Composition of the Top Management Team and Information Security Breaches

2015 ◽  
pp. 116-134 ◽  
Author(s):  
Carol Hsu ◽  
Tawei Wang
Keyword(s):  
Information Security ◽  
Average Length ◽  
Top Management Team ◽  
Security Management ◽  
Top Management Teams ◽  
Management Team ◽  
Top Management ◽  
Information Security Management ◽  
Security Breaches ◽  
Security Technologies

Given the multifaceted problems and complexities of information security, the manner in which top management teams make investment and management decisions regarding security technologies, policy initiatives, and employee education could have a significant impact on the likelihood of information security breaches in organizations. In the context of information security management, it is not clear from management literature regarding how the characteristics of the top management team are associated with the possibility of information security breaches. The results demonstrate that the average length and heterogeneity of tenure could increase the possibility of breaches. However, age heterogeneity and the size of the top management team are negatively related to such a possibility. In addition, the findings suggest a nonlinear association between average age and tenure and the possibility of security breaches. The authors conclude the chapter with theoretical and practical implications on the organizational and managerial aspects of information security management.

Composition of the Top Management Team and Information Security Breaches

2015 ◽  
pp. 1436-1455
Author(s):  
Carol Hsu ◽  
Tawei Wang
Keyword(s):  
Information Security ◽  
Average Length ◽  
Top Management Team ◽  
Security Management ◽  
Top Management Teams ◽  
Management Team ◽  
Top Management ◽  
Information Security Management ◽  
Security Breaches ◽  
Security Technologies

Given the multifaceted problems and complexities of information security, the manner in which top management teams make investment and management decisions regarding security technologies, policy initiatives, and employee education could have a significant impact on the likelihood of information security breaches in organizations. In the context of information security management, it is not clear from management literature regarding how the characteristics of the top management team are associated with the possibility of information security breaches. The results demonstrate that the average length and heterogeneity of tenure could increase the possibility of breaches. However, age heterogeneity and the size of the top management team are negatively related to such a possibility. In addition, the findings suggest a nonlinear association between average age and tenure and the possibility of security breaches. The authors conclude the chapter with theoretical and practical implications on the organizational and managerial aspects of information security management.

The Association between Top Management Involvement and Compensation and Information Security Breaches

2012 ◽  
Vol 27 (1) ◽  
pp. 219-236 ◽  
Author(s):  
Juhee Kwon ◽  
Jackie Rees Ulmer ◽  
Tawei Wang
Keyword(s):  
Information Security ◽  
Stock Options ◽  
Top Management Team ◽  
Management Team ◽  
Top Management ◽  
Multiple Sources ◽  
Security Breaches ◽  
Pay Differences ◽  
It Executives ◽  
Shed Light

ABSTRACT This paper examines how an information technology (IT) executive's position in a top management team and how his/her compensation are associated with the likelihood of information security breaches. Using a sample drawn from multiple sources in the period from 2003 to 2008, we show that an IT executive's involvement in the top management team is negatively related to the possibility of information security breaches. We also find that the amount of behavior-based (i.e., salary) compensation and the pay differences of outcome-based (i.e., bonuses, stock awards, and stock options) compensation between IT and non-IT executives are negatively associated with the likelihood of information security breaches. Our findings shed light on how an IT executive's status in the top management team and the composition of his/her compensation can be related to a firm's IT governance mechanisms.

Using Causal Mapping to Uncover Cognitive Diversity within a Top Management Team

2005 ◽  
pp. 203-232 ◽  
Author(s):  
David P. Tegarden ◽  
Linda F. Tegarden ◽  
Steven D. Sheetz
Keyword(s):  
Firm Performance ◽  
Top Management Team ◽  
Black Box ◽  
Top Management Teams ◽  
Management Team ◽  
Top Management ◽  
Cognitive Diversity ◽  
Causal Mapping ◽  
And Cluster Analysis ◽  
Cognitive Factions

The cognitive diversity of top management teams has been shown to affect the performance of a firm. In some cases, cognitive diversity has been shown to improve firm performance, in other cases, it has worsened firm performance. Either way, it is useful to understand the cognitive diversity of a top management team. However, most approaches to measure cognitive diversity never attempt to open the “black box” to understand what makes up the cognitive diversity of the team. This research reports on an approach that identifies diverse belief structures, i.e., cognitive factions, through the use of causal mapping and cluster analysis. The results show that the use of causal mapping provides an efficient and effective way to identify idiosyncratic and shared knowledge among members of a top management team. This approach allows the cognitive diversity of the top management team to not only to be uncovered, but also to be understood.

Top management team international experience and strategic decision-making

2018 ◽  
Vol 26 (1) ◽  
pp. 50-70 ◽  
Author(s):  
Akbar Azam ◽  
Cristina Boari ◽  
Fabiola Bertolotti
Keyword(s):  
Decision Making ◽  
Top Management Team ◽  
Time Frame ◽  
International Experience ◽  
Top Management Teams ◽  
Management Team ◽  
Strategic Decision ◽  
Strategic Decision Making ◽  
Top Management ◽  
Content Type

Purpose This study aims to explore the influence of top management team international experience on international strategic decision-making rationality and, subsequently, its effect on decision effectiveness (decision performance). Design/methodology/approach This analysis is based on survey data of small- and medium-sized international Pakistani firms operating in the IT industry. Findings Results show that top management team international experience is positively related to international strategic decision-making rationality, and the latter partially mediates the international experience – decision effectiveness relationship. Research limitations/implications The study is based on data collected from a single industry and focuses on an international decision that occurred within a time-frame of previous four years. Practical implications Findings suggest that international firms, when composing their top management teams, should favor the inclusion of internationally experienced managers. Originality/value The study of the influence of international experience on the decision-making process in general and decision-making rationality in particular has been largely neglected in extant literature. This paper highlights one way through which the international experience of the top management team as a whole relates to the effectiveness of international decisions. The paper also advances emergent managerial cognition literature focusing on the top management team and not individual decision makers.

scholarly journals Considerations on the implementation steps for an information security management system

2018 ◽  
Vol 12 (1) ◽  
pp. 476-485
Author(s):  
Răzvan Cristian Ionescu ◽  
Ioana Ceaușu ◽  
Cristian Ilie
Keyword(s):  
Information Security ◽  
Management System ◽  
Organizational Context ◽  
Quality Management System ◽  
Security Management ◽  
Top Management ◽  
Sensitive Information ◽  
Information Security Management ◽  
Functional Quality ◽  
Information Security Management System

Abstract News about various information security attacks against companies appears almost every day. The sources of these attacks vary from cyber-criminals who want to steal companies’ data to demand a ransom, to current or former employees who want to create damage to the organization. The best way to defend organizational critical assets is to implement an Information Security Management System that secures all sensitive assets from confidentiality, availability and integrity perspective. An Information Security Management System offers top management a framework for sensitive information flow control. This framework includes with a risk assessment that considers the security threats and vulnerabilities of the company’s assets. Companies usually implement Information Security Management System only after they have a functional quality management system, which brings clarity and optimization to the company’s processes. Current approaches on creation and implementation of effective Information Security Management System are very theoretical and thus difficult to use in practice. The main objective of this paper is to present an Information Security Management System implementation method in the case of a small company by defining the basic steps in achieving a fully functional Information Security Management System. The proposed methodology considers the top management Information Security Management System objectives, organizational context, risks assessment and third parties expectations fulfillment.

scholarly journals Implications of theory and research on strategic leadership: a critical review

2016 ◽  
Vol 15 (3) ◽  
pp. 119-131
Author(s):  
Carlos Roberto Banzato ◽  
Julio Cesar Volpp Sierra
Keyword(s):  
Critical Review ◽  
Top Management Team ◽  
Top Management Teams ◽  
Leadership Theory ◽  
Management Team ◽  
Strategic Leadership ◽  
Top Management ◽  
Field Of Study ◽  
Antecedents And Consequences ◽  
The Way

Strategic Leadership: Theory and Research on Executives, Top Management Teams, and Boards by Finkelstein, Hambrick and Canella Jr. (2009) is one of the most important references in strategy studies. This work is a critical review of this book and attempts to answer why organizations do what they do or play the way they play. In this paper, we review all eleven chapters that make up the book. We then suggest the implications of this theory on strategy and organizations. We also consider how this book affects the development of the field of study. The book offers considerable foundations for executives and serves as a reference for researchers who wish to understand the phenomenon related to strategic leadership, considering the CEO, Board and Top Management Team.  The major contribution of this paper is that it summarizes the theory and concepts of the book in a few pages and identifies the main characteristics, antecedents and consequences of leadership in organizations. 

scholarly journals Strategy patterns and corporate competitive advantage in hypercompetition

2018 ◽  
Vol 69 (3) ◽  
pp. 229-250 ◽  
Author(s):  
Maja Daraboš Longin
Keyword(s):  
Competitive Advantage ◽  
Market Power ◽  
Strategic Behavior ◽  
Top Management Team ◽  
Top Management Teams ◽  
Management Team ◽  
Top Management ◽  
Special Focus ◽  
Long Run ◽  
Firm Response

Action aggressiveness is considered as a firm response to the phenomenon of temporary advantage. Firms able to respond quickly to market demands strengthen their market power and generate advantages; but those that can be even faster, will generate even greater market power and advantage over its competitors. However, there is no guarantee that competitive advantage achieved today will remain unchanged in the long run. The focus is on being prepared to take an action, i.e. the extent to which the firm is willing to participate with competitors and act quickly in the involvement and participation. The dynamics of top management is a very important component of the ability of the firm competitive behavior. The top management team is the kingpin that coordinates and mobilizes organizational resources and efforts for firms’ aggressive competitive engagement. The assumption of being more aggressive at the market and collaborative with competitors is the integration of top management of the firm that depends primarily on compatible traits and members’ communication skills. With a special focus on top management teams, this paper explores the extent to which firms’ certain strategic behavior in hypercompetitive industry can be related to gaining temporary competitive advantage, measured through improving its firm performance. The central goal of this research is to theoretically and empirically define and examine firms’ strategic behavior in hypercompetition through defining new taxonomy of strategy patterns, i.e. firm specific strategic behavior that provides and raises the probability of gaining the competitive advantage in hypercompetitive industries. An important contribution of this research is also reflected in the development of the model that analyze the influence of specific characteristics of top management team (TMT) on pattern firm uses, as well as the relationship between firms’ market position on specific strategic behavior.

Information Security Management

2008 ◽  
pp. 350-357 ◽  
Author(s):  
Mariana Hentea
Keyword(s):  
Information Security ◽  
Security Management ◽  
Virtual Private Networks ◽  
Product Lines ◽  
Information Security Management ◽  
Security Technologies ◽  
Detection Systems ◽  
Security Controls ◽  
Security Infrastructure ◽  
Management Capabilities

Information security management is the framework for ensuring the effectiveness of information security controls over information resources to ensure no repudiation, authenticity, confidentiality, integrity and availability of the information. Organizations need a systematic approach for information security management that addresses security consistently at every level. However, the security infrastructure of most organizations came about through necessity rather than planning, a reactive-based approach as opposed to a proactive approach (Gordon, Loeb & Lucyshyn, 2003). Intrusion detection systems, firewalls, anti-virus software, virtual private networks, encryption and biometrics are security technologies in use today. Many devices and systems generate hundreds of events and report various problems or symptoms. Also, these devices may all come at different times and from different vendors, with different reporting and management capabilities and—perhaps worst of all—different update schedules. The security technologies are not integrated, and each technology provides the information in its own format and meaning. In addition, these systems across versions, product lines and vendors may provide little or no consistent characterization of events that represent the same symptom. Also, the systems are not efficient and scalable because they rely on human expertise to analyze periodically the data collected with all these systems. Network administrators regularly have to query different databases for new vulnerabilities and apply patches to their systems to avoid attacks. Quite often, different security staff is responsible and dedicated for the monitoring and analysis of data provided by a single system. Security staff does not periodically analyze the data and does not timely communicate analysis reports to other staff. The tools employed have very little impact on security prevention, because these systems lack the capability to generalize, learn and adapt in time.

Sign in / Sign up

Export Citation Format

Share Document