Search results

Most research ethic review procedures refer to the principles of safety and security only as sub-criteria of other ethical principles such as the protection of human subjects in research, thereby ignoring the public good aspect of safety and security. In addition, Research Ethics Review Committees (RECs) are usually dominated by philosophers, ethicists, medical doctors, and lawyers with limited practical backgrounds in safety and security risk management. This gap of knowledge restricts ethics reviews in carrying out project-specific safety and security risk management and defers this responsibility to lawmakers and national legal authorities. What might be sufficient in well-regulated and well-understood environments, such as the safety of individuals during clinical research, is insufficient in managing rapidly changing and emerging risks – such as with emerging biotechnologies – as well as addressing the public good dimension of safety and security.

This chapter considers governance approaches to safety and security in research. It concludes that legal mechanisms are insufficient to cope with the complexity of and the fast progress made in emerging technologies. The chapter also addresses the role and potential of research ethics as a safety and security governance approach. It concludes that research ethics can play an important role in the governance of such risks arising from emerging technologies, for example through fundamental rights and public good considerations. However, in reality the current capacity of ethics in the safety and security governance of emerging technologies is limited. It is argued that in newly emerging areas of research currently applied legal compliance–based approaches are insufficient. Instead, inclusion of fundamental risk management knowledge and closer interactions between scientists, safety, and security experts are needed for effective risk management. Safety and Security Culture provide frameworks for such interactions and would well complement the current legal compliance–based governance approaches in research ethics.

The purpose of this paper is to present a qualitative methodological model applied in the human security research in local communities as a part of a wider community‐based participatory research (CBPR).

This paper synthesizes methodological experience from four empirical researches where a qualitative model of studying the security indicators in the local communities of Serbia has been applied. The paper presents how to apply qualitative approach and indicates its potentials, and suggests how to implement the study, design the sample plan and analyse obtained data.

The research of complex phenomenon of social perception of security demands a complementary approach strategy. At the most general level, it means the application of quantitative and qualitative research methods in order to achieve an integral insight into the self‐reflection of citizens about their individual and collective security.

The methodological experience from four conducted investigations on which this paper is based, gives only an initial foundation for the creation of a successful model of security appraisal. Further elaboration of this model demands inclusion of the findings from other surveys.

The suggested model may be further developed as well as in the sense of methodological subtilization, and as a practical model for the appraisal of security condition in a local community. This would be the starting point for creating strategies and their operationalization into specific action plans, in order to improve those indicators, which are established as expressing some form of security threat in the local communities studied.

By complementary application of qualitative and quantitative research perspective (using CBPR approach), we can get profound insights into the causes and character of security threats inside communities. Through application of this approach we get deeper understanding of comparable and representative (in)security survey findings, as well as significant participant's opinions about a potential model of action for improving their security and safety.

In many security domains, the ‘human in the system’ is often a critical line of defence in identifying, preventing and responding to any threats (Saikayasit, Stedmon, & Lawson, 2015). Traditionally, such security domains are often focussed on mainstream public safety within crowded spaces and border controls, through to identifying suspicious behaviours, hostile reconnaissance and implementing counter-terrorism initiatives. More recently, with growing insecurity around the world, organisations have looked to improve their security risk management frameworks, developing concepts which originated in the health and safety field to deal with more pressing risks such as terrorist acts, abduction and piracy (Paul, 2018). In these instances, security is usually the specific responsibility of frontline personnel with defined roles and responsibilities operating in accordance with organisational protocols (Saikayasit, Stedmon, Lawson, & Fussey, 2012; Stedmon, Saikayasit, Lawson, & Fussey, 2013). However, understanding the knowledge that frontline security workers might possess and use requires sensitive investigation in equally sensitive security domains.

This chapter considers how to investigate knowledge elicitation in these sensitive security domains and underlying ethics in research design that supports and protects the nature of investigation and end-users alike. This chapter also discusses the criteria used for ensuring trustworthiness as well as assessing the relative merits of the range of methods adopted.

The aim of this paper is to survey existing information security culture research to scrutinise the kind of knowledge that has been developed and the way in which this knowledge has been brought about.

Results are based on a literature review of information security culture research published between 2000 and 2013 (December).

This paper can conclude that existing research has focused on a broad set of research topics, but with limited depth. It is striking that the effects of different information security cultures have not been part of that focus. Moreover, existing research has used a small repertoire of research methods, a repertoire that is more limited than in information systems research in general. Furthermore, an extensive part of the research is descriptive, philosophical or theoretical – lacking a structured use of empirical data – which means that it is quite immature.

Findings call for future research that: addresses the effects of different information security cultures; addresses the identified research topics with greater depth; focuses more on generating theories or testing theories to increase the maturity of this subfield of information security research; and uses a broader set of research methods. It would be particularly interesting to see future studies that use intervening or ethnographic approaches because, to date, these have been completely lacking in existing research.

Findings show that existing research is, to a large extent, descriptive, philosophical or theoretical. Hence, it is difficult for practitioners to adopt these research results, such as frameworks for cultivating or assessment tools, which have not been empirically validated.

Few state-of-the-art reviews have sought to assess the maturity of existing research on information security culture. Findings on types of research methods used in information security culture research extend beyond the existing knowledge base, which allows for a critical discussion about existing research in this sub-discipline of information security.

Alongside the remarkable evolution of cellular communication to 5G networks, significant security and privacy challenges have risen which can affect the widespread adoption of advanced communication technologies. In this context, the purpose of this paper is to examine research within security and privacy for 5G-based systems highlighting contributions made by the research community and identify research trends within different subdomains of 5G security where open issues still exist.

This paper uses a bibliographic approach to review the state-of-the-art in the field of 5G security and is the pioneering effort to investigate 5G security research using this methodology. Specifically, the paper presents a quantitative description of the existing contributions in terms of authors, organizations, and countries. It then presents detailed keyword and co-citation analysis that shows the quantity and pattern of research work in different subfields. Finally, 5G security areas are identified having open challenges for future research work.

The study shows that China leads the world in terms of published research in the field of 5G security with USA and India ranked second and third respectively. Xidian University, China is ranked highest for number of publications and h-index followed by University Oulu and AALTO University Finland. IEEE Access, Sensors and IEEE Internet of Things Journal are the top publication venues in the field of 5G security. Using VOSViewer aided analysis with respect to productivity, research areas and keywords, the authors have identified research trends in 5G security among scientific community whilst highlighting specific challenges which require further efforts.

Existing studies have focused on surveys covering state-of-the art research in secure 5G network (Zhang et al. 2019), physical layer security (Wu et al., 2018), security and privacy of 5G technologies (Khan et al., 2020) and security and privacy challenges when 5G is used in IoT (Sicari et al. 2020). However, our research has revealed no existing bibliometric studies in this area and therefore, to our best knowledge, this paper represents pioneering such effort for security within 5G.

The purpose of this paper is to focus on a potential tradeoff between security and usability in people’s use of online passwords – in general, complex passwords are secure and desirable but difficult to use (i.e. difficult to memorize) whereas simple passwords are easy to use, but are insecure and undesirable. Construal level theory (CLT) explains how high vs low construal level causes people to focus on “desirability” vs “feasibility” of an action, which in the research context can translate into the “security” vs “usability” of using passwords.

The authors conducted a series of three laboratory experiments manipulating people’s construal level and investigating its impact on password use.

The authors found that people who were induced to think at a high construal level created or showed intention to choose stronger passwords relative to people who were induced to think at a low construal level. Furthermore, this effect was also significantly different from the control group who did not receive any experimental treatment. In addition, the authors found that perspective taking targeted at the desirability of creating a strong password further strengthened the effect of a high construal level on intended password choice.

This research makes several contributions to existing literature on password security. First, this research offers CLT as a theoretical lens to explain an individual’s thinking and behavior concerning online password use. Second, this research offers empirical evidence that a high construal level improves users’ password use, a desirable feature for improved security. Third, this research contributes to the literature on how to apply nudging to influence human behavior toward more desirable, stronger, password use. Finally, our research identifies PT as a factor enhancing the positive effect of a high construal level on online users’ password use.

The influence of security practices is increasingly common in the supply chain management and logistics literature. However, an under-researched area exists within the logistics service provider (LSP) selection process. The purpose of this paper is to introduce a security capability into the LSP selection process. Specifically, this research seeks to understand partner willingness to compensate and collaborate with service providers that possess a security capability.

Adaptive choice modeling is adopted to assess the influence of a security capability in the LSP selection process. This study represents the first use of this method in supply chain management and logistics research. Cluster analysis is also performed to uncover specific buyer segments along with traditional regression-based significance testing and counting analysis.

The findings indicate that security can have an important influence on the LSP selection process. In particular, the findings note a willingness to pay for a security capability in LSP selection. Applying segmentation techniques to the findings, three LSP buying segments are determined, each placing different importance and value on LSP capabilities.

This research notes an ongoing provider deficiency in security offerings. Partner firms sometimes maintain a cost focus, but others show a willingness to pay higher prices for access to partners with a security capability. Key practitioner findings include the need to include security with other traditional selection variables. The study walks the researcher and manager through the development of segments based on LSP capabilities.

This manuscript investigates logistic service provider selection. The authors detail an advanced form of conjoint analysis, adaptive conjoint modeling, for first time consideration. Additionally, this is the first study to integrate security into the LSP selection process. This is also the first study to identify a willingness to pay for a security capability.

This study concentrates on assessing the research productivity in the domain of social media security in the past decades. The purpose of this study is to conduct a comprehensive bibliometric review on social media using various bibliometric indicators.

A total of 8,121 scientific publications were retrieved from Scopus database from period 1998 to 2021 using associated keyword search. This study also used VOSviewer^© tool to evaluate the network visualisation.

The result of this study revealed that there is a steady growth of annual publications except for the years 2015 and 2016. A total of 8,121 scientific publications and 80,454 total citations were found with 11.2 average citations per publication. The USA, China and India were top productive countries in terms of publishing research in the field; Chinese Academy of Sciences secured top position with 126 publications in highly productive organisation in the domain. The lecture notes in computer science from Springer Nature received a highly produced title with 553 publications and 4,453 total citations. For co-occurrence of author’s keywords, network visualisation analysis revealed that “Social Media”, “Social Network”, “Security”, “Privacy” and “Trust” found maximum occurrence in the domain of social media security.

This study provides comprehensive research status of social media security by performing a bibliometric analysis. The findings of this study will help relevant researchers to understand the research trend, pursue scientific collaborators and enhance research topic preferences.

The rareness of this study, detailed bibliometric analysis on the domain of social media security, is proven using numerous bibliometric indicators and application of VOSviewer in the domain.

This study aims to analyse the nature and trends in the knowledge discovery process on COVID-19 and food insecurity using a comprehensive bibliometric analysis based on the indexing literature in the Scopus database.

Data were extracted from Scopus using the keywords COVID-19 and food security to ensure extensive coverage. A total of 840 research papers on COVID-19 and food security were analysed using VOSviewer and RStudio software.

The findings of the bibliometric analysis in terms of mapping of scientific research across countries and co-occurrence of research keywords provide the trends in research focus and future directions for food insecurity research during times of uncertainty. Based on this analysis, the focus of scientific research has been categorised as COVID-19 and food supply resilience, COVID-19 and food security, COVID-19 and public health, COVID-19 and nutrition, COVID-19 and mental health and depression, COVID-19 and migration and COVID-19 and social distancing. A thematic map was created to identify future research on COVID-19 and food security.

This analysis identifies potential research areas such as food supply and production, nutrition and health that may help set future research agendas and devise policy supports for better managing food insecurity during uncertainty.

This analysis provides epistemological underpinnings for knowledge generation and acquisition on COVID-19 and food insecurity.

As evident from the literature review, the research on cyber security performance is centered on security metrics, maturity models, etc. Essentially, all these are helpful for evaluating the efficiency of cyber security organization but what matters is how the factors of internal efficiency affect the business performance, i.e. the external effectiveness. The purpose of this research paper is to derive the factors of internal efficiency and external effectiveness of cyber security and develop impact model to identify the most and least preferred parameters of internal efficiency with respect to all the parameters of external effectiveness.

There are two objectives for this research: Deriving the factors of internal efficiency and external effectiveness of cyber security; Developing a model to identify the impact of internal efficiency factors on the external effectiveness of cyber security since there is not much evidence of research in defining the factors of internal efficiency and external effectiveness of cyber security, the authors have chosen grounded theory methodology (GTM) to derive the parameters. In this study emic approach of GTM is followed and an algorithm is developed for administering the grounded theory research process. For the second research objective survey methodology and rank order was used to formulate the impact model. Two different samples and questionnaires were designed for each of the objectives.

For the objective 1, 11 factors of efficiency and 10 factors of effectiveness were derived. These are used as independent and dependent variable respectively in the later part of the research for the second objective. For the objective 2 the impact models among independent and dependent variables were formulated to find out the following. Most and least preferred parameters lead to internal efficiency of cyber security organization to identify the most and least preferred parameters of internal efficiency with respect to all the parameters external effectiveness.

The factors of internal efficiency and external effectiveness constructed by using grounded theory cannot remain constant in the long run, because of dynamism of the domain itself. Over and above this, there are inherent limitations of the tools like grounded theory, used in the research. Few important limitations of GTM are as below in grounded theory, it is comparatively difficult to maintain and demonstrate the rigors of research discipline. The sheer volume of data makes the analysis and interpretation complex, and lengthy time consuming. The researchers’ presence during data gathering, which is often unavoidable and desirable too in qualitative research, may affect the subjects’ responses. The subjectivity of the data leads to difficulties in establishing reliability and validity of approaches and information. It is difficult to detect or to prevent researcher-induced bias.

The internal efficiency and external effectiveness factors of cyber security can be further correlated by the future researchers to understand the correlations among all the factors and predict cyber security performance. The grounded theory algorithm developed by us can be further used for qualitative research for deriving theory through abstractions in the areas where there is no sufficient availability of data. Practitioners of cyber security can use this research to focus on relevant areas depending on their respective business objective/requirements. The models developed by us can be used by the future researchers to for various sectoral validations and correlations.

Though the financial costs of a cyber-attack are steep, the social impact of cyber security failures is less readily apparent but can cause lasting damage to customers, employees and the company. Therefore, it is always important to be mindful of how the impact of cyber security affects society as well as the bottom line when they are calculating the potential impact of a breach. Underestimating either impact can destroy a brand. The factor of internal efficiency and external effectiveness derived by us will help stakeholder in focusing on relevant area depending on their business. The impact model developed in this research is very useful for focusing a particular business requirement and accordingly tune the efficiency factor.

During literature study the authors did not find any evidence of application of grounded theory approach in cyber security research. While the authors were exploring research literature to find out some insight into the factor of internal efficiency and external effectiveness of cyber security, the authors did not find concrete and objective research on this. This motivated us to use grounded theory to derive these factors. This, in the authors’ opinion is one of the pioneering and unique contribution to the research as to the authors’ knowledge no researchers have ever tried to use this methodology for the stated purpose and cyber security domain in general. In this process the authors have also developed an algorithm for administering GTM. Further developing impact models using factors of internal efficiency and external effectiveness has lots of managerial and practical implication.