Search results

1 – 10 of over 4000
Article
Publication date: 18 July 2023

Stephen Mujeye

This study aims to investigate the differences in security-conscious (group A) and regular (group B) users’ behaviors and practices on mobile devices.

Abstract

Purpose

This study aims to investigate the differences in security-conscious (group A) and regular (group B) users’ behaviors and practices on mobile devices.

Design/methodology/approach

A survey was used to investigate the differences in behaviors and practices of security-conscious users (group A) and regular users (group B) on mobile devices. Each group will have 50 participants for a total of 100.

Findings

The analysis revealed differences in the behaviors and practices of security-conscious and regular users. The results indicated that security-conscious users engage in behaviors and practices that are more secure on mobile devices when compared with regular users.

Research limitations/implications

The results will help recommend the best behaviors and practices for mobile device users, increasing mobile device security.

Social implications

The results will help society to be more aware of security behaviors and practices on mobile devices.

Originality/value

This study answers the call for addressing the weaknesses and vulnerabilities in mobile device security. It develops a research instrument to measure the differences in behaviors and practices of security-conscious and regular mobile device users.

Details

Information & Computer Security, vol. 31 no. 5
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 20 November 2023

Prakriti Dumaru, Ankit Shrestha, Rizu Paudel, Cassity Haverkamp, Maryellen Brunson McClain and Mahdi Nasrullah Al-Ameen

The purpose of this study is to understand user perceptions and misconceptions regarding security tools. Security and privacy-preserving tools (for brevity, the authors term them…

Abstract

Purpose

The purpose of this study is to understand user perceptions and misconceptions regarding security tools. Security and privacy-preserving tools (for brevity, the authors term them as “security tools” in this paper, unless otherwise specified) are designed to protect the security and privacy of people in the digital environment. However, inappropriate use of these tools can lead to unexpected consequences that are preventable. Hence, it is significant to examine why users do not understand the security tools.

Design/methodology/approach

The authors conducted a qualitative study with 40 participants in the USA to investigate the prevalent misconceptions of people regarding security tools, their perceptions of data access and the corresponding impact on their usage behavior and data protection strategies.

Findings

While security vulnerabilities are often rooted in people’s internet usage behavior, this study examined user’s mental models of the internet and unpacked how the misconceptions about security tools relate to those mental models.

Originality/value

Based on the findings, this study offers recommendations highlighting the design aspects of security tools that need careful attention from researchers and industry practitioners, to alleviate users’ misconceptions and provide them with accurate conceptual models toward the desired use of security tools.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 9 November 2023

Gregory Lyon

The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is…

109

Abstract

Purpose

The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security practices. The purpose of this study is to examine how objective cyber awareness is distributed throughout society.

Design/methodology/approach

This study draws on a large national survey of adults to examine the relationship between individual factors – such as demographic attributes and socioeconomic resources – and information security awareness. The study estimates several statistical models using weighted logistic regression to model objective information security awareness.

Findings

The results indicate that socioeconomic resources such as income and education have a significant effect on individuals’ information security awareness with richer and more highly educated individuals exhibiting greater awareness of important security practices and tools. Additionally, age and gender represent consistent and clear informational gaps in society as older individuals and females are significantly less knowledgeable about an array of information security practices than younger individuals and males, respectively.

Social implications

The findings have important implications for our understanding of information security behavior and user vulnerability in an increasingly digital and connected society. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks. While digital technology will continue to permeate many aspects of daily life – from financial transactions to health services to social interactions – the findings here indicate that some users may be far more exposed and vulnerable to attack than others.

Originality/value

This study contributes to our understanding of general user information security awareness using a large survey and statistical models to generalize about the public’s information security awareness across multiple domains and stimulates future research on public knowledge of information security. The findings indicate that some users may be far more exposed and vulnerable to attack than others. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 1 December 2022

Duha Alsmadi, Ali Maqousi and Tala Abuhussein

Due to the lack of awareness and poor cybersecurity practices that pose cyber threats during COVID-19 time, this research aims to explore user's attitude toward engaging in…

Abstract

Purpose

Due to the lack of awareness and poor cybersecurity practices that pose cyber threats during COVID-19 time, this research aims to explore user's attitude toward engaging in proactive cybersecurity awareness behavior.

Design/methodology/approach

Based on the theory of planned behavior, the relationship between multiple factors and their influence on the attitude is explored. A survey-based approach was utilized to collect responses and a model was proposed and tested on 229 respondents from the University of Petra-Jordan.

Findings

The attitude was significantly influenced by peers' influence and the individuals' cybersecurity threats awareness, especially threats that emerged during the COVID-19 time.

Research limitations/implications

The research benefits decision makers in educational institutions who intend to develop cybersecurity awareness programs and helps them to assess user cybersecurity background weaknesses.

Originality/value

The research is the first to explore users' knowledge dimensions including organizational, information systems and social media as well as peers' influence on cybersecurity awareness. Also, it sheds light on the users’ perception of major cybersecurity hazards in COVID-19 time.

Details

Kybernetes, vol. 53 no. 1
Type: Research Article
ISSN: 0368-492X

Keywords

Article
Publication date: 17 May 2022

Maryam Nasser AL-Nuaimi

A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and…

Abstract

Purpose

A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and socio-cognitive theories. This study aims to explore human and contextual factors influencing cyber security behaviour in organizations while drawing implications for cyber-security in higher education institutions.

Design/methodology/approach

A systematic literature review has been implemented. The reviewed studies have revealed various human and contextual factors that influence cyber-security behaviour in organizations, notably higher education institutions.

Research limitations/implications

This review study offers practical implications for constructing and keeping a robust cyber-security organizational culture in higher education institutions for the sustainable development goals of cyber-security training and education.

Originality/value

The value of the current review arises in that it presents a comprehensive account of human factors affecting cyber-security in organizations, a topic that is rarely investigated in previous related literature. Furthermore, the current review sheds light on cyber-security in higher education from the weakest link perspective. Simultaneously, the study contributes to relevant literature by gaining insight into human factors and socio-technological controls related to cyber-security in higher education institutions.

Details

Global Knowledge, Memory and Communication, vol. 73 no. 1/2
Type: Research Article
ISSN: 2514-9342

Keywords

Article
Publication date: 30 December 2022

Hao Chen and Yufei Yuan

Protection motivation theory (PMT) explains that the intention to cope with information security risks is based on informed threat and coping appraisals. However, people cannot…

Abstract

Purpose

Protection motivation theory (PMT) explains that the intention to cope with information security risks is based on informed threat and coping appraisals. However, people cannot always make appropriate assessments due to possible ignorance and cognitive biases. This study proposes a research model that introduces four antecedent factors from ignorance and bias perspectives into the PMT model and empirically tests this model with data from a survey of electronic waste (e-waste) handling.

Design/methodology/approach

The data collected from 356 Chinese samples are analyzed via structural equation modeling (SEM).

Findings

The results revealed that for threat appraisal, optimistic bias leads to a lower perception of risks. However, factual ignorance (lack of knowledge of risks) does not significantly affect the perceived threat. For coping appraisal, practical ignorance (lack of knowledge of coping with risks) leads to low response efficacy and self-efficacy and high perceptions of coping cost, but the illusion of control overestimates response efficacy and self-efficacy.

Originality/value

First, this study addresses a new type of information security problem in e-waste handling. Second, this study extends the PMT model by exploring the roles of ignorance and bias as antecedents. Finally, the authors reinvestigate the basic constructs of PMT to identify how rational threat and coping assessments affect user intentions to cope with data security risks.

Article
Publication date: 25 September 2023

Trang Nguyen

Despite the growing concern about security breaches and risks emerging from Shadow IT usage, a type of information security violation committed by organizational insiders, this…

Abstract

Purpose

Despite the growing concern about security breaches and risks emerging from Shadow IT usage, a type of information security violation committed by organizational insiders, this phenomenon has received little scholarly attention. By integrating the dual-factor theory, unified theory of acceptance and use of technology (UTAUT) and social control theory, this research aims to examine facilitating and deterring factors of Shadow IT usage intention.

Design/methodology/approach

An online survey was performed to obtain data. As this study aims at investigating the behavior of organizational insiders, LinkedIn, an employment-oriented network site, was chosen as the main site to reach the potential respondents.

Findings

The results show that while performance expectancy, effort expectancy and subjective norms considerably impact intention to use Shadow IT, personal norms and sanctions-related factors exert no influence. Besides, an organizational factor of ethical work climate is found to significantly increase individual perceptions of informal controls and formal controls.

Originality/value

This work is the first attempt to extend the generalizability of the dual-factor theory and UTAUT model, which primarily has been utilized in the context of system usage, to the new context of information security. This study is also one of few studies that simultaneously take both organizational and individual factors into consideration and identify its impacts on user's behaviors in the information security context.

Details

Online Information Review, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1468-4527

Keywords

Article
Publication date: 17 November 2023

Dien Van Tran, Phuong Van Nguyen, Anh Thi Chau Nguyen, Demetris Vrontis and Phuong Uyen Dinh

This study aims to investigate the impact of employees’ engagement in government social media (GSM) on their cybersecurity compliance attitude, protection motivation and…

Abstract

Purpose

This study aims to investigate the impact of employees’ engagement in government social media (GSM) on their cybersecurity compliance attitude, protection motivation and protective behavior, thereby contributing to effective cybersecurity practices at organizations.

Design/methodology/approach

A quantitative cross-sectional field survey was conducted to collect primary data in big cities and large provinces in Vietnam. The final data set of 323 responses was analyzed using the partial least squares-structural equation modeling approach to interpret the results and test research hypotheses.

Findings

Engagement in GSM positively influences employees’ cybersecurity compliance attitude (ATT). Perceived threat vulnerability and response efficacy also contribute to a positive compliance attitude, although self-efficacy has a negative impact. Moreover, the cybersecurity compliance ATT significantly explains the information protection motivation, which in turn influences employee protective behaviors. However, the relationship between compliance attitude and protective behaviors is weak, unlike previous studies that found a strong correlation.

Originality/value

Although recent studies have explored specific information security practices in corporate and home contexts, the influence of GSM on individuals’ cybersecurity behaviors has received limited attention because of its novelty. This study contributes to the existing body of knowledge by investigating the impact of GSM on cybersecurity behaviors. This study provides significant contributions to understanding social media’s effects of social media on individuals’ cultivation processes, by expanding upon the protective motivation theory and cultivation theory. The results lead to practical suggestions for organizational managers and policymakers so that they can enhance their understanding of the importance of cybersecurity, encourage the implementation of self-defense strategies and highlight the significance of threat and coping evaluations in influencing attitudes and motivations.

Details

Journal of Asia Business Studies, vol. 18 no. 1
Type: Research Article
ISSN: 1558-7894

Keywords

Article
Publication date: 28 February 2024

Mustafa Saritepeci, Hatice Yildiz Durak, Gül Özüdoğru and Nilüfer Atman Uslu

Online privacy pertains to an individual’s capacity to regulate and oversee the gathering and distribution of online information. Conversely, online privacy concern (OPC) pertains…

Abstract

Purpose

Online privacy pertains to an individual’s capacity to regulate and oversee the gathering and distribution of online information. Conversely, online privacy concern (OPC) pertains to the protection of personal information, along with the worries or convictions concerning potential risks and unfavorable outcomes associated with its collection, utilization and distribution. With a holistic approach to these relationships, this study aims to model the relationships between digital literacy (DL), digital data security awareness (DDSA) and OPC and how these relationships vary by gender.

Design/methodology/approach

The participants of this study are 2,835 university students. Data collection tools in the study consist of personal information form and three different scales. Partial least squares (PLS), structural equation modeling (SEM) and multi-group analysis (MGA) were used to test the framework determined in the context of the research purpose and to validate the proposed hypotheses.

Findings

DL has a direct and positive effect on digital data security awareness (DDSA), and DDSA has a positive effect on OPC. According to the MGA results, the hypothesis put forward in both male and female sub-samples was supported. The effect of DDSA on OPC is higher for males.

Originality/value

This study highlights the positive role of DL and perception of data security on OPC. In addition, MGA findings by gender reveal some differences between men and women.

Peer review

The peer review history for this article is available at: https://publons.com/publon/10.1108/OIR-03-2023-0122

Details

Online Information Review, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1468-4527

Keywords

Article
Publication date: 9 October 2023

Yong Sun, Ya-Feng Zhang, Yalin Wang and Sihui Zhang

This paper aims to investigate the cooperative governance mechanisms for personal information security, which can help enrich digital governance research and provide a reference…

Abstract

Purpose

This paper aims to investigate the cooperative governance mechanisms for personal information security, which can help enrich digital governance research and provide a reference for the formulation of protection policies for personal information security.

Design/methodology/approach

This paper constructs an evolutionary game model consisting of regulators, digital enterprises and consumers, which is combined with the simulation method to examine the influence of different factors on personal information protection and governance.

Findings

The results reveal seven stable equilibrium strategies for personal information security within the cooperative governance game system. The non-compliant processing of personal information by digital enterprises can damage the rights and interests of consumers. However, the combination of regulatory measures implemented by supervisory authorities and the rights protection measures enacted by consumers can effectively promote the self-regulation of digital enterprises. The reputation mechanism exerts a restricting effect on the opportunistic behaviour of the participants.

Research limitations/implications

The authors focus on the regulation of digital enterprises and do not consider the involvement of malicious actors such as hackers, and the authors will continue to focus on the game when assessing the governance of malicious actors in subsequent research.

Practical implications

This study's results enhance digital governance research and offer a reference for developing policies that protect personal information security.

Originality/value

This paper builds an analytical framework for cooperative governance for personal information security, which helps to understand the decision-making behaviour and motivation of different subjects and to better address issues in the governance for personal information security.

Details

Kybernetes, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0368-492X

Keywords

1 – 10 of over 4000