Search results

1 – 10 of 24
To view the access options for this content please click here
Article
Publication date: 11 February 2019

Melissa Carlton, Yair Levy and Michelle Ramim

Users’ mistakes due to poor cybersecurity skills result in up to 95 per cent of cyber threats to organizations. Threats to organizational information systems continue to…

Downloads
1003

Abstract

Purpose

Users’ mistakes due to poor cybersecurity skills result in up to 95 per cent of cyber threats to organizations. Threats to organizational information systems continue to result in substantial financial and intellectual property losses. This paper aims to design, develop and empirically test a set of scenarios-based hands-on tasks to measure the cybersecurity skills of non-information technology (IT) professionals.

Design/methodology/approach

This study was classified as developmental in nature and used a sequential qualitative and quantitative method to validate the reliability of the Cybersecurity Skills Index (CSI) as a prototype-benchmarking tool. Next, the prototype was used to empirically test the demonstrated observable hands-on skills level of 173 non-IT professionals.

Findings

The importance of skills and hands-on assessment appears applicable to cybersecurity skills of non-IT professionals. Therefore, by using an expert-validated set of cybersecurity skills and scenario-driven tasks, this study established and validated a set of hands-on tasks that measure observable cybersecurity skills of non-IT professionals without bias or the high-stakes risk to IT.

Research limitations/implications

Data collection was limited to the southeastern USA and while the sample size of 173 non-IT professionals is valid, further studies are required to increase validation of the results and generalizability.

Originality/value

The validated and reliable CSI operationalized as a tool that measures the cybersecurity skills of non-IT professionals. This benchmarking tool could assist organizations with mitigating threats due to vulnerabilities and breaches caused by employees due to poor cybersecurity skills.

Details

Information & Computer Security, vol. 27 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

Content available
Article
Publication date: 14 July 2021

Molly Cooper, Yair Levy, Ling Wang and Laurie Dringus

This study introduces the concept of audiovisual alerts and warnings as a way to reduce phishing susceptibility on mobile devices.

Abstract

Purpose

This study introduces the concept of audiovisual alerts and warnings as a way to reduce phishing susceptibility on mobile devices.

Design/methodology/approach

This study has three phases. The first phase included 32 subject matter experts that provided feedback toward a phishing alert and warning system. The second phase included development and a pilot study to validate a phishing alert and warning system prototype. The third phase included delivery of the Phishing Alert and Warning System (PAWSTM mobile app) to 205 participants. This study designed, developed, as well as empirically tested the PAWSTM mobile app that alerted and warned participants to the signs of phishing in emails on mobile devices.

Findings

The results of this study indicated audio alerts and visual warnings potentially lower phishing susceptibility in emails. Audiovisual warnings appeared to assist study participants in noticing phishing emails more easily and in less time than without audiovisual warnings.

Practical implications

This study's implications to mitigation of phishing emails are key, as it appears that alerts and warnings added to email applications may play a significant role in the reduction of phishing susceptibility.

Originality/value

This study extends the existing information security body of knowledge on phishing prevention and awareness by using audiovisual alerts and warnings to email recipients tested in real-life applications.

Details

Organizational Cybersecurity Journal: Practice, Process and People, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2635-0270

Keywords

To view the access options for this content please click here
Article
Publication date: 10 March 2021

Yair Levy and Ruti Gafni

This paper aims to introduce the concept of cybersecurity footprint.

Abstract

Purpose

This paper aims to introduce the concept of cybersecurity footprint.

Design/methodology/approach

Characteristics of cybersecurity footprint are presented based on documented cases, and the domino effect of cybersecurity is illustrated. Organizational and individual cybersecurity footprints are outlined. Active and passive – digital vs cybersecurity footprints are then reviewed. Taxonomy of aware/unaware vs active/passive cybersecurity footprints are presented, followed by brief discussion of the implications for future research.

Findings

The concept of cybersecurity footprint is defined, and the evidence from prior cyber incidents is shown to emphasize the concept. Smaller organizations may have a large cybersecurity footprint, whereas larger organizations may have smaller one. Cyberattacks are focusing on the individuals or small organizations that are in the supply chain of larger organizations causing the domino effect.

Practical implications

Implications of cybersecurity footprint to individuals, organizations, societies and governments are discussed. The authors present organizations with ways to lower cybersecurity footprint along with recommendations for future research.

Social implications

Cybersecurity has a significant social implication worldwide, as the world is becoming cyber dependent. With the authors’ introduction of the cybersecurity footprint concept and call to further understand how organizations can measure and reduce it, the authors envision it as another perspective of assessing cyber risk and further help mitigate future cyber incidents.

Originality/value

This paper extends the existing information and computer security body of knowledge on the concept of cybersecurity footprint with illustrated cases.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 11 November 2019

Anthony Duke Giwah, Ling Wang, Yair Levy and Inkyoung Hur

The purpose of this paper is to investigate the information security behavior of mobile device users in the context of data breach. Much of the previous research done in…

Abstract

Purpose

The purpose of this paper is to investigate the information security behavior of mobile device users in the context of data breach. Much of the previous research done in user information security behavior have been in broad contexts, therefore creating needs of research that focuses on specific emerging technologies and trends such as mobile technology.

Design/methodology/approach

This study was an empirical study that gathered survey data from 390 mobile users. Delphi study and pilot study were conducted prior to the main survey study. Partial Least Square Structural Equation Modeling was used to analyze the survey data after conducting pre-analysis data screening.

Findings

This study shows that information security training programs must be designed by practitioners to target the mobile self-efficacy (MSE) of device users. It also reveals that practitioners must design mobile device management systems along with processes and procedures that guides users to take practical steps at protecting their devices. This study shows the high impact of MSE on users’ protection motivation (PM) to protect their mobile devices. Additionally, this study reveals that the PM of users influences their usage of mobile device security.

Originality/value

This study makes theoretical contributions to the existing information security literature. It confirms PM theory’s power to predict user behavior within the context of mobile device security usage. Additionally, this study investigates mobile users’ actual security usage. Thus, it goes beyond users’ intention.

Details

Journal of Intellectual Capital, vol. 21 no. 2
Type: Research Article
ISSN: 1469-1930

Keywords

To view the access options for this content please click here
Article
Publication date: 29 March 2011

Yair Levy, Michelle M. Ramim, Steven M. Furnell and Nathan L. Clarke

Concerns for information security in e‐learning systems have been raised previously. In the pursuit for better authentication approaches, few schools have implemented…

Abstract

Purpose

Concerns for information security in e‐learning systems have been raised previously. In the pursuit for better authentication approaches, few schools have implemented students' authentication during online exams beyond passwords. This paper aims to assess e‐learners' intention to provide multibiometric data and use of multibiometrics during online exams.

Design/methodology/approach

Based on data collected from 163 e‐learners from two institutions, the authors compared such measures when provided by their university versus by a third‐party service vendor. The multibiometrics discussed included fingerprint, face, and voice recognition.

Findings

The results show a clear indication by the learners that they are significantly more willing to provide their biometric data and intend to use multibiometrics when provided by their university compared with same services provided by a third‐party vendor.

Research limitations/implications

Research implications include the need for better understanding of multibiometrics implementations in educational settings.

Practical implications

The findings are profound for vendors of multibiometrics as they must adjust their approach when implementing such technologies at higher educational institutions, rather than simply opt to license the use of such solutions and to host them.

Originality/value

This study helps higher educational institutions better understand that learners do not appear to object to the use of multibiometrics technologies during online exams, rather the way in which such technologies are implemented and managed on‐campus.

Details

Campus-Wide Information Systems, vol. 28 no. 2
Type: Research Article
ISSN: 1065-0741

Keywords

To view the access options for this content please click here
Article
Publication date: 17 March 2014

Ally Lee and Yair Levy

– The purpose of this paper is to investigate the effect of information quality (IQ) on citizens ' trust in e-government systems.

Downloads
1569

Abstract

Purpose

The purpose of this paper is to investigate the effect of information quality (IQ) on citizens ' trust in e-government systems.

Design/methodology/approach

This study used a mixed-method approach. In the first phase, the study drew IQ characteristics from the literature pool and then administered a qualitative questionnaire to a sample of 20 citizens who use e-government systems. In the second phase, the study delivered a quantitative survey via web to a group of about 1,000 citizens.

Findings

This two-phased study uncovered citizens ' perceived IQ factors and determined the influence of the IQ factors on trust in e-government systems.

Research limitations/implications

There were some limitations to the study. Citizen ' s demographics, along with the type of e-government interaction, were not taken into consideration.

Practical implications

Understanding IQ characteristics that improve trust would enhance the relationship between citizens and e-government systems, as well as aide in the design and development of such systems.

Originality/value

This paper applied an established IQ framework, and used the value focus approach in assessing IQ characteristics that effect citizens ' trust in e-government systems.

Details

Transforming Government: People, Process and Policy, vol. 8 no. 1
Type: Research Article
ISSN: 1750-6166

Keywords

Content available
Article
Publication date: 17 March 2014

Zahir Irani and Muhammad Kamal

Downloads
123

Abstract

Details

Transforming Government: People, Process and Policy, vol. 8 no. 1
Type: Research Article
ISSN: 1750-6166

To view the access options for this content please click here
Article
Publication date: 11 January 2013

Khalid Arar and Khaled Abu‐Asbah

This paper aims to provide useful insights into educational under‐achievement among Palestinian Arab citizens of Israel (PAI), investigating the perceptions of local…

Downloads
1560

Abstract

Purpose

This paper aims to provide useful insights into educational under‐achievement among Palestinian Arab citizens of Israel (PAI), investigating the perceptions of local educational administrators (LEAs) towards the education system and its modus vivendi, to uncover difficulties and suggest directions to improve the processes and achievements of the PAI education system.

Design/methodology/approach

Qualitative interviews were conducted with 16 stakeholders in local education (mayors, education department managers; school principals and parents’ representatives) in four Arab local governments in Israel to elucidate attitudes toward education.

Findings

The small random sample cannot claim to be representative however worrying problems were revealed: deficient resources in comparison to the Jewish education system; an ineffective political culture in local government; inferior status and problematic functioning of Arab education department heads and lack of inclusion of professionals and parents in decision‐making. These factors negatively impact the education system and its products.

Originality/value

The paper suggests local government should determine appropriate local policy, positioning education as a high priority with efficient education departments, more professional staff, and suitable education programs. Additionally state government should provide equal resources for the Arab education system, to lever Arab education in Israel.

Details

International Journal of Educational Management, vol. 27 no. 1
Type: Research Article
ISSN: 0951-354X

Keywords

To view the access options for this content please click here
Article
Publication date: 18 December 2017

Keith Goldstein, Angela Vatalaro and Gad Yair

The purpose of this paper is to refute See and Gorard’s paper published in this journal in 2015 which argues that parent-based interventions for school readiness are ineffective.

Abstract

Purpose

The purpose of this paper is to refute See and Gorard’s paper published in this journal in 2015 which argues that parent-based interventions for school readiness are ineffective.

Design/methodology/approach

Methods and results from 107 studies that were cited in See and Gorard (2015a) and associated reports were reviewed. Evaluations were made based on comparing the original studies with the summaries of those studies in the publication.

Findings

In this rebuttal, the authors show how See and Gorard erred to correctly report methods, sample sizes, outcomes measured, and the actual results of prior research.

Practical implications

The authors suggest that See and Gorard do not provide solid evidence within their article to back up their claims about parent intervention programs. This rigorous review of See and Gorard’s primary sources reveals that the empirical evidence stands contrary to the claims being made. See and Gorard inaccurately reviewed publications which contradict their conclusions, and they relied on a vast amount of unpublished papers by students to support their claims.

Originality/value

The authors demonstrate how See and Gorard misapplied their own standards of evaluation; the authors claim that their source materials contradict the “finding” they purport to present; and the authors argue that they chose lesser known studies when more reputable ones were available.

To view the access options for this content please click here
Book part
Publication date: 3 May 2011

Arie Y. Lewin

In the late 1990s, Yair Aharoni was one of the early international business scholars who spearheaded exploration of FDI in services. This chapter reviews a more recent…

Abstract

In the late 1990s, Yair Aharoni was one of the early international business scholars who spearheaded exploration of FDI in services. This chapter reviews a more recent development of trade in business services that involves the demand for and the emergence of a global sourcing industry for business services such as business processes, information technology infrastructure, software development, engineering services, innovation (product development and design, technology and process breakthrough, etc.), marketing and sales (e.g., customer relationships management), human resource management, contact centers, and knowledge process outsourcing. The chapter is based to a large extent on findings from the longitudinal international Offshoring Research Network (ORN) project, which was initiated in 2004 by the Duke University, Fuqua School of Business Center for international Business Education and Research (CIBER).

Details

The Future of Foreign Direct Investment and the Multinational Enterprise
Type: Book
ISBN: 978-0-85724-555-7

Keywords

1 – 10 of 24