scholarly journals The Impact of Organizational Practices on the Information Security Management Performance

Information ◽  
2021 ◽  
Vol 12 (10) ◽  
pp. 398
Author(s):  
Latifa Alzahrani ◽  
Kavita Panwar Seth
Keyword(s):  
Information Security ◽  
Knowledge Sharing ◽  
Security Management ◽  
Organizational Practices ◽  
Management Performance ◽  
Information Security Management ◽  
Business Goals ◽  
Study Results ◽  
Security Training ◽  
The Impact

Information explosion and pressures are leading organizations to invest heavily in information security to ensure that information technology decisions align with business goals and manage risks. Limited studies have been done using small- and-medium-sized enterprises (SMEs) in the manufacturing sector. Furthermore, a small number of parameters have been used in the previous studies. This research aims to examine and analyze the effect of security organizational practices on information security management performance with many parameters. A model has been developed together with hypotheses to evaluate the impact of organizational practices on information security management performance. The data is collected from 171 UK employees at manufacturing SMEs that had already implemented security policies. The structure equation model is employed via the SPSS Amos 22 tool for the evaluation of results. Our results state that security training, knowledge sharing, security education, and security visibility significantly impact information security performance. In addition, this study highlights a significant impact of both security training and knowledge sharing on trust in the organization. Business leaders and decision-makers can reference the proposed model and the corresponding study results to develop favourable tactics to achieve their goals regarding information security management.

scholarly journals Organizational practices as antecedents of the information security management performance

2019 ◽  
Vol 32 (5) ◽  
pp. 1262-1275 ◽  
Author(s):  
Daniel Pérez-González ◽  
Sara Trigueros Preciado ◽  
Pedro Solana-Gonzalez
Keyword(s):  
Information Security ◽  
Knowledge Sharing ◽  
Structural Equation ◽  
Current Knowledge ◽  
Security Management ◽  
Organizational Practices ◽  
Research Information ◽  
Management Performance ◽  
Information Security Management ◽  
Content Type

Purpose The purpose of this paper is to expand current knowledge about the security organizational practices and analyze its effects on the information security management performance. Design/methodology/approach Based on the literature review, the authors propose a research model together with hypotheses. The survey questionnaires were developed to collect data, which then validated the measurement model. The authors collected 111 responses from CEOs at manufacturing small- and medium-sized enterprises (SMEs) that had already implemented security policies. The hypothesized relationships were tested using the structural equation model approach with EQS 6.1 software. Findings Results validate that information security knowledge sharing, information security education and information security visibility, as well as security organizational practices, have a positive effect on the information security management performance. Research limitations/implications The consideration of organizational aspects of information security should be taken into account by academics, practitioners and policymakers in SMEs. Besides, the work helps validate novel constructs used in recent research (information security knowledge sharing and information security visibility). Practical implications The authors extend previous works by analyzing how security organizational practices affect the performance of information security. The results suggest that an improved performance of information security in the industrial SMEs requires innovative practices to foster knowledge sharing among employees. Originality/value The literature recognizes the need to develop empirical research on information security focused on SMEs. Besides the need to identify organizational practices that improve information security, this paper empirically investigates SMEs’ organizational practices in the security of information and analyzes its effects on the performance of information security.

Re-Visiting Cyber Security Training in the COVID-19 Era

2021 ◽  
Vol 10 (2) ◽  
pp. 16-20
Author(s):  
Fabio DI FRANCO ◽  
Konstantinos PAPADATOS ◽  
Konstantinos RANTOS
Keyword(s):  
Information Security ◽  
Cyber Security ◽  
Security Management ◽  
The European Union ◽  
European Security ◽  
Information Security Management ◽  
Security Training ◽  
Travel Restrictions ◽  
On Line ◽  
Ict Security

Cyber security training, as many other aspects in our lives, has been adapted to address concerns related to travel restrictions and group gatherings resulting from the COVID-19 pandemic. In this context, ENISA, the European Union Agency for Cybersecurity, had to re-visit and significantly modify its already established course on Information Security Management and ICT security, which is provided under the auspices of the European Security and Defence College (ESDC). The program provides public employees the opportunity to gain the necessary knowledge and skills to assume an Information Security Management role. The restructured course was introduced to address the COVID-19 restrictions and has proven to be equally effective to the classroom-delivered course, if not more effective at some parts. This paper presents the main structure of the fully online training, its innovative elements, and the assessment results which prove that COVID-19 pandemic has triggered the introduction of innovative and successful on-line training scenarios.

The impact of information security management practices on organisational agility

2020 ◽  
Vol 28 (5) ◽  
pp. 681-700
Author(s):  
Muhamad Khairulnizam Zaini ◽  
Mohamad Noorman Masrek ◽  
Mad Khir Johari Abdullah Sani
Keyword(s):  
Information Security ◽  
Structural Equation ◽  
Management Practices ◽  
Security Management ◽  
Partial Least Square ◽  
Least Square ◽  
Information Security Management ◽  
Content Type ◽  
The Impact ◽  
Organisational Agility

Purpose This study aims to determine the extent to which information security management (ISM) practices impact the organisational agility by examining the relationship between both concepts. Design/methodology/approach A quantitative method research design has been used in this study. This study was conducted throughout Malaysia with a total of 250 valid questionnaires obtained from managers and executives from the Multimedia Super Corridor (MSC)-status companies. Structural equation modelling (SEM) using partial least square was used to analyse the data and to test all nine hypotheses developed in this study. Findings Findings from this study indicate that operational agility (OA) is significantly related to ISM practices in MSC-status companies. The validation of the structural model of nine hypotheses developed for this study has demonstrated satisfactory results, exhibited six significant direct relationships and three insignificant relationships. Research limitations/implications This study has addressed the needs for a comprehensive, coherent and empirically tested ISM practices and organisational agility framework. The current theoretical framework used in this study emphasised on the ISM–organisational agility dimensions that are predominantly important to ascertain high level of ISM practices and perceived agility level among the information technology (IT) business companies in Malaysia. With the application of SEM for powerful analysis, the empirical-based framework established in this study was validated by the empirical findings, thus contributing significantly to the field of information security (InfoSec). Originality/value This study has filled the research gap between different constructs of ISM practices and OA. The model put forth in this study contributes in several ways to the InfoSec research community. The recognition of InfoSec practices that could facilitate organisational agility in the IT industry in Malaysia is vital and contributes to more value creation for the organisations.

Sign in / Sign up

Export Citation Format

Share Document