Search results

1 – 10 of over 53000
Article
Publication date: 14 March 2016

Richard G. Taylor, Jeff Brice, Jr. and Sammie L. Robinson

The purpose of the paper is to determine whether management’s optimistic perceptions of their organization’s level of information security preparedness can ultimately result in…

Abstract

Purpose

The purpose of the paper is to determine whether management’s optimistic perceptions of their organization’s level of information security preparedness can ultimately result in increased information security risks.

Design/methodology/approach

A case study was conducted in a financial institution. In all, 24 employees were interviewed. These employees came from all functional areas and various positions, from tellers to executives. Interviews were conducted, internal policies and examiners’ reports were made available and access was given to observe the employees during working hours and to observe the facilities after hours.

Findings

Executives were overly optimistic about the level of information security at their organization. These optimistic perceptions guided security priorities; however, the findings show that their perceptions were misguided leaving their organization open to increased security threats. More specifically, the results show that optimist perceptions by management can put an organization’s information at risk.

Originality/value

The paper uses existing theory and evaluates it in a “real-world” setting. For security research, it can be difficult to get honest responses from questionnaires; however, the hands-on approach provided a deeper insight to the problem of optimistic perceptions in an organizational setting. For practitioners, the case can raise managements’ awareness of perceptional inaccuracies, resulting in more informed information security decisions and ultimately improved security for their organization.

Details

Journal of Systems and Information Technology, vol. 18 no. 1
Type: Research Article
ISSN: 1328-7265

Keywords

Article
Publication date: 6 August 2018

Hong-Youl Ha and Huifeng Pan

The purpose of this paper is to develop and test a dynamic model of security-based consumer purchasing intentions and empirically addresses gaps in online purchasing theory by…

1120

Abstract

Purpose

The purpose of this paper is to develop and test a dynamic model of security-based consumer purchasing intentions and empirically addresses gaps in online purchasing theory by examining how loyalty intention may become stronger or weaker over time as a result of prior relationship evaluations.

Design/methodology/approach

Using a longitudinal study (three-time waves) of commercial website consumers, the authors investigate the proposed model by depicting the relationships among perceived security, perceived risk, website trust and loyalty intentions.

Findings

The results show that two relationships, namely the perceived security-perceived risk link and the perceived risk-website trust link, which have been little investigated on a longitudinal basis in previous studies, change over time. Interestingly, while social network service (SNS) information perceptions do not have direct effects on perceived risk or loyalty intention, the relationships in which either perceived security and website trust are involved are more important for positively improving perceived security and building website trust.

Practical implications

The authors suggest that managers may actually benefit from handling SNS information or social communities by delivering well-designed information at strategic stages, targeting key constructs.

Originality/value

The research contributes to the establishment and testing of temporal carryover effects of various online purchasing-related constructs: perceived security, perceived risk, trust and loyalty intention. More specifically, the longitudinal approach provides new insights regarding the role, potential impact and limitations of two types of perception. It thus highlights how understanding loyalty intention requires reevaluating consumer perceptions as consumers’ judgments evolve.

Details

Internet Research, vol. 28 no. 4
Type: Research Article
ISSN: 1066-2243

Keywords

Article
Publication date: 2 October 2007

Elspeth McFadzean, Jean‐Noel Ezingeard and David Birchall

Information security is becoming increasingly more important as organisations are endangered by a variety of threats from both its internal and external environments. Many…

4906

Abstract

Purpose

Information security is becoming increasingly more important as organisations are endangered by a variety of threats from both its internal and external environments. Many theorists now advocate that effective security policies should be created at senior management level. This is because executives are able to evaluate the organisation using a holistic approach as well as having the power to ensure that new systems and procedures are implemented in a timely manner. There is, however, a continuing lack of understanding regarding the strategic importance of managing information security. In addition, there is a gap in the literature on the relationship between directors and information security strategy. This paper attempts to close this gap by exploring how directors perceive their organisation's security and what factors influence their decisions on the development and implementation of information security strategy.

Design/methodology/approach

The research is based on constructivist grounded theory. Forty‐three interviews were conducted at executive level in 29 organisations. These interviews were then coded and analysed in order to develop new theory on directors' perception of risk and its effect on the development and implementation of information security strategy.

Findings

The analysis shows that senior managers' engagement with information security is dependent on two key variables: the strategic importance of information systems to their organisation and their perception of risk. Additionally, this research found that these two variables are affected by both organisational contextual factors and the strategic and operational actions undertaken within the business. Furthermore, the results demonstrated that the two board variables also have an impact on the organisation's environment as well as its strategic and operational actions. This paper uses the data gathered from the interviews to develop a model of these factors. In addition, a perception grid is constructed which illustrates the potential concerns that can drive board engagement.

Practical implications

The paper illustrates the advantages of using the perception grid to understand and develop current and future information security issues.

Originality/value

The paper investigates how organisational directors perceive information security and how this perception influences the development of their information security strategy.

Details

Online Information Review, vol. 31 no. 5
Type: Research Article
ISSN: 1468-4527

Keywords

Article
Publication date: 10 October 2016

Anil Gurung and M.K. Raja

Privacy and security concerns of consumers have been touted as one of the hindrances to the growth of e-commerce. These concerns increase the risk perception of consumers…

5683

Abstract

Purpose

Privacy and security concerns of consumers have been touted as one of the hindrances to the growth of e-commerce. These concerns increase the risk perception of consumers. Understanding the consequences of privacy and security concerns and their relationship to risk perceptions may provide a solution. The relationship between privacy and security is investigated using the theory of planned behavior. The study aims to examine the relationship of trust, privacy and security concerns to the risk perception adoption of e-commerce. The results from a survey validate the model.

Design/methodology/approach

Data were collected using survey from undergraduate business students. The respondents were requested to select a specific product that they plan to purchase in the next six months. After selecting a product, the respondents were requested to report an online company that they have recently visited which offers the selected product. The respondents were requested to fill out the survey with regard to their selected online company. Time given was approximately 20 min.

Findings

The results suggest that privacy and security concerns and trust beliefs had effects on risk perception. Among these effects, trust had the largest effect followed by privacy and security concerns. Furthermore, risk perception and trust beliefs had effects on attitude. The effect of trust beliefs on attitude was larger than the effect of risk perception on attitude. Similarly, subjective norm, perceived behavioral control and attitude had a positive and direct effect on intention to be involved in e-commerce.

Research limitations/implications

The first limitation of this study is the use of student subjects. Because this study took place in an educational setting, its generalizability to the general population of consumers lacks to some degree. The second limitation of this study is mono-method bias.

Practical implications

The effect of privacy concerns on risk perception was larger than that of security concerns. Because the consumers get more experienced and sophisticated using the Web, the security concerns that they may have had at the beginning are not reflected in their risk perceptions. It is likely that they have adopted protective measures on their own to defend their privacy online. An example of such a measure would be providing false information to online companies when asked to submit personal information.

Originality/value

The major contributions of this study are developing and validating an integrative framework of e-commerce adoption at the individual level. The model includes privacy and security concerns, risk perception and trust beliefs. This study also highlighted the distinction of constructs of privacy and security concerns and showed their differential effects on other related constructs in the research model.

Details

Information & Computer Security, vol. 24 no. 4
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 8 July 2021

Tanya McGill and Nik Thompson

Information technology users often fail to adopt necessary security and privacy measures, leading to increased risk of cybercrimes. There has been limited research on how…

Abstract

Purpose

Information technology users often fail to adopt necessary security and privacy measures, leading to increased risk of cybercrimes. There has been limited research on how demographic differences influence information security behaviour and understanding this could be important in identifying users who may be more likely to have poor information security behaviour. This study aims to investigate whether there are any gender differences in security and privacy behaviours and perceptions, to identify potential differences that may have implications for protecting users’ privacy and securing their devices, software and data.

Design/methodology/approach

This paper addresses this research gap by investigating security behaviours and perceptions in the following two studies: one focussing on information security and one on information privacy. Data was collected in both studies using anonymous online surveys.

Findings

This study finds significant differences between men and women in over 40% of the security and privacy behaviours considered, suggesting that overall levels of both are significantly lower for women than for men, with behaviours that require more technical skill being adopted less by female users. Furthermore, individual perceptions exhibited some gender differences.

Originality/value

This research suggests that potential gender differences in some security and privacy behaviours and perceptions should be taken into account when designing information security education, training and awareness initiatives for both organisations and the broader community. This study also provides a strong foundation to explore information security individual differences more deeply.

Details

Information & Computer Security, vol. 29 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 7 September 2018

Hannah Carter and Miguel Moital

The purpose of this paper is to create a taxonomy of event participants based on risk and security perceptions.

Abstract

Purpose

The purpose of this paper is to create a taxonomy of event participants based on risk and security perceptions.

Design/methodology/approach

Two focus groups were established with British mothers, one with five mothers and the other with six, recruited through convenience and snowball sampling. A tree diagram was employed to uncover the taxonomic structure underlying risk and security perceptions. In creating the taxonomy, two critical issues were found to best categorise participants: the extent to which risks were considered before attending an event and whether or not participants showed an interest in knowing about security measures in advance of the event.

Findings

Six taxonomy categories were created, based on the unique combination of attitude and reactions: overthinker, investigator, naïve, ignorer, survivalist and optimiser. Similarities and differences between the types of participants were examined across 12 typical traits and reactions to risk and security.

Practical implications

The results provide event organisers with an understanding of whether they need to communicate their risk management strategy, and if so how they can best achieve this.

Originality/value

Existing taxonomies have tended to identify customer types based on risk perceptions alone. This research expands such work by considering attitudes towards both risk and security and how these affect event attendance. Hence, the descriptive taxonomy developed in the paper provides empirical evidence of the diverse risk and security perceptions at public events.

Details

Journal of Hospitality and Tourism Insights, vol. 1 no. 4
Type: Research Article
ISSN: 2514-9792

Keywords

Article
Publication date: 7 March 2023

Raphael Papa Kweku Andoh, Rebecca Dei Mensah, Stephen Tetteh, Georgina Nyantakyiwaa Boampong, Kofi Adom-Nyankey and Bernice Asare

Human resource records are the cornerstone of human resource management. Organizations rely a great deal on their employees to furnish them with human resource records, which is…

Abstract

Purpose

Human resource records are the cornerstone of human resource management. Organizations rely a great deal on their employees to furnish them with human resource records, which is crucial to the effective management of the employees and the success of the organization. It is evident, however, that personal information-related issues in organizations are of significant concern and that examining employees’ perceptions and attitudes regarding personal information management is extremely valuable. Yet, this is largely absent in the literature. This study, therefore, aims to investigate the influence of perceptions of employees concerning the uses and security of human resource records on their attitude toward human resource records in Ghana.

Design/methodology/approach

A descriptive survey design was used in this study. An online questionnaire was used to gather responses from employees for analyses. A structural equation model was developed and assessed because of the advantages that come with its use and the characteristics of this study. The assessment of the structural equation model was done to determine the significance of the hypothesized paths. In addition, effect size, coefficient of determination and predictive relevance of the structural model were assessed. Before that, the validity and reliability of the measurement model were examined through the assessment of the indicator loadings, average variance extracted, Cronbach’s alpha and composite reliability. An importance-performance map analysis (IPMA) was also conducted.

Findings

The hypotheses formulated in this study could not be rejected because the hypotheses tested were statistically significant. Thus, this study revealed that employees’ perception of the uses of human resource records influenced their attitude toward human resource records. Also, employees’ perception of the security of human resource records influenced their attitude toward human resource records. The IPMA revealed that the perception of uses of human resource records was more important, yet its performance was below the perception of security as significant.

Practical implications

Human resource records management professionals, particularly in Ghana, ought to ensure that the human resource records in their organizations are used for the purpose for which they are collected and also, secured. In addition, they should assure employees that their personal information is used as expected and secured. This could be realized with the use of international records management standards especially those in the ISO 30300 series. More so, human resource managers as part of their counseling duties also need to counsel employees so that they form positive perceptions about the uses and security of the personal information they give to their organization in the course of their employment.

Originality/value

To the best of the authors’ knowledge, this study brings to light the attitude of employees toward human resource records based on their perceptions of uses and security in the Ghanaian context which is absent in the literature as previous studies have focused mainly on personal information management behavior only at the individual level.

Article
Publication date: 29 March 2021

Kenneth Albert Saban, Stephen Rau and Charles A. Wood

Information security has increasingly been in the headlines as data breaches continue to occur at alarming rates. This paper aims to propose an Information Security Preparedness…

Abstract

Purpose

Information security has increasingly been in the headlines as data breaches continue to occur at alarming rates. This paper aims to propose an Information Security Preparedness Model that was developed to examine how SME executives’ perceptions of security importance, implementation challenges and external influences impact their awareness and commitment to security preparedness.

Design/methodology/approach

Funded by the Department of Justice, a national survey of SME executives’ perceptions of information security preparedness was conducted. Using PLS-SEM, the survey responses were used to test the proposed Information Security Preparedness Model.

Findings

The results indicate that as perceptions of security importance and external influences increase, SME executives’ awareness and commitment to information security also increases. In addition, as implementation challenges increase, awareness and commitment to information security decreases. Finally, as security importance and awareness and commitment to information security increases, executives’ perception of security preparedness also increases.

Research limitations/implications

Executive perceptions of information security were measured and not the actual level of security. Further research that examines the agreement between executive perceptions and the true state of information security within the organization is warranted.

Originality/value

Prior information security studies using Roger’s (1975, 1983) Protection Motivation Theory have produced mixed results. This paper develops and tests the Information Security Preparedness Model to more fully explain SME executive’s perceptions of information security.

Article
Publication date: 19 July 2023

Hamid Reza Nikkhah, Varun Grover and Rajiv Sabherwal

This study aims to argue that user’s continued use behavior is contingent upon two perceptions (i.e. the app and the provider). This study examines the moderating effects of…

Abstract

Purpose

This study aims to argue that user’s continued use behavior is contingent upon two perceptions (i.e. the app and the provider). This study examines the moderating effects of user’s perceptions of apps and providers on the effects of security and privacy concerns and investigate whether assurance mechanisms decrease such concerns.

Design/methodology/approach

This study conducts a scenario-based survey with 694 mobile cloud computing (MCC) app users to understand their perceptions and behaviors.

Findings

This study finds that while perceived value of data transfer to the cloud moderates the effects of security and privacy concerns on continued use behavior, trust only moderates the effect of privacy concerns. This study also finds that perceived effectiveness of security and privacy intervention impacts privacy concerns but does not decrease security concerns.

Originality/value

Prior mobile app studies mainly focused on mobile apps and did not investigate the perceptions of app providers along with app features in the same study. Furthermore, International Organization for Standardization 27018 certification and privacy policy notification are the interventions that exhibit data assurance mechanisms. However, it is unknown whether these interventions are able to decrease users’ security and privacy concerns after using MCC apps.

Details

Information & Computer Security, vol. 32 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

Book part
Publication date: 3 February 2023

Hrvoje Mataković

Tourism and crime are closely related phenomena, and security is one of the basic preconditions for the functioning of tourism since tourists and tourist areas have many…

Abstract

Tourism and crime are closely related phenomena, and security is one of the basic preconditions for the functioning of tourism since tourists and tourist areas have many characteristics that make them vulnerable to crime. In this chapter are presented the actual (objective) risk of crime and tourists victimization, visible in statistics on committed crimes and crime victims surveys, and the perceived (subjective) risk of crime, recorded in surveys conducted with tourists. The characteristics which influence the actual and perceived risk of crime and violence are presented by analysing three key elements in the relationship between tourism and crime: (1) tourist (these characteristics are classified as socio-demographic, socio-cultural and psychological); (2) trip (characteristics are the purpose of the trip, travel party, and stage of the trip); and (3) destination (characteristics are crime rates in destination, the occurrence of crime by place and time, type of accommodation and length of stay).

Details

Safety and Tourism
Type: Book
ISBN: 978-1-80382-812-1

Keywords

1 – 10 of over 53000