Information security: Listening to the perspective of organisational insiders

Aligned with the strategy-as-practice research tradition, this article investigates how organisational insiders understand and perceive their surrounding information security practices, how they interpret them, and how they turn such interpretations into strategic actions. The study takes a qualitative case study approach, and participants are employees at the Research & Development department of a multinational original brand manufacturer. The article makes an important contribution to organisational information security management. It addresses the behaviour of organisational insiders – a group whose role in the prevention, response and mitigation of information security incidents is critical. The article identifies a set of organisational insiders’ perceived components of effective information security practices (organisational mission statement; common understanding of information security; awareness of threats; knowledge of information security incidents, routines and policy; relationships between employees; circulation of stories; role of punishment provisions; and training), based on which more successful information security strategies can be developed.

Download Full-text

Employee Information Security Practices

International Journal of E-Services and Mobile Applications ◽

10.4018/ijesma.2020040101 ◽

2020 ◽

Vol 12 (2) ◽

pp. 1-14

Author(s):

Eli Hustad ◽

Frode Mathias Bekkevik ◽

Ole Reidar Holm ◽

Polyxeni Vassilakopoulou

Keyword(s):

Information Security ◽

Organizational Support ◽

Personal Characteristics ◽

Security Practices ◽

Employee Information ◽

Security Incidents ◽

Over Time ◽

Structural Arrangements ◽

Information Security Practices

Employee information security practices are pivotal to prevent, detect, and respond to security incidents. This article synthesizes insights from research on challenges related to employee information security practices and measures to address them. The challenges identified are associated to idiosyncratic aspects of communities and individuals within organizations (culture and personal characteristics) and to systemic aspects of organizations (procedural and structural arrangements). The measures aimed to enhance systemic capabilities and to adapt security mechanisms to the idiosyncratic characteristics and are categorized as: (a) measures of training and awareness; (b) measures of organizational support; and (c) measures of rewards and penalties. Further research is needed to explore the dynamics related to how challenges emerge, develop, and get addressed over time and also, to explore the interplay between systemic and idiosyncratic aspects. Additionally, research is needed on the role of security managers and how it can be reconfigured to suit flatter organizations.

Download Full-text

Challenges and Measures for Information Security Practices: A Literature Review on Systemic and Idiosyncratic Aspects

10.20944/preprints201906.0286.v1 ◽

2019 ◽

Author(s):

Eli Hustad ◽

Frode Matihas Bekkevik ◽

Ole Reidar Holm ◽

Polyxeni Vassilakopoulou

Keyword(s):

Information Security ◽

Literature Review ◽

Organizational Support ◽

Security Breaches ◽

Operational Risks ◽

Support Measures ◽

Security Practices ◽

Organizational Concern ◽

Security Incidents ◽

Information Security Practices

Information security is becoming a key organizational concern in light of increasingly demanding regulations, customers’ apprehension, and, significant operational risks. The information security practices of employees are pivotal for preventing, detecting, and responding to security incidents. This paper is synthesizing the insights from prior research based on a systematic literature review that explores challenges related to information security practices in organizations and the ways these challenges are managed to avoid security breaches. Four general challenges are identified: (1) security rules and procedures, (2) individual and personal risks, (3) culture and security awareness, and (4) organizational and power relations. To manage these challenges, three types of measures are prominent: measures related to training and awareness, measures related to organizational support, measures related to rewards and penalties. These measures aim to enhance systemic capabilities and to adapt security mechanisms to the idiosyncratic characteristics of organizations.

Download Full-text

The Role of External Influences on Organizational Information Security Practices: An Institutional Perspective

Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06) ◽

10.1109/hicss.2006.481 ◽

2006 ◽

Cited By ~ 4

Author(s):

Qing Hu ◽

P. Hart ◽

D. Cooke

Keyword(s):

Information Security ◽

Institutional Perspective ◽

External Influences ◽

Organizational Information ◽

Security Practices ◽

Information Security Practices

Download Full-text

The Role Of The Senior Pastor In Relocating A Church: A Case Study Approach

10.2986/tren.006-1366 ◽

2003 ◽

Author(s):

Randall L. SCHEIL

Keyword(s):

Case Study Approach ◽

Senior Pastor ◽

Study Approach

Download Full-text

Digital forensics and evolving cyber law: case of BIMSTEC countries

Journal of Money Laundering Control ◽

10.1108/jmlc-02-2019-0019 ◽

2019 ◽

Vol 22 (4) ◽

pp. 744-752

Author(s):

Sisira Dharmasri Jayasekara ◽

Iroshini Abeysekara

Keyword(s):

Information Technology ◽

Design Methodology ◽

Digital Forensics ◽

Content Type ◽

Global Context ◽

Study Approach ◽

Legal Frameworks ◽

Work Done

Purpose The purpose of this paper is to discuss the role of digital forensics in an evolving environment of cyber laws giving attention to Bay of Bengal Initiative for Multi-Sectoral Technical and Economic Cooperation (BIMSTEC) countries, comprising Bangladesh, India, Myanmar, Sri Lanka, Thailand, Nepal and Bhutan, in a dynamic global context. Design/methodology/approach This study uses a case study approach to discuss the digital forensics and cyber laws of BIMSTEC countries. The objective of the study was expected to be achieved by referring to decided cases in different jurisdictions. Cyber laws of BIMSTEC countries were studied for the purpose of this study. Findings The analysis revealed that BIMSTEC countries are required to amend legislation to support the growth of information technology. Most of the legislation are 10-15 years old and have not been amended to resolve issues on cyber jurisdictions. Research limitations/implications This study was limited to the members of the BIMSTEC. Originality/value This paper is an original work done by the authors who have discussed the issues of conducting investigations with respect to digital crimes in a rapidly changing environment of information technology and deficient legal frameworks.

Download Full-text

Investigating the Role of Cultural Capital and Organisational Habitus in Architectural Education: A Case Study Approach

International Journal of Art & Design Education ◽

10.1111/jade.12018 ◽

2015 ◽

Vol 34 (1) ◽

pp. 9-24 ◽

Cited By ~ 1

Author(s):

Jennifer Chamberlin Payne

Keyword(s):

Cultural Capital ◽

Architectural Education ◽

Case Study Approach ◽

Study Approach

Download Full-text

The projectilic image: Islamic State’s digital visual warfare and global networked affect

Media Culture & Society ◽

10.1177/0163443717725575 ◽

2017 ◽

Vol 39 (8) ◽

pp. 1194-1209 ◽

Cited By ~ 28

Author(s):

Marwan M Kraidy

Keyword(s):

New Media ◽

Digital Images ◽

Affect Theory ◽

Arabic Language ◽

Video Production ◽

Global Network ◽

Primary Sources ◽

Study Approach

Islamic State’s (IS) image-warfare presents an auspicious opportunity to grasp the growing role of digital images in emerging configurations of global conflict. To understand IS’ image-warfare, this article explores the central role of digital images in the group’s war spectacle and identifies a key modality of this new kind of warfare: global networked affect. To this end, the analysis focuses on three primary sources: two Arabic-language IS books, Management of Savagery (2004) and O’ Media Worker, You Are a Mujahid!, 2nd Edition (2016), and a video, Healing the Believers’ Chests (2015), featuring the spectacular burning of a Jordanian air force pilot captured by IS. It uses the method of ‘iconology’ within a case-study approach. I analyze IS’ doctrine of image-warfare explained in the two books and, in turn, examine how this doctrine is executed in IS video production, conceptualizing digital video as a specific permutation of moving digital images uniquely able to enact, and via repetition, to maintain, visual and narrative tension between movement and stillness, speed and slowness, that diffuses global network affect. Using a theoretical framework combining spectacle, new media phenomenology, and affect theory, the article concludes that global networked affect is projectilic, mimicking fast, lethal, penetrative objects. IS visual warfare, I argue, is best understood through the notion of the ‘projectilic image’.

Download Full-text

University Students’ Learning Disruption and Affordance in a Contested Learning Environment

Research in Social Sciences and Technology ◽

10.46303/ressat.2021.23 ◽

2021 ◽

Vol 6 (3) ◽

pp. 25-44

Author(s):

Siti Nur'Aini

Keyword(s):

Learning Environment ◽

University Students ◽

Social Environment ◽

Online Survey ◽

Case Study Approach ◽

First Semester ◽

Study Approach ◽

The Social

This study investigates how university students engage with their learning affordances in a contested environment due to the Coronavirus pandemic. This qualitative research employed a case study approach involving 136 participants. Data analysis was conducted using qualitative analysis as a circular process to describe, classify, and perceive the phenomenon and how the learning, affordances, and society were interconnected. The main framework of the research was the theory of affordance and how it was available for university students in their learning environment that changed due to the COVID-19 pandemic. Data were collected in the first semester of 2020 through an online survey on Google form. The findings indicate the importance of the social environment to provide affordance for the students to adjust with them. Four kinds of affordances emerged from the study; internet affordance, assignment affordance, domestic affordance, and distance learning affordance. The role of the social environment is definitive in changing how students manage their affordances.

Download Full-text

Penerapan Manajemen Risiko Kredit Pada Pembiayaan Syariah di Koperasi As Sakinah Sidoarjo

Jurnal Justisia Ekonomika: Magister Hukum Ekonomi Syariah ◽

10.30651/justeko.v2i1.1696 ◽

2018 ◽

Vol 2 (1) ◽

Author(s):

Nur Laila

Keyword(s):

Credit Risk ◽

Qualitative Method ◽

Secondary Data ◽

Profit Sharing ◽

Study Approach ◽

Secondary Data Source ◽

Data Source ◽

Responsibility System

Credit risk is one of the most frequent risks in tough financing such as on financing using ijarah and murabahah contracts in Sharia financial institutions. The reason is due to mistakes in the analysis of financing applications and lack of cooperative readiness in managing and anticipating the possibility of risk exposure in the institution. In other hand, sharia cooperatives follow the principle of lost and profit sharing that requires a careful cooperative in managing their business in order to achieve the expected profit target.As Sakinah Cooperation Sidoarjo which has been operating for 19 years only experienced credit risk less than 1%. Therefore, this study is aimed to firstly understand and describe to what extent the implementation of risk management in sharia financing in As Sakinah Cooperation Sidoarjo is, and secondly, to understand and describe the credit risk settlement scheme that occurs in sharia financing in As Sakinah Cooperation Sidoarjo.This research used qualitative method, using a case study approach. Data are collected through interview technique at main source and documents and regulation of the cooperation as secondary data source. The data were analyzed through 3 (three) steps. They are data deduction, data display and conclusion and verification.The results show that the role of the group and the joint responsibility system become the key in reducing credit risk Keywords: management, risk, credit, Ijarah, Murabahah.

Download Full-text

Peran Guru Madrasah dalam Menanaman Nilai-Nilai Pendidikan Lingkungan Hidup Perspektif Pendidikan Islam (Studi Kasus di Madrasah Aliyah Negeri 7 Keboan Jombang)

AL-MISBAH (Jurnal Islamic Studies) ◽

10.26555/almisbah.v8i1.1130 ◽

2020 ◽

Vol 8 (1) ◽

pp. 7

Author(s):

Auliyaaurohmah Auliyaaurohmah ◽

Khoirul Umam

Keyword(s):

Qualitative Case Study ◽

Educational Process ◽

Positive Behavior ◽

Educational Institutions ◽

Case Study Approach ◽

Study Approach ◽

Surrounding Environment ◽

Research Show

The effort to preserve the beauty of the environment is an obligation for every social creature that lives on this earth. These efforts are carried out and planned so that every human being has a caring attitude and responsibility with the surrounding environment. In educational institutions the role of a teacher cannot be separated in the educational process. To realize students as quality resources cannot be separated from the environment. This article intends to explain about environmental education in Madrasah Aliyah Negeri 7 Jombang. With a qualitative case study approach, this research was carried out through observation, interviews and documentation. The results of the discussion from the research show that, in the implementation of their roles and participation in forming and increasing environmental awareness by teachers, students are well implemented. Most of them have a caring attitude to their environment, which is proven by their daily habits, which is to dispose of waste according to the space provided. It's just that for minorities who are still indifferent to the environment, support and encouragement from teachers need to be increased so that all madrasa residents, especially students, have positive behavior, be aware and care about the surrounding environmen

Download Full-text