Search results

This paper aims to investigate the influence of cybersecurity awareness and compliance attitudes on the protective behaviours exhibited by employees. This study also aims to explore the complex correlation between the level of awareness about cybersecurity measures and attitudes towards compliance with these measures. Additionally, it looks at how these factors collectively impact employees’ behaviour to protect organisational assets and information.

This study uses a quantitative research methodology in which primary data are gathered using a survey questionnaire distributed to personnel employed at Vietnamese organisations. The data are analysed, and the validity of the measurement and structural equation model is assessed using a partial least squares–structural equation model approach after the collection of all the survey responses.

The provision of policies and security education, training and awareness programmes are strongly and positively associated with cybersecurity awareness. Moreover, cybersecurity awareness plays an important role in shaping attitudes and intentions towards information security policy compliance (ISPC). Attitude is positively associated with intention towards ISPC and employee protective behaviour. Finally, the intention towards ISPC is significant in shaping employee protective behaviour.

This study contributes to the understanding of the antecedents of cybersecurity in developing countries such as Vietnam. Furthermore, it provides a comprehensive framework for understanding intention and protective behaviour through cybersecurity awareness and compliance attitudes. By combining the theory of planned behaviour and protection motivation theory with institutional governance, this study extends previous research on the effects of these variables on employee protective behaviour.

This paper aims to examine the conditions under which small and medium enterprises (SMEs) invest in security services when they migrate their e-commerce applications to the cloud environment. Using a risk management perspective, the paper assesses the impact of security service pricing, security incident prevalence and virulence to estimate SME security spending at the market level and draw out implications for SMEs and security service providers.

Security risks are inherently characterized by uncertainty. This study uses a Monte Carlo approach to understand the role of uncertainty in the decision to adopt security services. A model relating key security constructs is assembled based on key constructs from the domain. By manipulating security service costs and security incident types, the model estimates the market-level adoption of services, security incidents and damages incurred, along with measures of their relative dispersion.

Three key findings emerge from this study. First, adoption of services and protection is higher when tiered security services are provided, indicating that SMEs prefer to choose their security services rather than accept uniformly priced products. Second, SMEs are considered price-sensitive, resulting in a maximum level of spending in the market. Third, results indicate that security incidents and damages can be much higher than the mean in some cases, and this should serve as a cautionary note to SMEs.

Security spending has been modeled at the firm level. Adopting a market-level perspective represents a novel contribution. Additionally, the Monte Carlo approach provides managers with tangible measures of uncertainty, affording additional information and insight when making security service adoption decisions.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.

The purpose of this paper is to explore the current practices in security convergence among and between corporate security and cybersecurity processes in commercial enterprises.

This paper is the first phase in a planned multiphase project to better understand current practices in security optimization efforts being implemented by commercial organizations exploring means and methods to operate securely while reducing operating costs. The research questions being examined are: What are the general levels of interest in cybersecurity and corporate security convergence? How well do the perspectives on convergence align between organizations? To what extent are organizations pursuing convergence? and How are organizations achieving the anticipated outcomes from convergence?

In organizations, the evolution to a more optimized security structure, either merged or partnered, was traditionally due to unplanned or unforeseen events; e.g. a spin-off/acquisition, new security leadership or a negative security incident was the initiator. This is in contrast to a proactive management decision or formal plan to change or enhance the security structure for reasons that include reducing costs of operations and/or improving outcomes to reduce operational risks. The dominant exception was in response to regulatory requirements. Preliminary findings suggest that outcomes from converged organizations are not necessarily more optimized in situations that are organizationally merged under a single leader. Optimization may ultimately depend on the strength of relationships and openness to collaboration between management, cybersecurity and corporate security personnel.

This report and the number of respondents to its survey do not support generalizable findings. There are too few in each category to make reliable predictions and in analysis, there was an insufficient quantity of responses in most categories to allow supportable conclusions to be drawn.

Practitioners may find useful contextual clues to their needs for convergence or in response to directives for convergence from this report on what is found in some other organizations.

Improved effectiveness and/or reduced costs for organizational cybersecurity would be a useful social outcome as organizations become more efficient in the face of increasing levels of cyber security threats.

Convergence as a concept has been around for some time now in both the practice and research communities. It was initially promoted formally by ASIS International and ISACA in 2005. Yet there is no universally agreed-upon definition for the term or the practices undertaken to achieve it. In addition, the business drivers and practices undertaken to achieve it are still not fully understood. If convergence or optimization of converged operations offers a superior operational construct compared to other structures, it is incumbent to discover if there are measurable benefits. This research hopes to define the concept of security collaboration optimization more fully. The eventual goal is to develop and promote a tool useful for organizations to measure where they are on such a continuum.

The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security practices. The purpose of this study is to examine how objective cyber awareness is distributed throughout society.

This study draws on a large national survey of adults to examine the relationship between individual factors – such as demographic attributes and socioeconomic resources – and information security awareness. The study estimates several statistical models using weighted logistic regression to model objective information security awareness.

The results indicate that socioeconomic resources such as income and education have a significant effect on individuals’ information security awareness with richer and more highly educated individuals exhibiting greater awareness of important security practices and tools. Additionally, age and gender represent consistent and clear informational gaps in society as older individuals and females are significantly less knowledgeable about an array of information security practices than younger individuals and males, respectively.

The findings have important implications for our understanding of information security behavior and user vulnerability in an increasingly digital and connected society. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks. While digital technology will continue to permeate many aspects of daily life – from financial transactions to health services to social interactions – the findings here indicate that some users may be far more exposed and vulnerable to attack than others.

This study contributes to our understanding of general user information security awareness using a large survey and statistical models to generalize about the public’s information security awareness across multiple domains and stimulates future research on public knowledge of information security. The findings indicate that some users may be far more exposed and vulnerable to attack than others. Despite the growing importance of cybersecurity for all individuals in nearly all domains of daily life, there is substantial inequality in awareness about secure cyber practices and the tools and techniques used to protect one’s self from attacks.

The purpose of this study is to examine how the tourism economy affects local food availability, access, utilization and stability in dessert-prone agricultural heritage sites. Specifically, the study aims to explore the relationship between the tourism industry and local agricultural practices and how this connection influences food security in the Siwa Oasis, located in the Western Desert of Egypt.

The study employs a qualitative exploratory research design using in-depth interviews and focus groups to investigate the impact of the tourism economy on food security and identify potential benefits and limitations for food security in the region.

The research reveals that the tourism economy in Siwa Oasis has only a marginal contribution to food security. The study highlights a lack of a strong connection between the tourism industry and local agricultural practices within the heritage site. As a result, the potential benefits and synergies that could be achieved between tourism and agriculture have not been fully realized, leading to a limited impact on food stability.

This study primarily relies on qualitative data from Siwa Oasis, Egypt, which may limit the generalizability of findings beyond this specific context. Additionally, while the study provides valuable insights into the complex relationship between tourism and food security, it does not quantitatively measure the magnitude of tourism's impact. Future research could incorporate quantitative methods for a more comprehensive understanding of this relationship in diverse desert-prone regions. Finally, the study highlights the need for more integrated approaches to enhance food security through tourism, but the specific strategies and policy recommendations require further investigation and adaptation to local contexts.

This study underscores the need for tourism development strategies that prioritize food security in desert-prone areas like Siwa Oasis. Policymakers and stakeholders should promote sustainable tourism practices that enhance local agriculture, create diversified income sources and foster equitable benefits for communities. Moreover, recognizing the seasonal nature of tourism, interventions to address food shortages during off-peak periods are crucial. Efforts should also focus on skill development and gender-inclusive opportunities within the tourism sector to ensure broader community participation. Additionally, collaborations between tourism and agriculture should be encouraged to optimize food availability and stability while preserving cultural food traditions.

This study adds original insights by examining the specific impact of the tourism economy on food security in dessert-prone agricultural heritage sites. The study's originality lies in its exploration of the untapped potential for synergy between the tourism and agricultural sectors and the implications for local food security. This research contributes to understanding how tourism can improve food security in specific contexts and provides valuable insights into sustainable development in heritage sites.

Security assurance evaluation (SAE) is a well-established approach for assessing the effectiveness of security measures in systems. However, one aspect that is often overlooked in these evaluations is the assurance context in which they are conducted. This paper aims to explore the role of assurance context in system SAEs and proposes a conceptual model to integrate the assurance context into the evaluation process.

The conceptual model highlights the interrelationships between the various elements of the assurance context, including system boundaries, stakeholders, security concerns, regulatory compliance and assurance assumptions and regulatory compliance.

By introducing the proposed conceptual model, this research provides a framework for incorporating the assurance context into SAEs and offers insights into how it can influence the evaluation outcomes.

By delving into the concept of assurance context, this research seeks to shed light on how it influences the scope, methodologies and outcomes of assurance evaluations, ultimately enabling organizations to strengthen their system security postures and mitigate risks effectively.

This study aims to explore the impact of systematic liquidity risk on the averaged cross-sectional equity return of the Indian equity market. It also examines the effects of illiquidity and decomposed illiquidity on the conditional volatility of the equity market.

The present study employs the Liquidity Adjusted Capital Asset Pricing Model (LCAPM) for pricing systematic liquidity risk using the Fama & MacBeth cross-sectional regression model in the Indian stock market from January 1, 2012, to March 31, 2021. Further, the study employed an exponential generalized autoregressive conditional heteroscedastic (1,1) model to observe the impact of decomposed illiquidity on the equity market’s conditional volatility. The study also uses the Ordinary Least Square (OLS) model to illuminate the return-volatility-liquidity relationship.

The study’s findings indicate that the commonality between individual security liquidity and aggregate liquidity is positive, and the covariance of individual security liquidity and the market return negatively affects the expected return. The study’s outcome specifies that illiquidity time series analysis exhibits the asymmetric effect of directional change in return on illiquidity. Further, the study indicates a significant impact of illiquidity and decomposed illiquidity on conditional volatility. This suggests an asymmetric effect of illiquidity shocks on conditional volatility in the Indian stock market.

This study is one of the few studies that used the World Uncertainty Index (WUI) to measure liquidity and market risks as specified in the LCAPM. Further, the findings of the reverse impact of illiquidity and decomposed higher and lower illiquidity on conditional volatility confirm the presence of price informativeness and its immediate effects on illiquidity in the Indian stock market. The study strengthens earlier studies and offers new insights into stock market liquidity to clarify the association between liquidity and stock return for effective policy and strategy formulation that can benefit investors.

This study aims to measure the status of rural household food security across regions using multidimensional indicators. It also aims to identify the determinants of rural household food security in Ethiopia.

The study adopted descriptive and explanatory designs. It used data from the fourth wave of the Ethiopian socioeconomic survey that has 3,115 respondents. The authors constructed household food security index using variables that capture availability, access, utilization and stability dimensions of food security. The authors categorized households into relative food security groups, namely, alarming and moderately food insecure, as well as moderately and highly food secure. Beta regression model, which is widely used to analyze response variables that assume values between 0 and 1, is used to estimate the determinants of food security.

The study finds that 77.7% of rural households are food insecure. Of this, 90% are moderately food insecure. Regional variations in magnitude of food security showed that Harari, Gambella and Benshanguel Gumuz regional states are relatively better-off than other regions in Ethiopia. The study identified sex, education level, marital status, location and wealth status of households as significant determinants of food security.

This study sheds light on regional variations in multidimensional food security in Ethiopia. It thus challenged previous estimates of food security using uni-dimensional indicator. It highlighted the need for region-specific analysis of determinants and a follow up of tailored regional interventions.

The peer review history for this article is available at: https://publons.com/publon/10.1108/IJSE-02-2023-0139

The paper aims to explore the role of union strategic influence on the adoption of High Performance Work Systems (HPWS) in organisations and examines how the effects of job security and then in turn the industrial relations climate, mediate this relationship in a serial manner.

The research analyses an original quantitative survey of union negotiators and representatives in 382 workplaces in England. The analysis employs structural equation modelling techniques to examine the relationships between union influence, job security, industrial relations climate and HPWS.

Union strategic influence has a positive effect on the take up of HPWS in unionised workplaces. Job security and the industrial relations climate demonstrate a serial mediation effect between union strategic influence and the take up of HPWS: union strategic influence has a positive effect on job security, which in turn positively impacts the industrial relations climate, thereby increasing the likelihood of the adoption of HPWS. The findings for the industrial relations climate are particularly strong.

Findings suggest that organisations will benefit from focussing on the development of positive industrial relations, where unions have genuine strategic influence, because this maximises the likelihood that HPWS can be adopted and sustained.

The paper provides a novel focus on the take up of HPWS within unionised workplaces. It focusses on the role of union strategic influence and the mediating effects of job security and the industrial relations climate, which are contextual factors that have been underexplored in the HPWS literature to date.