Search results
1 – 10 of over 37000Hao Chen and Yufei Yuan
Protection motivation theory (PMT) explains that the intention to cope with information security risks is based on informed threat and coping appraisals. However, people cannot…
Abstract
Purpose
Protection motivation theory (PMT) explains that the intention to cope with information security risks is based on informed threat and coping appraisals. However, people cannot always make appropriate assessments due to possible ignorance and cognitive biases. This study proposes a research model that introduces four antecedent factors from ignorance and bias perspectives into the PMT model and empirically tests this model with data from a survey of electronic waste (e-waste) handling.
Design/methodology/approach
The data collected from 356 Chinese samples are analyzed via structural equation modeling (SEM).
Findings
The results revealed that for threat appraisal, optimistic bias leads to a lower perception of risks. However, factual ignorance (lack of knowledge of risks) does not significantly affect the perceived threat. For coping appraisal, practical ignorance (lack of knowledge of coping with risks) leads to low response efficacy and self-efficacy and high perceptions of coping cost, but the illusion of control overestimates response efficacy and self-efficacy.
Originality/value
First, this study addresses a new type of information security problem in e-waste handling. Second, this study extends the PMT model by exploring the roles of ignorance and bias as antecedents. Finally, the authors reinvestigate the basic constructs of PMT to identify how rational threat and coping assessments affect user intentions to cope with data security risks.
Details
Keywords
Guillermo Horacio Ramirez Caceres and Yoshimi Teshigawara
The level of security of home information systems can be described as their capacity to resist all the accidental or deliberate malicious activities based on the evaluation…
Abstract
Purpose
The level of security of home information systems can be described as their capacity to resist all the accidental or deliberate malicious activities based on the evaluation assurance levels (EAL) as defined in international standards. The purpose of this paper is to propose a security guideline tool for home users based on the implementation of a protection profile (PP) for home user systems.
Design/methodology/approach
The application was developed in three basic steps. First, a PP for home user systems was created on the basis of the international standard ISO/IEC 15408. Then, the paper created a knowledge base including the PP information, as well as a security policy including other international standards, as mentioned above. Finally, the paper created a web application tool to be used as a security guideline for home users.
Findings
This tool is developed in order to support users to understand the threats which affect their environment and select the appropriate security policy. By using this tool, users can access information about international standards in accordance to their level of knowledge.
Research limitations/implications
The authors created a tool based on EAL4. In the future, tools based on EAL1, EAL2, and EAL3 can be created easily on the basis of the present model.
Originality/value
This PP specifies the security requirements for home user information technology (IT) environments, and makes use of the Department of Defense information assurance guidelines and policies as a basis for establishing the requirements necessary for meeting the security objectives. This PP is constructed for use as a reference for home users to create safe home IT environments. Operating systems evaluated against this PP can operate at EAL4.
Details
Keywords
Talal H. Hayale and Husam A. Abu Khadra
The objective of this study is to investigate perceived security threats of Computerized Accounting Information Systems (CAIS) that face Jordanian domestic banks. An empirical…
Abstract
The objective of this study is to investigate perceived security threats of Computerized Accounting Information Systems (CAIS) that face Jordanian domestic banks. An empirical survey using self‐administrated questionnaire has been carried out to achieve the above‐mentioned objective. The study results reveal that accidental entry of “bad” data by employees, accidental destruction of data by employees; intentional entry of “bad” data by employees and employees’ sharing passwords are the top four security threats that face domestic banks. The paper concludes that most security threats that face domestic banks are internally generated and unintentional.
Details
Keywords
Mazen El-Masri and Eiman Mutwali Abdelmageed Hussain
Blockchain is evolving to become a platform for securing Internet of things (IoT) ecosystems. Still, challenges remain. The purpose of this literature review is to highlight the…
Abstract
Purpose
Blockchain is evolving to become a platform for securing Internet of things (IoT) ecosystems. Still, challenges remain. The purpose of this literature review is to highlight the applicability of blockchain as a medium to secure IoT ecosystems. A two-dimensional framework anchored on (1) IoT layers and (2) security goals is used to organize the existent IoT security threats and their corresponding countermeasures identified in the reviewed literature. The framework helped in mapping the IoT security threats with the inherent features of blockchain and accentuate their prominence to IoT security.
Design/methodology/approach
An approach integrating computerized natural language processing (NLP) with a systematic literature review methodology was adopted. A large corpus of 2,303 titles and abstracts of blockchain articles was programmatically analyzed in order to identify the relevant literature. The identified literature was subjected to a systematic review guided by a well-established method in IS research.
Findings
The literature evidently highlights the prominence of blockchain as a mean to IoT security due to the distinctive features it encompasses. The authors’ investigation revealed that numerous existent threats are better addressed with blockchain than conventional mechanisms. Nevertheless, blockchain consumes resources such as electricity, time, bandwidth and disk space at a rate that is not yet easily accessible to common IoT ecosystems.
Research limitations/implications
Results suggest that a configurational approach that aligns IoT security requirements with the resource requirements of different blockchain features is necessary in order to realize the proper balance between security, efficiency and feasibility.
Practical implications
Practitioners can make use of the classified lists of convention security mechanisms and the IoT threats they address. The framework can help underline the countermeasures that best achieve their security goals. Practitioners can also use the framework to identify the most important features to seek for in a blockchain technology that can help them achieve their security goals.
Originality/value
This study proposes a novel framework that can help classify IoT threats based on the IoT layer impacted and the security goal at risk. Moreover, it applies a combined man-machine approach to systematically analyze the literature.
Details
Keywords
Eileen M. Decker, Matthew Morin and Eric M. Rosner
Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also face a…
Abstract
Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also face a constant stream of cyberattacks through varied methods by actors with myriad motivations. These threats are not expected to diminish in the near future. As a result, homeland security and national security professionals at all levels of government must understand the unique motivations and capabilities of malicious cyber actors in order to better protect against and respond to cyberattacks. This chapter outlines the most common cyberattacks; explains the motivations behind these attacks; and describes the federal, state, and local efforts to address these threats.
Details
Keywords
Tilman Brück, Olaf J. de Groot and Neil T. N. Ferguson
The purpose of this study is to define the interactions that determine how secure a society is from terrorism and to propose a method for measuring the threat of terrorism in an…
Abstract
Purpose
The purpose of this study is to define the interactions that determine how secure a society is from terrorism and to propose a method for measuring the threat of terrorism in an objective and spatio-temporally comparable manner.
Methodology/approach
Game-theoretic analysis of the determinants of security and discussion of how to implement these interactions into a measure of security.
Findings
We show that governments concerned with popularity have an incentive to over-invest in security and that, in certain situations, this leads to a deterioration in net security position. Our discussion provides an implementable means for measuring the levels of threat and protection, as well as individuals’ perceptions of both, which we propose can be combined into an objective and scientific measure of security.
Research limitations/implications
The implication for researchers is the suggestion that efficiency, as well as scale of counter-terrorism, is important in determining a country’s overall security position. Furthermore, we suggest that individuals’ perceptions are at least as important in determining suitable counter-terrorism policy as objective measures of protection and threat. The limitations of this research are found in the vast data requirements that any attempt to measure security will need.
Originality/value of the chapter
We propose the first method for objectively measuring the net security position of a country, using economic and econometric means.
Details
Keywords
The purpose of this paper is to look into how people in risky environments define human security by using the framework of the draft human security index of the Third World…
Abstract
Purpose
The purpose of this paper is to look into how people in risky environments define human security by using the framework of the draft human security index of the Third World Studies Center, University of the Philippines to study five municipalities. The concept of human security used here is the comprehensive definition that covers “freedom from fear” and “freedom from want” dimensions but using a more local/bottom-up perspective in getting people’s sense of security and threats/risks. As a pilot research, the paper also reveals the shortcomings of the draft index as it does not highlight yet other factors like gender, ethnicity and other sectoral identities.
Design/methodology/approach
The pilot municipalities all have a history of violent conflicts or insurgency and they also face other security threats/risks, e.g., natural disasters and effects of climate change, limited sources of livelihood, lack of food, water shortage, etc. Through surveys, focus group discussions and interviews, people were asked about their sense of security and experiences, perceived threats to individuals and the community, understanding of human security and their capacity, as individuals and as a community, to cope with and/or do something about these threats. The focus of the manuscript, however, is the more qualitative responses of informants.
Findings
In these conflict areas, poverty and the limited livelihood opportunities are major threats, followed by threats to food, environmental, personal and community security (particularly peace and order). The perceived intensity of certain threats also varies depending on the type of community or group one belongs to. It appears that respondents have a comprehensive view of human security; what they lack are resources and skills to mitigate such threats. Community empowerment and improved local governance are crucial with support from external actors.
Research limitations/implications
It is important to look at the experiences of other areas without histories of armed conflicts to understand possibly different security issues and threats/risks and include perspectives of people based on gender, ethnicity and other identities.
Originality/value
The research shows the value of using local/bottom-up perceptions of people apart from available development and security statistics (which are usually top-down, very general and universalistic) to assess, monitor actual and plan future interventions to address human security threats and vulnerabilities at different levels. The qualitative and quantitative data from the ground are also useful in refining human security-related concepts, hypotheses and theories.
Details
Keywords
Hassan Jamil, Tanveer Zia, Tahmid Nayeem, Monica T. Whitty and Steven D'Alessandro
The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However…
Abstract
Purpose
The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.
Design/methodology/approach
The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.
Findings
The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.
Originality/value
The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.
Details