Search results

Protection motivation theory (PMT) explains that the intention to cope with information security risks is based on informed threat and coping appraisals. However, people cannot always make appropriate assessments due to possible ignorance and cognitive biases. This study proposes a research model that introduces four antecedent factors from ignorance and bias perspectives into the PMT model and empirically tests this model with data from a survey of electronic waste (e-waste) handling.

The data collected from 356 Chinese samples are analyzed via structural equation modeling (SEM).

The results revealed that for threat appraisal, optimistic bias leads to a lower perception of risks. However, factual ignorance (lack of knowledge of risks) does not significantly affect the perceived threat. For coping appraisal, practical ignorance (lack of knowledge of coping with risks) leads to low response efficacy and self-efficacy and high perceptions of coping cost, but the illusion of control overestimates response efficacy and self-efficacy.

First, this study addresses a new type of information security problem in e-waste handling. Second, this study extends the PMT model by exploring the roles of ignorance and bias as antecedents. Finally, the authors reinvestigate the basic constructs of PMT to identify how rational threat and coping assessments affect user intentions to cope with data security risks.

The level of security of home information systems can be described as their capacity to resist all the accidental or deliberate malicious activities based on the evaluation assurance levels (EAL) as defined in international standards. The purpose of this paper is to propose a security guideline tool for home users based on the implementation of a protection profile (PP) for home user systems.

The application was developed in three basic steps. First, a PP for home user systems was created on the basis of the international standard ISO/IEC 15408. Then, the paper created a knowledge base including the PP information, as well as a security policy including other international standards, as mentioned above. Finally, the paper created a web application tool to be used as a security guideline for home users.

This tool is developed in order to support users to understand the threats which affect their environment and select the appropriate security policy. By using this tool, users can access information about international standards in accordance to their level of knowledge.

The authors created a tool based on EAL4. In the future, tools based on EAL1, EAL2, and EAL3 can be created easily on the basis of the present model.

This PP specifies the security requirements for home user information technology (IT) environments, and makes use of the Department of Defense information assurance guidelines and policies as a basis for establishing the requirements necessary for meeting the security objectives. This PP is constructed for use as a reference for home users to create safe home IT environments. Operating systems evaluated against this PP can operate at EAL4.

The objective of this study is to investigate perceived security threats of Computerized Accounting Information Systems (CAIS) that face Jordanian domestic banks. An empirical survey using self‐administrated questionnaire has been carried out to achieve the above‐mentioned objective. The study results reveal that accidental entry of “bad” data by employees, accidental destruction of data by employees; intentional entry of “bad” data by employees and employees’ sharing passwords are the top four security threats that face domestic banks. The paper concludes that most security threats that face domestic banks are internally generated and unintentional.

Blockchain is evolving to become a platform for securing Internet of things (IoT) ecosystems. Still, challenges remain. The purpose of this literature review is to highlight the applicability of blockchain as a medium to secure IoT ecosystems. A two-dimensional framework anchored on (1) IoT layers and (2) security goals is used to organize the existent IoT security threats and their corresponding countermeasures identified in the reviewed literature. The framework helped in mapping the IoT security threats with the inherent features of blockchain and accentuate their prominence to IoT security.

An approach integrating computerized natural language processing (NLP) with a systematic literature review methodology was adopted. A large corpus of 2,303 titles and abstracts of blockchain articles was programmatically analyzed in order to identify the relevant literature. The identified literature was subjected to a systematic review guided by a well-established method in IS research.

The literature evidently highlights the prominence of blockchain as a mean to IoT security due to the distinctive features it encompasses. The authors’ investigation revealed that numerous existent threats are better addressed with blockchain than conventional mechanisms. Nevertheless, blockchain consumes resources such as electricity, time, bandwidth and disk space at a rate that is not yet easily accessible to common IoT ecosystems.

Results suggest that a configurational approach that aligns IoT security requirements with the resource requirements of different blockchain features is necessary in order to realize the proper balance between security, efficiency and feasibility.

Practitioners can make use of the classified lists of convention security mechanisms and the IoT threats they address. The framework can help underline the countermeasures that best achieve their security goals. Practitioners can also use the framework to identify the most important features to seek for in a blockchain technology that can help them achieve their security goals.

This study proposes a novel framework that can help classify IoT threats based on the IoT layer impacted and the security goal at risk. Moreover, it applies a combined man-machine approach to systematically analyze the literature.

Cyber threats present constantly evolving and unique challenges to national security professionals at all levels of government. Public and private sector entities also face a constant stream of cyberattacks through varied methods by actors with myriad motivations. These threats are not expected to diminish in the near future. As a result, homeland security and national security professionals at all levels of government must understand the unique motivations and capabilities of malicious cyber actors in order to better protect against and respond to cyberattacks. This chapter outlines the most common cyberattacks; explains the motivations behind these attacks; and describes the federal, state, and local efforts to address these threats.

The purpose of this study is to define the interactions that determine how secure a society is from terrorism and to propose a method for measuring the threat of terrorism in an objective and spatio-temporally comparable manner.

Game-theoretic analysis of the determinants of security and discussion of how to implement these interactions into a measure of security.

We show that governments concerned with popularity have an incentive to over-invest in security and that, in certain situations, this leads to a deterioration in net security position. Our discussion provides an implementable means for measuring the levels of threat and protection, as well as individuals’ perceptions of both, which we propose can be combined into an objective and scientific measure of security.

The implication for researchers is the suggestion that efficiency, as well as scale of counter-terrorism, is important in determining a country’s overall security position. Furthermore, we suggest that individuals’ perceptions are at least as important in determining suitable counter-terrorism policy as objective measures of protection and threat. The limitations of this research are found in the vast data requirements that any attempt to measure security will need.

We propose the first method for objectively measuring the net security position of a country, using economic and econometric means.

The purpose of this paper is to look into how people in risky environments define human security by using the framework of the draft human security index of the Third World Studies Center, University of the Philippines to study five municipalities. The concept of human security used here is the comprehensive definition that covers “freedom from fear” and “freedom from want” dimensions but using a more local/bottom-up perspective in getting people’s sense of security and threats/risks. As a pilot research, the paper also reveals the shortcomings of the draft index as it does not highlight yet other factors like gender, ethnicity and other sectoral identities.

The pilot municipalities all have a history of violent conflicts or insurgency and they also face other security threats/risks, e.g., natural disasters and effects of climate change, limited sources of livelihood, lack of food, water shortage, etc. Through surveys, focus group discussions and interviews, people were asked about their sense of security and experiences, perceived threats to individuals and the community, understanding of human security and their capacity, as individuals and as a community, to cope with and/or do something about these threats. The focus of the manuscript, however, is the more qualitative responses of informants.

In these conflict areas, poverty and the limited livelihood opportunities are major threats, followed by threats to food, environmental, personal and community security (particularly peace and order). The perceived intensity of certain threats also varies depending on the type of community or group one belongs to. It appears that respondents have a comprehensive view of human security; what they lack are resources and skills to mitigate such threats. Community empowerment and improved local governance are crucial with support from external actors.

It is important to look at the experiences of other areas without histories of armed conflicts to understand possibly different security issues and threats/risks and include perspectives of people based on gender, ethnicity and other identities.

The research shows the value of using local/bottom-up perceptions of people apart from available development and security statistics (which are usually top-down, very general and universalistic) to assess, monitor actual and plan future interventions to address human security threats and vulnerabilities at different levels. The qualitative and quantitative data from the ground are also useful in refining human security-related concepts, hypotheses and theories.

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.

The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.

The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.

The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.