Search results

Although cloud storage services can bring users valuable convenience, they can be technically complex and intrinsically insecure. Therefore, this research explores the concerns of academic users regarding cloud security and technical issues and how such problems may influence their continuous use in daily life.

This qualitative study used a semi-structured interview approach comprising six main open-ended questions to explore the information security and technical issues for the continuous use of cloud storage services by 20 undergraduate students in Hong Kong.

The analysis revealed cloud storage service users' major security and technical concerns, particularly synchronization and backup issues, were the most significant technical barrier to the continuing personal use of cloud storage services.

Existing literature has focused on how cloud computing services could bring benefits and security and privacy-related risks to organizations rather than security and technical issues of personal use, especially in the Asian academic context.

We provide evidence of stock market performance prior to announcements of the assuance or retirement of securities which is consistent with Myers and Majluf [1984] and Miller and Rock [1985]. Stocks of firms issuing seasoned common equity are significantly over‐valued in the market prior to the issue, but in the year following, decline to their original level. Stocks of firms issuing convertible debt also are over‐valued, but to a lesser degree than that of firms issuing seasoned equity. Stock of firms issuing straight debt appears to be neither over‐valued nor undervalued. The after‐market firm performance, measured by earnings, cash flows or dividends, is consistent with Miller and Rock. We document a decline in after‐market performance for firms issuing convertible or straight debt and an improvement for those repurchasng shares. However, contrary to predictions, we find that firms issuing seasoned equity do not have lower earnings or cash flows in the following year, and increase their rate of dividend payment as well. We document evidence indicating that firms issue equity to maintain or increase dividends. The market anticipates the dividend increase and shows no response to announcements of dividend changes following an equity issue. However, we are unable to explain why the market reacts in such a negative manner to equity issues, when the after‐market performance of the firm is as expected.

This paper aims to investigate how firms from emerging economies choose among different international bond markets: global, US144A and Eurobond markets. The authors explore if the ranking in regulatory stringency –global bonds have the most stringent regulations and Eurobonds have the most lenient regulations – leads to a segmentation of borrowers.

The authors use a novel data set from emerging economy firms, treating them as consolidated entities. The authors also obtain descriptive evidence and perform univariate non-parametric analyses, conditional and multinomial logit analyses to study firms’ marginal debt choice decisions.

The authors show that firms with poorer credit quality, less ability to absorb flotation costs and more informational asymmetries issue debt in US144A and Eurobond markets. On the contrary, firms issuing global bonds – subject to full Securities and Exchange Commission requirements – are financially sounder and larger. This exercise also shows that following the global crisis, firms from emerging economies are more likely to tap less regulated debt markets.

This is, to the authors’ knowledge, the first study that examines if the ranking in stringency of regulation – global bonds have the most stringent regulations and Eurobonds have the most lenient regulations – is consistent with an ordinal choice by firms. The authors also explore if this ranking is monotonic in all determinants or there are firm-specific features which make firms unlikely to borrow in a given market. Finally, the authors analyze if there are any changes in the debt-choice behavior of firms after the global financial crisis.

This study/ paper aims to empirically examine the user attitude on perceived security of enterprise systems (ES) mobility. Organizations are adopting mobile technologies for various business applications including ES to increase the flexibility and to gain sustainable competitive advantage. At the same time, end-users are exposed to security issues when using mobile technologies. The ES have seen breaches and malicious intrusions thereby more sophisticated recreational and commercial cybercrimes have been witnessed. ES have seen data breaches and malicious intrusions leading to more sophisticated cybercrimes. Considering the significance of security in ES mobility, the research questions in this study are: What are the security issues of ES mobility? What are the influences of users’ attitude towards those security issues? What is the impact of users’ attitude towards security issues on perceived security of ES mobility?

These questions are addressed by empirically testing a security model of mobile ES by collecting data from users of ES mobile systems. Hypotheses were evolved and tested by data collected through a survey questionnaire. The questionnaire survey was administered to 331 users from Chinese small and medium-sized enterprises (SME). The data was statistically analysed by tools such as correlation, factor analysis, regression and the study built a structural equation model (SEM) to examine the interactions between the variables.

The study results have identified the following security issues: users’ attitude towards mobile device security issues; users’ attitude towards wireless network security issues; users’ attitude towards cloud computing security issues; users’ attitude towards application-level security issues; users’ attitude towards data (access) level security issues; and users’ attitude towards enterprise-level security issues.

The study results are based on a sample of users from Chinese SMEs. The findings may lack generalizability. Therefore, researchers are encouraged to examine the model in a different context. The issues requiring further investigation are the role of gender and type of device on perceived security of ES mobile systems.

The results show that the key security issues are related to a mobile device, wireless network, cloud computing, applications, data and enterprise. By understanding these issues and the best practices, organizations can maintain a high level of security of their mobile ES.

Apart from understanding the best practices and the key issues, the authors suggest management and end-users to work collaboratively to achieve a high level of security of the mobile ES.

This is an empirical study conducted from the users’ perspective for validating the set of research hypotheses related to key security issues on the perceived security of mobile ES.

The purpose of this paper is to rank the users’ attitude on major components of mobile cloud computing (MCC) security and investigate the degree of impact of these components on MCC security as a whole.

Hypotheses were evolved and tested by data collected through an online survey-questionnaire. The survey was administered to 363 users from Chinese organizations. Statistical analysis was carried out and structural equation model was built to validate the interactions.

The eight components of MCC security in the order of importance are as follows: mobile device related, user identity related, deployment model related, application-level security issues, data related, virtualization related, network related and service delivery related. The empirical analysis validates that these security issues are having significant impact on perceived security of MCC.

Constant vigilance on these eight issues and improving the level of user awareness on these issues enhance the overall security.

These issues can be used for designing and developing secured MCC system.

While several previous research has studied various security factors in the MCC security domain, a consolidated understanding on the different components of MCC security is missing. This empirical research has identified and ranked the major components of MCC security. The degree of impact of each of these components on overall MCC security is identified. This provides a different perspective for managing MCC security by explaining what components are most important.

This paper aims to present four blue-sky ideas for lowering the cost of the Government of Canada’s debt without increasing the debt’s risk profile.

The authors argue that each idea would improve the secondary-market liquidity of government debt, thereby increasing the demand for government bonds, and thus, lowering their cost at issuance.

The first two ideas would improve liquidity by enhancing the active management of the government’s debt through market operations used to support the liquidity of outstanding bonds. The second two ideas would simplify the set of securities issued by the government, concentrating issuance in a smaller set of bonds that would each be more highly traded.

The authors discuss the ideas and give an account of the political, legal and operational impediments.

The purpose of this paper is to attempt to fill the need to identify critical information security issues at national level, both technical and social in the Indian context, and create a framework of these issues to provide interesting managerial insights about their hierarchy. Current literature advocates relevance of both technical and social issues in a potential framework to address national and organizational information security concerns. Such a framework can guide users in developing insight for strategy in the maize of important information security issues and their intricate interdependency.

Delphi methodology is used to identify a set of topical issues with help from members of a cyber security group. These issues are further analyzed using Interpretive Structural Modeling (ISM) to impose order and direction to the complex relationships among them.

The analysis using ISM creates a framework of these issues and provides interesting managerial insights about their hierarchy. These insights are used to recommend prioritized action for information security at national and organizational levels.

The highlight of this research is ingenious deployment of two idea engineering methods in developing interpretable structural model of 25 information security issues. This model provides valuable insights and can guide the policy formulation. This is the key contribution of this paper. It needs hardly any emphasis on the need for continuous search of all technical and social issues and formulating policies and programs using experts” judgment in a rigorous manner. Subsequent research may scale up to the global level for extension and validation by empanelling Delphi experts from nations belonging to different regions. Time-variant analysis can be attempted with the help of System Dynamics Modeling using causal-loop diagrams to account for the supportive and inhibiting influences of various issues. This approach has the potential to generate more realistic insights that can inform policy formulation.

It brings about key information security issues connected with its various facets, viz. national/organizational level initiatives, supportive processes, capabilities and objectives. These issues, identified by Indian experts in the Indian context, offer a method that one could apply in other national contexts and see whether substantial differences occur, and how other experts prioritize these issues. The analysis of social issues along with technical issues using the ISM tool provides us insights that are considered applicable to a larger context than India. The policy and program formulations in other nations can benefit from the insights generated by this research. The fast-paced proliferation of technology and its resultant vulnerabilities have given birth to an underground economy of malware trading by criminals, terrorists and hostile nation states. Secure cyber space for legitimate use by the globalized world can only be achieved by international cooperation.

A “digital divide” in cyber defense cannot be afforded. As explained earlier, cyber security is a challenge for both developed and developing nations. Prioritization of resources in a sequence suggested by ISM analysis would help face the challenge of cyber security better. The methodology suggested in this paper would ensure adequate response to cyber threats and eliminate knee-jerk reaction.

This research emphasizes identification of hierarchical relationship among the identified topical issues of information security rather than using them as a flat checklist. It helps us segregate the end objectives from root issues and highlights the necessity of addressing these root issues to achieve those objectives.

Railways are a well-known example of complex critical infrastructure, incorporating socio-technical systems with humans such as drivers, signallers, maintainers and passengers at the core. The technological evolution including interconnectedness and new ways of interaction lead to new security and safety risks that can be realised, both in terms of human error, and malicious and non-malicious behaviour. This study aims to identify the human factors (HF) and cyber-security risks relating to the role of signallers on the railways and explores strategies for the improvement of “Digital Resilience” – for the concept of a resilient railway.

Overall, 26 interviews were conducted with 21 participants from industry and academia.

The results showed that due to increased automation, both cyber-related threats and human error can impact signallers’ day-to-day operations – directly or indirectly (e.g. workload and safety-critical communications) – which could disrupt the railway services and potentially lead to safety-related catastrophic consequences. This study identifies cyber-related problems, including external threats; engineers not considering the human element in designs when specifying security controls; lack of security awareness among the rail industry; training gaps; organisational issues; and many unknown “unknowns”.

The authors discuss socio-technical principles through a hexagonal socio-technical framework and training needs analysis to mitigate against cyber-security issues and identify the predictive training needs of the signallers. This is supported by a systematic approach which considers both, safety and security factors, rather than waiting to learn from a cyber-attack retrospectively.