Search results

The human factor is the most important defense asset against cyberattacks. To ensure that the human factor stays strong, a cybersecurity culture must be established and cultivated in a company to guide the attitudes and behaviors of employees. Many cybersecurity culture frameworks exist; however, their practical application is difficult. This paper aims to demonstrate how an established framework can be applied to determine and improve the cybersecurity culture of a company.

Two surveys were conducted within eight months in the internal IT department of a global software company to analyze the cybersecurity culture and the applied improvement measures. Both surveys comprised the same 23 questions to measure cybersecurity culture according to six dimensions: cybersecurity accountability, cybersecurity commitment, cybersecurity necessity and importance, cybersecurity policy effectiveness, information usage perception and management buy-in.

Results demonstrate that cybersecurity culture maturity can be determined and improved if accurate measures are derived from the results of the survey. The first survey showed potential for improving the dimensions of cybersecurity accountability, cybersecurity commitment and cybersecurity policy effectiveness, while the second survey proved that these dimensions have been improved.

This paper proves that practical application of cybersecurity culture frameworks is possible if they are appropriately tailored to a given organization. In this regard, scientific research and practical application combine to offer real value to researchers and cybersecurity executives.

Develop a comprehensive framework for assessing the knowledge organization systems (KOSs), including the taxonomy of Wikipedia and the ontologies of Wikidata, with a specific focus on enhancing management and retrieval with a gender nonbinary perspective.

This study employs heuristic and inspection methods to assess Wikipedia’s KOS, ensuring compliance with international standards. It evaluates the efficiency of retrieving non-masculine gender-related articles using the Catalan Wikipedian category scheme, identifying limitations. Additionally, a novel assessment of Wikidata ontologies examines their structure and coverage of gender-related properties, comparing them to Wikipedia’s taxonomy for advantages and enhancements.

This study evaluates Wikipedia’s taxonomy and Wikidata’s ontologies, establishing evaluation criteria for gender-based categorization and exploring their structural effectiveness. The evaluation process suggests that Wikidata ontologies may offer a viable solution to address Wikipedia’s categorization challenges.

The assessment of Wikipedia categories (taxonomy) based on KOS standards leads to the conclusion that there is ample room for improvement, not only in matters concerning gender identity but also in the overall KOS to enhance search and retrieval for users. These findings bear relevance for the design of tools to support information retrieval on knowledge-rich websites, as they assist users in exploring topics and concepts.

This study aims to examine how an educational intervention, using the lens of the LEADS framework, can influence the development of primary care doctors’ leadership skills in Aceh, Indonesia. In order to persevere in the face of inadequate resources and infrastructure, particularly in rural and remote settings of low- and middle‐income countries, physicians require strong leadership skills. However, there is a lack of information on leadership development in these settings.

This study applied an educational intervention consisting of a two-day workshop. The authors evaluated the impact of the workshop on participants’ knowledge and skill by combining quantitative pre- and post-intervention questionnaires (based on Levels 1 and 2 of Kirkpatrick’s model) with qualitative post-intervention in-depth interviews, using a phenomenological approach and thematic analysis.

The workshop yielded positive results, as evidenced by participants’ increased confidence to apply and use the information and skills acquired during the workshop. Critical success factors were as follows: participants were curiosity-driven; the use of multiple learning methodologies that attracted participants; and the use of authentic scenarios as a critical feature of the program.

The intervention may offer a preliminary model for improving physician leadership skills in rural and remote settings by incorporating multiple teaching approaches and considering local cultural norms.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

The purpose of this paper is to examine the adoption of Islamic finance products (murabaha, musharakah, mudarabah, salam, ijara, istisna and Qard Hassan) by small and medium-sized enterprises (SMEs) in Cameroon, a non-Islamic Sub-Saharan African country.

It used primary data collected from a cross-section of 1,358 SMEs in eight regions of Cameroon using self-administered structured questionnaires. To facilitate the analyses and interpretation, these products are grouped into four groups based on certain characteristics. A multivariate probit model is estimated to take into account the interaction between these different Islamic finance products.

This study revealed that the desire to comply with Sharia law, awareness, attitude and intention were critical determinants of the decision to adopt Islamic finance products by Cameroonian SMEs. The least influential factors were perceived behavioral control, subjective norms, enterprise characteristics (size, age and location) and socio-demographic characteristics of the entrepreneur (gender, age and marital status). The extension of the multivariate approach permitted us to compute for predicted probabilities which revealed that there exists a synergy effect between the different Islamic finance products. That is, Cameroonian SMEs combine different Islamic finance products at the same time based on their needs. This is especially the case between the partnership-based products (musharakah and mudarabah) and manufacture/rent products (istisna and ijara).

Policymakers are encouraged to develop stakeholder-oriented strategies to promote effective consumer education in Islamic finance products which will boost awareness. Also, Islamic finance institutions should endeavor to develop innovative financial products that are Sharia-compliant and economically beneficial to the individual and business needs of SMEs. Moreover, policymakers and management of Islamic finance institutions should ensure the putting in place of effective governance structures to guide Islamic finance operations. Finally, policymakers should endeavor to take into account the possible synergy between the different Islamic finance products in their quest to develop this activity.

To the best of the authors’ knowledge, this is the first study that analyses the adoption of different Islamic finance products while taking into account the possible synergy that exists between these products.