywords
Tulsi Pawan Fowdur and Ashven Sanghan
The purpose of this paper is to develop a blockchain-based data capture and transmission system that will collect real-time power consumption data from a household electrical…
Abstract
Purpose
The purpose of this paper is to develop a blockchain-based data capture and transmission system that will collect real-time power consumption data from a household electrical appliance and transfer it securely to a local server for energy analytics such as forecasting.
Design/methodology/approach
The data capture system is composed of two current transformer (CT) sensors connected to two different electrical appliances. The CT sensors send the power readings to two Arduino microcontrollers which in turn connect to a Raspberry-Pi for aggregating the data. Blockchain is then enabled onto the Raspberry-Pi through a Java API so that the data are transmitted securely to a server. The server provides real-time visualization of the data as well as prediction using the multi-layer perceptron (MLP) and long short term memory (LSTM) algorithms.
Findings
The results for the blockchain analysis demonstrate that when the data readings are transmitted in smaller blocks, the security is much greater as compared with blocks of larger size. To assess the accuracy of the prediction algorithms data were collected for a 20 min interval to train the model and the algorithms were evaluated using the sliding window approach. The mean average percentage error (MAPE) was used to assess the accuracy of the algorithms and a MAPE of 1.62% and 1.99% was obtained for the LSTM and MLP algorithms, respectively.
Originality/value
A detailed performance analysis of the blockchain-based transmission model using time complexity, throughput and latency as well as energy forecasting has been performed.
Details
Keywords
Derrick Boakye, David Sarpong, Dirk Meissner and George Ofosu
Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary…
Abstract
Purpose
Cyber-attacks that generate technical disruptions in organisational operations and damage the reputation of organisations have become all too common in the contemporary organisation. This paper explores the reputation repair strategies undertaken by organisations in the event of becoming victims of cyber-attacks.
Design/methodology/approach
For developing the authors’ contribution in the context of the Internet service providers' industry, the authors draw on a qualitative case study of TalkTalk, a British telecommunications company providing business to business (B2B) and business to customer (B2C) Internet services, which was a victim of a “significant and sustained” cyber-attack in October 2015. Data for the enquiry is sourced from publicly available archival documents such as newspaper articles, press releases, podcasts and parliamentary hearings on the TalkTalk cyber-attack.
Findings
The findings suggest a dynamic interplay of technical and rhetorical responses in dealing with cyber-attacks. This plays out in the form of marshalling communication and mortification techniques, bolstering image and riding on leader reputation, which serially combine to strategically orchestrate reputational repair and stigma erasure in the event of a cyber-attack.
Originality/value
Analysing a prototypical case of an organisation in dire straits following a cyber-attack, the paper provides a systematic characterisation of the setting-in-motion of strategic responses to manage, revamp and ameliorate damaged reputation during cyber-attacks, which tend to negatively shape the evaluative perceptions of the organisation's salient audience.
Details
Keywords
Workicho Jateno Gadiso, Bamlaku Alamirew Alemu and Maru Shete
This study aims to measure the status of rural household food security across regions using multidimensional indicators. It also aims to identify the determinants of rural…
Abstract
Purpose
This study aims to measure the status of rural household food security across regions using multidimensional indicators. It also aims to identify the determinants of rural household food security in Ethiopia.
Design/methodology/approach
The study adopted descriptive and explanatory designs. It used data from the fourth wave of the Ethiopian socioeconomic survey that has 3,115 respondents. The authors constructed household food security index using variables that capture availability, access, utilization and stability dimensions of food security. The authors categorized households into relative food security groups, namely, alarming and moderately food insecure, as well as moderately and highly food secure. Beta regression model, which is widely used to analyze response variables that assume values between 0 and 1, is used to estimate the determinants of food security.
Findings
The study finds that 77.7% of rural households are food insecure. Of this, 90% are moderately food insecure. Regional variations in magnitude of food security showed that Harari, Gambella and Benshanguel Gumuz regional states are relatively better-off than other regions in Ethiopia. The study identified sex, education level, marital status, location and wealth status of households as significant determinants of food security.
Originality/value
This study sheds light on regional variations in multidimensional food security in Ethiopia. It thus challenged previous estimates of food security using uni-dimensional indicator. It highlighted the need for region-specific analysis of determinants and a follow up of tailored regional interventions.
Peer review
The peer review history for this article is available at: https://publons.com/publon/10.1108/IJSE-02-2023-0139
Details
Keywords
Eylem Thron, Shamal Faily, Huseyin Dogan and Martin Freer
Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at…
Abstract
Purpose
Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.
Design/methodology/approach
Overall, 26 interviews were conducted with 21 participants from industry and academia.
Findings
The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.
Originality/value
The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.
Details
Keywords
Sahem Nawafleh and Anis Khasawneh
This study aims to identify the impact of drivers of citizens’ e-loyalty on e-government services. This study focused on the impact of e-service quality (e-SQ) on e-loyalty…
Abstract
Purpose
This study aims to identify the impact of drivers of citizens’ e-loyalty on e-government services. This study focused on the impact of e-service quality (e-SQ) on e-loyalty, mediated by e-trust. In addition, the study examined the moderating role of system anxiety.
Design/methodology/approach
To accomplish the study’s objectives, a self-administered questionnaire was created to collect data, and the sample size was chosen to align with the requirements of the structural equation modeling (SEM) approach. Out of the distributed questionnaires, 532 were deemed valid and suitable for analysis in this research. Data screening was performed, and no questionnaires were excluded from the analysis.
Findings
The study findings underscore the significance of enhancing e-SQ for improved trust, satisfaction and engagement in e-government initiatives. Decision-makers should prioritize streamlined processes, user-friendly interfaces and responsive support. Crucial elements for fostering trust include transparency, accountability and data security. Personalized services, citizen engagement and continuous feedback evaluation contribute to citizen satisfaction and loyalty. Addressing system anxiety is vital through clear instructions and accessible support. Implementation of these recommendations is expected to lead to successful e-government initiatives and increased e-service adoption. The study highlights the importance of maintaining high e-SQ standards, trust-building measures and adopting a holistic approach for sustained positive user experiences in government e-services.
Research limitations/implications
This study found a significant positive influence of e-SQ on e-loyalty showing a strong positive correlation between e-SQ, e-loyalty and e-service. Statistical analysis reported a significant positive mediating role of e-trust in the relationship between e-SQ and e-loyalty. Moreover, system anxiety exhibited a strong significant negative moderating role on the relationship between e-SQ and e-trust.
Practical implications
Practical implications of the study emphasize the importance of improving e-SQ, enhancing transparency, strengthening security measures, adopting user-centric design principles and continuously evaluating and improving e-services. By implementing these recommendations, decision-makers can foster trust, satisfaction and improve engagement and adoption of e-government initiatives in the Jordanian context as a developing country.
Originality/value
The study explores the factors influencing citizens’ loyalty to e-government services in Jordan, acknowledging the unique challenges faced by the country as a developing nation. It focuses on understanding these factors within the Jordanian context, where e-government initiatives are increasingly implemented to enhance public services and governance. The research investigates the mediating role of e-trust and the moderating effect of system anxiety, providing valuable insights into the drivers of citizens’ loyalty.
Details
Keywords
Miguel Calvo and Marta Beltrán
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it…
Abstract
Purpose
This paper aims to propose a new method to derive custom dynamic cyber risk metrics based on the well-known Goal, Question, Metric (GQM) approach. A framework that complements it and makes it much easier to use has been proposed too. Both, the method and the framework, have been validated within two challenging application domains: continuous risk assessment within a smart farm and risk-based adaptive security to reconfigure a Web application firewall.
Design/methodology/approach
The authors have identified a problem and provided motivation. They have developed their theory and engineered a new method and a framework to complement it. They have demonstrated the proposed method and framework work, validating them in two real use cases.
Findings
The GQM method, often applied within the software quality field, is a good basis for proposing a method to define new tailored cyber risk metrics that meet the requirements of current application domains. A comprehensive framework that formalises possible goals and questions translated to potential measurements can greatly facilitate the use of this method.
Originality/value
The proposed method enables the application of the GQM approach to cyber risk measurement. The proposed framework allows new cyber risk metrics to be inferred by choosing between suggested goals and questions and measuring the relevant elements of probability and impact. The authors’ approach demonstrates to be generic and flexible enough to allow very different organisations with heterogeneous requirements to derive tailored metrics useful for their particular risk management processes.
Details
Keywords
Musediq Tunji Bashorun, Yusuf Ayodeji Ajani and Olaronke Oyinlola Fagbola
This paper aims to explore the deep Web as a solution for displacement and replacement challenges in libraries, addressing the challenges, benefits, strategies and case studies.
Abstract
Purpose
This paper aims to explore the deep Web as a solution for displacement and replacement challenges in libraries, addressing the challenges, benefits, strategies and case studies.
Design/methodology/approach
The paper synthesizes existing literature on deep Web integration in libraries, providing a comprehensive analysis of insights from scholarly articles, case studies and expert opinions.
Findings
The deep Web grants libraries access to unique content, improving information access, fostering collaboration and enabling personalized content. However, security, privacy, ethics and data protection must be considered.
Originality/value
This paper contributes to the literature by providing a comprehensive examination of deep Web integration in libraries, offering valuable recommendations for navigating the changing landscape and leveraging the deep Web’s potential.
Details