Search results

As cyber-attacks continue to grow, organisations adopting the internet-of-things (IoT) have continued to react to security concerns that threaten their businesses within the current highly competitive environment. Many recorded industrial cyber-attacks have successfully beaten technical security solutions by exploiting human-factor vulnerabilities related to security knowledge and skills and manipulating human elements into inadvertently conveying access to critical industrial assets. Knowledge and skill capabilities contribute to human analytical proficiencies for enhanced cybersecurity readiness. Thus, a human-factored security endeavour is required to investigate the capabilities of the human constituents (workforce) to appropriately recognise and respond to cyber intrusion events within the industrial control system (ICS) environment.

A quantitative approach (statistical analysis) is adopted to provide an approach to quantify the potential cybersecurity capability aptitudes of industrial human actors, identify the least security-capable workforce in the operational domain with the greatest susceptibility likelihood to cyber-attacks (i.e. weakest link) and guide the enhancement of security assurance. To support these objectives, a Human-factored Cyber Security Capability Evaluation approach is presented using conceptual analysis techniques.

Using a test scenario, the approach demonstrates the capacity to proffer an efficient evaluation of workforce security knowledge and skills capabilities and the identification of weakest link in the workforce.

The approach can enable organisations to gain better workforce security perspectives like security-consciousness, alertness and response aptitudes, thus guiding organisations into adopting strategic means of appropriating security remediation outlines, scopes and resources without undue wastes or redundancies.

This paper demonstrates originality by providing a framework and computational approach for characterising and quantify human-factor security capabilities based on security knowledge and security skills. It also supports the identification of potential security weakest links amongst an evaluated industrial workforce (human agents), some key security susceptibility areas and relevant control interventions. The model and validation results demonstrate the application of action research. This paper demonstrates originality by illustrating how action research can be applied within socio-technical dimensions to solve recurrent and dynamic problems related to industrial environment cyber security improvement. It provides value by demonstrating how theoretical security knowledge (awareness) and practical security skills can help resolve cyber security response and control uncertainties within industrial organisations.

The purpose of this paper can be encapsulated in the following points: identify the research papers published on the topic: competencies and skills necessary for critical infrastructure (CI) cyber-security (CS) protection; determine main focus areas within the identified literature and evaluate the dependency or lack thereof between them: make recommendations for future research.

This study is based on a systematic literature review conducted to identify scientific papers discussing and evaluating competencies, skills and essential attributes needed by the CI workforce for CS and preparedness to attacks and incidents.

After a comparative analysis of the articles reviewed in this study, a variety of skills and competencies was found to be necessary for CS assurance in CIs. These skills have been grouped into four categories, namely, technical, managerial, implementation and soft skills. Nonetheless, there is still a lack of agreement on which skills are the most critical and further research should be conducted on the relation between specific soft skills and CS assurance.

Investigation of which skills are required by industry for specific CS roles, by conducting interviews and sending questionnaire\surveys, would allow consolidating whether literature and industry requirements are equivalent.

Findings from this literature review suggest that more effort should be taken to conciliate current CS curricula in academia with the skills and competencies required for CS roles in the industry.

This study provides a previously lacking current mapping and review of literature discussing skills and competencies evidenced as critical for CS assurance for CI. The findings of this research are useful for the development of comprehensive solutions for CS awareness and training.

Supply chain security has been recognized as an important part of managing business risks. The purpose of this paper is to propose a methodology with systematic metrics for logistics service providers (LSPs) to develop their security design to meet customer demands.

The study is based on a three-stage process of desk research, content validation test, and in-depth case study. The study demonstrates an integrated analytical approach which combines analytical network process (ANP) with quality function deployment (QFD), and then applies the approach to an international LSP.

A case study of an international LSP shows how the ANP-QFD approach can be deployed to understand customers’ expectation for security and develop tactics and measures with the aim to achieve the desirable outcome for LSPs’ security design.

The paper contributes to supply chain security literature and practice. This study is among the research taking the first step to use ANP-QFD to translate the customer requirements (CRs) for supply chain security into systematic metrics for LSPs to develop their security design. Results from such research into the development of security performance can benefit LSPs in terms of increasing the effectiveness and improving the customer orientation of security efforts. By extension, other firms can enhance their security design by referring to the case study and the integrated analytical method. The flexibility of this ANP-QFD approach offers leeway for firms to change the CRs and design requirements based on their unique circumstances.

The purpose of this paper is to examine whether four different generations (Silent Generation, Baby Boomers, Generation X, and Generation Y) hold different beliefs about career. Career type, career success evaluation and importance attached to organizational security are to be scrutinized for each generation.

A total of 750 people completed a vignette task, rating the career success of 32 fictitious people. Each vignette contained a different combination of five career features (functional level, salary, number of promotions, promotion speed, and satisfaction) at two levels (low and high). Furthermore, several items were added in order to determine each participant's career type and the extent to which they attached importance to organizational security.

The majority of participants still had rather “traditional” careers, although younger generations seemed to exhibit larger discrepancies between career preferences and actual career situation. Overall, satisfaction appeared to be the overriding criterion used to evaluate other people's career success. No significant differences were found between generations. With regard to importance attached to organizational security, the Silent Generation and Generation Y scored significantly higher than the other generations.

The convenience sampling strategy led to large differences in sample size per generation. Using a vignette design limited the amount and richness of information that could be offered to participants. Perhaps other criteria relevant to real‐life career success evaluation should have been incorporated in this study.

The study raises questions about the validity of career success operationalizations frequently used in research. It is the first study to examine career success evaluation by means of vignettes.

While many studies focusing on work values have been conducted, few of them were specifically focused on generational differences within the hospitality context. This study aims to explore the structure of hospitality management work values and the perceived differences among three generations of managers and supervisors in the hospitality industry.

A survey of 398 managers and supervisors from hospitality organizations in the USA was conducted.

A total of 15 work values were identified along with their hierarchical order. A four‐dimensional (comfort and security, professional growth, personal growth, and work environment) work value structure shared by hospitality workforce and generational differences in work values of the hospitality industry were found.

The findings of this study are limited to a managerial workforce of the hospitality industry in a US tourism destination.

Implications are drawn for industry to recruit and retain the managerial workforce using strategies designed to meet the preferences and needs perceived by three generations of managerial workforce.

There are three unique contributions: the uncovering of different priorities in work values across the three‐generation hospitality managers; the revelation of the four underlying dimensions of the structure of work values that represent the uniqueness of work values perceived by the hospitality managerial workforce; and the discovery of generational differences in work values in two of the four dimensions (i.e. personal growth and work environment) and the generational preference shift. These findings might contribute to the justification for different recruitment and retention strategies among various sectors of the hospitality industry according to generational value shifts.

The aim of this study is to analyze workforce attributes related to Industry 4.0 using fuzzy decision-making trial and evaluation laboratory (DEMATEL) and fuzzy combinative distance-based assessment (CODAS).

Technological trends stipulate various revolution in industries. Industry 4.0 is a vital challenge for modern manufacturing industries. Workforce adoption to such challenge is gaining vital importance. Therefore, such workforce-related attributes need to be identified for enhancing their performance in Industry 4.0 environment. In this context, this article highlights the analysis of 20 workforce attributes for Industry 4.0. Relevant criteria are prioritized using fuzzy DEMATEL. Workforce attributes are prioritized using fuzzy CODAS.

The key attributes are “Skills/training in decision-making (WA2)”, “Competences in complex system modelling and simulation (WA1)” and “Coding skills (WA20)”.

In the present study, 20 workforce attributes are being considered. In future, additional workforce attributes could be considered.

The study has been conducted based on inputs from industry experts. Hence, the inferences have practical relevance.

The analysis of workforce attributes for Industry 4.0 using MCDM methods is the original contribution of the authors.

In the last four years, since Volume I of this Bibliography first appeared, there has been an explosion of literature in all the main functional areas of business. This wealth of material poses problems for the researcher in management studies — and, of course, for the librarian: uncovering what has been written in any one area is not an easy task. This volume aims to help the librarian and the researcher overcome some of the immediate problems of identification of material. It is an annotated bibliography of management, drawing on the wide variety of literature produced by MCB University Press. Over the last four years, MCB University Press has produced an extensive range of books and serial publications covering most of the established and many of the developing areas of management. This volume, in conjunction with Volume I, provides a guide to all the material published so far.

Cybersecurity advocates safeguard their organizations by promoting security best practices. This paper aims to describe the skills and characteristics of successful advocates.

This study involved 28 in-depth interviews of cybersecurity advocates.

Effective advocates possess not only technical acumen but also interpersonal skills, communication skills context awareness and a customer service orientation.

Non-technical skills are deemphasized in cybersecurity training, limiting career progression into the cybersecurity advocate role for existing security professionals and those from other disciplines. This paper suggests improvements for professional development that encourage greater security workforce diversity.

To the best of the authors’ knowledge, this study is the first to define and enumerate competencies for the role of cybersecurity advocate.

The purpose of this paper is to explore the benefits and challenges of using a virtual learning community (VLC) as a vehicle for workforce development. This paper argues that VLCs provide a flexible vehicle for workforce development. However, workplace realities may lead to unexpected challenges for participants wanting exploit the flexibility of e‐learning technologies.

The case study is located in a strategic healthcare organisation in the UK. The study used a multi‐method approach to develop a rich picture of the VLC. Data were collected from a variety of sources (programme evaluation questionnaires, learning logs, discussion group messages and VLE tracking system) and analysed using quantitative and qualitative methods.

The findings indicate that while membership of a VLC offers new opportunities for collaboration, learning and working at a time and place that suits individuals it also offers many challenges. The following issues were identified as having an impact on effective participation in the VLC: motivation; time management; public/private boundaries; work/life balance; and access to ICT.

There are limitations in generalising from a particular case study. The use of a case study provides a depth to the study that helps to illuminate the experiences of individual e‐learners.

The findings have strategic implications for organisations planning to use VLCs to support workforce development. The study indicates the need for facilitators to enable participants to explore time and work/life balance issues. It highlights the importance of involving the managers of e‐learners in the negotiations involved in establishing a VLC. Finally, the study identified that employers need to provide protected time for e‐learners and that access to technology is an issue.

The research has value to managers who are considering using VLCs as a means of enhancing workforce development.

Industry 4.0 is regarded as a modern industrial phase wherein convergence between horizontal and vertical production systems, along with their interactions, would enable industries to obtain excellent industrial efficiency. This research thus explores the barriers relevant to Industry 4.0 and their cause and effect relations using the decision-making trial and evaluation laboratory (DEMATEL) technique, and this will assist in the implementation of Industry 4.0 in manufacturing industries.

A comprehensive literature review is carried out to outline the barriers for the Industry 4.0 implementation. The investigative techniques used in this research were conducted utilizing a questionnaire as an instrument for collecting data. The data collected were analysed using the method DEMATEL.

The findings indicate that key barriers to implementing Industry 4.0 include their cause and effect relationships. Reported “implementation costs” have been a critical barrier for Industry 4.0 implementation. Prioritization of barriers and their cause and effect relationships was achieved so that decision-makers could concentrate on overcoming such barriers for Industry 4.0 implementation.

The research is intended to assist executives in recognizing the barriers to Industry 4.0 implementation in their manufacturing industries. Furthermore, the strong functional and empirical importance of emerging and digital manufacturing technologies ensures that understanding the necessary barriers to implementation is important.

This is one of the first few empirical studies in the field of Indian manufacturing industries that uses the DEMATEL method framework as a foundation for recognizing cause-effect interactions among the barriers that affect Industry 4.0.