Search results

Social engineering is crucial in today’s digital landscape. As technology advances, malicious individuals exploit human judgment and trust. This study explores how age, education and occupation affect individuals’ awareness, skills and perceptions of social engineering.

A quantitative research approach was used to survey a diverse demographic of Egyptian society. The survey was conducted in February 2023, and the participants were sourced from various Egyptian social media pages covering different topics. The collected data was analyzed using descriptive and inferential statistics, including independent samples t-test and ANOVA, to compare awareness and skills across different groups.

The study revealed that younger individuals and those with higher education tend to research social engineering more frequently. Males display a higher level of awareness but score lower in terms of social and psychological consequences as well as types of attacks when compared to females. The type of attack cannot be predicted based on age. Higher education is linked to greater awareness and ability to defend against attacks. Different occupations have varying levels of awareness, skills, and psychosocial consequences. The study emphasizes the importance of increasing awareness, education and implementing cybersecurity measures.

This study’s originality lies in its focus on diverse Egyptian demographics, innovative recruitment via social media, comprehensive exploration of variables, statistical rigor, practical insights for cybersecurity education and diversity in educational and occupational backgrounds.

In the modern digital realm, while artificial intelligence (AI) technologies pave the way for unprecedented opportunities, they also give rise to intricate cybersecurity issues, including threats like deepfakes and unanticipated AI-induced risks. This study aims to address the insufficient exploration of AI cybersecurity awareness in the current literature.

Using in-depth surveys across varied sectors (N = 150), the authors analyzed the correlation between the absence of AI risk content in organizational cybersecurity awareness programs and its impact on employee awareness.

A significant AI-risk knowledge void was observed among users: despite frequent interaction with AI tools, a majority remain unaware of specialized AI threats. A pronounced knowledge difference existed between those that are trained in AI risks and those who are not, more apparent among non-technical personnel and sectors managing sensitive information.

This study paves the way for thorough research, allowing for refinement of awareness initiatives tailored to distinct industries.

It is imperative for organizations to emphasize AI risk training, especially among non-technical staff. Industries handling sensitive data should be at the forefront.

Ensuring employees are aware of AI-related threats can lead to a safer digital environment for both organizations and society at large, given the pervasive nature of AI in everyday life.

Unlike most of the papers about AI risks, the authors do not trust subjective data from second hand papers, but use objective authentic data from the authors’ own up-to-date anonymous survey.

Construction enterprises are achieving the goal of production safety by increasingly focusing on the critical factor of “human” and the impact of individual characteristics on safety performance. Emotional intelligence is categorized into three models: skill-based, trait-based and emotional learning systems. However, the mechanism of action and the internal relationship between emotional intelligence and safety performance must be further studied. This study intends to examine the internal mechanism of emotional intelligence on safety performance in construction projects, which would contribute to the safety management of construction enterprises.

A structural equation model exploring the relationship between emotional intelligence and safety performance is developed, with political skill introduced as an independent dimension, situational awareness presented as a mediator, and management safety commitment introduced as a moderator. Data were collected by a random questionnaire and analyzed by SPSS 24.0 and AMOS 26.0. The structural equation model tested the mediation hypothesis, and the PROCESS macro program tested the moderated mediation hypothesis.

The results showed that construction workers' emotional intelligence directly correlates with safety performance, and situational awareness plays a mediating role in the relationship between emotional intelligence and the safety performance of construction workers. Management safety commitment weakens the positive predictive relationships between emotional intelligence and situational awareness and between emotional intelligence and safety performance.

This research reveals a possible impact of emotional intelligence on safety performance. Adding political skills to the skill-based model of emotional intelligence received a test pass. Political skill measures the sincere and cooperative skills of construction workers. Using people as a critical element plays a role in the benign mechanism of “Emotional Intelligence – Situational Awareness – Safety Performance.” Improving emotional intelligence skills through training, enhancing situational awareness, understanding, anticipation and coordination and activating management environment factors can improve safety performance. Construction enterprises should evaluate and train workers' emotional intelligence to improve workers' situational awareness and safety performance.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

Cyber security has never been more important than it is today in an ever more connected and pervasive digital world. However, frequently reported shortages of suitably skilled and trained information system (IS)/cyber security professionals elevate the importance of delivering effective Security Education,Training and Awareness (SETA) programmes within organisations. Therefore, the purpose of this study is the questionable effectiveness of SETA programmes at changing employee behaviour and an absence of empirical studies on the critical success factors (CSFs) for SETA programme effectiveness.

This exploratory study follows a three-stage research design to give voice to practitioners with SETA programme expertise. Data is gathered in Stage 1 using semi-structured interviews with 20 key informants (the emergence of the CSFs), in Stage 2 from 65 respondents to a short online survey (the ranking of the CSFs) and in Stage 3 using semi-structured interviews with nine IS/cyber security practitioners (the emergence of the guiding principles). Using a multi-stage research design allows the authors to propose and evaluate the 11 CSFs for SETA programme effectiveness.

This study conducted a mean score analysis to evaluate the level of importance of each CSF within two independent groups of IS/cyber security professionals. This multi-stage analysis produces a ranked list of 11 CSFs for SETA programme effectiveness, while the difference in the rankings leads to the emergence of five CSF-specific guiding principles (to increase the likelihood of delivering an effective SETA programme within an organisational context). This analysis also reveals that most of the contradictions/differences in CSF rankings between IS/cyber security practitioners are linked to the design phase of the SETA programme life cycle. While two CSFs, “maintain quarterly evaluation of employee performance” (CSF-DS6) and “build security awareness campaigns” (CSF-EV1), represent the most significant contradiction in this study.

The 11 CSFs for SETA programme effectiveness, along with the five CSF-specific guiding principles, provide a greater depth of knowledge contributing to both theory and practice and lays the foundation for future studies. Therefore, the outputs of this study provide valuable insights on the areas that practice needs to get right to deliver effective SETA programmes.

Cyberattacks are becoming increasingly widespread, and cybersecurity is therefore increasingly important. Although the technological aspects of cybersecurity are its best-known characteristics, the cybersecurity phenomenon goes beyond the detection of technological impacts, and encompasses all the dimensions of an organization. This study thus focusses on an additional set of organizational elements. The key elements of cybersecurity organizational readiness depicted here are cybersecurity awareness, cybersecurity culture and cybersecurity organizational resilience (OR). This study aims to qualitatively assess small and medium enterprises’ (SMEs) overall level of organizational cybersecurity readiness.

This study focused on conducting a cybersecurity organizational readiness assessment using a sample of 53 Italian SMEs from the information and communication technology sector. Informed mixed method research, this study was conducted consistent with the principles of the explanatory sequential mixed method design, and adopting a quanti-qualitative methodology. The quantitative data were collected through a questionnaire. Qualitative data were subsequently collected through semi-structured interviews.

Although many elements of the technical aspects of cybersecurity OR have yielded very encouraging results, there are still some areas that require improvement. These include those facets that constitute the foundation of cybersecurity awareness, and, thus, a cybersecurity culture. This result highlights that the areas in need of improvement are exactly those that are most important in fighting against cyber threats via organizational cybersecurity readiness.

Although the importance of SMEs is obvious, evidence of such organizations’ attitudes to cybersecurity are still limited. This research is an attempt to depict the organizational issue related to cybersecurity, i.e. overall cybersecurity organizational readiness.

Neurodiversity refers to a spectrum of neurological differences. Little is known about the benefits and challenges of employing neurodivergent individuals in the retail industry and how knowing neurodivergent individuals/neurodiversity practices are linked to benefits/challenges. This study provides these insights using the lenses of the value-in-diversity perspective, stigma theory and intergroup contact theory.

Data were collected from an online survey of retail supervisors and co-workers from Australia, resulting in 502 responses from various retail organizations.

The findings indicate that supervisors have higher awareness of neurodiversity and perceived benefits of neurodivergent employees. Knowing neurodivergents was positively associated with perceived benefits and disclosure challenges and negatively associated with equity and inclusion challenges. Neurodiversity practices were positively associated with benefits of neurodivergent employees, negatively associated with disclosure challenges and equity and inclusion challenges in small stores, and positively associated with equity and inclusion challenges in large stores.

Current empirical research on workplace neurodiversity is scarce. This study provides pioneering evidence for awareness of workplace neurodiversity in the retail industry and the impact of knowing neurodivergent employees/neurodiversity practices on benefits and challenges. It differentiates between supervisors' and co-workers’ perceptions, highlighting the importance of exposure to information in reducing stigma.

Despite successfully adopting building information modelling (BIM) for design and construction, its adoption in post-construction is critically lagging. This study aims to investigate the adoption of BIM for post-construction in Nigeria. Specifically, it aims to investigate the barriers hindering BIM adoption, propose strategies to facilitate its integration into the post-construction phase and examine the relationship between the barriers and strategies towards adopting BIM for post-construction.

This study employs a quantitative approach to gather numerical data on BIM perceived barriers among International Facility Management Association (IFMA) members. The study also develops strategies from an extensive literature review and combines them with insights from preliminary investigation. The data were analysed using descriptive and inferential statistics.

The top perceived barriers among the professionals are lack of BIM awareness, software availability issues and difficulties using new technologies. Institute training/workshops on BIM software for the professionals in the organisation, including BIM software courses in various related professional exams, and encouraging adoption of BIM from the grassroots, such as higher institutions, emerge as the top strategies. The findings further show a significant relationship between the barriers and strategies, emphasising the recognition that understanding barriers prompts the active development and implementation of strategies.

This study holds originality in its examination of the relationship between the barriers and strategies associated with BIM adoption in Nigerian Architecture, Construction, Engineering and Operation.

A research line has emerged that is concerned with investigating human factors in information systems and cyber-security in organizations using various behavioural and socio-cognitive theories. This study aims to explore human and contextual factors influencing cyber security behaviour in organizations while drawing implications for cyber-security in higher education institutions.

A systematic literature review has been implemented. The reviewed studies have revealed various human and contextual factors that influence cyber-security behaviour in organizations, notably higher education institutions.

This review study offers practical implications for constructing and keeping a robust cyber-security organizational culture in higher education institutions for the sustainable development goals of cyber-security training and education.

The value of the current review arises in that it presents a comprehensive account of human factors affecting cyber-security in organizations, a topic that is rarely investigated in previous related literature. Furthermore, the current review sheds light on cyber-security in higher education from the weakest link perspective. Simultaneously, the study contributes to relevant literature by gaining insight into human factors and socio-technological controls related to cyber-security in higher education institutions.