On the Role of Human Morality in Information System Security

2011 ◽  
pp. 239-254
Author(s):  
Mikko T. Siponen
Keyword(s):  
Information System ◽  
Information Security ◽  
System Security ◽  
Well Being ◽  
Cultural Relativism ◽  
Research Approach ◽  
International Conference ◽  
Beijing China ◽  
Theoretical Foundations

This chapter argues, following the scholars of the first category, that human morality has a role as a means for ensuring security. But to achieve this goal solid theoretical foundations, on which a concrete guidance can be based, are needed. The existing proposals (e.g., Kowalski, 1990; Baskerville, 1995; Dhillon & Backhouse, 2000) do not suggest any theoretical foundation nor concrete means for using ethics as a means of ensuring security. The aim of this paper is to propose a framework for the use of ethics in this respect. To achieve this aim, a critique of the relevance of ethics must be considered. The use of human morality as a means of ensuring security has been criticized by Leiwo and Heikkuri (1998a, 1998b) on the grounds of cultural relativism (and hacker ethics/hacking culture). If cultural relativism is valid as an ethical doctrine, the use of human morality as a means of protection is very questionable. It would only be possible in certain “security” cultures, i.e., cultures in which security norms have been established–if at all. However, the objection of Leiwo and Heikkuri (1998a, 1998b) is argued to be questionable. We feel that cultural relativism has detrimental effects on our well-being and security. Things might be better if the weaknesses of cultural relativism were recognized. This paper adopts the conceptual analysis in terms of Järvinen (1997, 2000) as the research approach. An early version of this paper was presented at an international conference on information security (IFIP TC11, Beijing, China, 2000).

On the Role of Human Morality in Information System Security

2011 ◽  
pp. 255-271 ◽  
Author(s):  
Mikko T. Siponen
Keyword(s):  
Well Being ◽  
Cultural Relativism ◽  
Future Research ◽  
Research Approach ◽  
Theoretical Frameworks ◽  
Alternative Approach ◽  
Key Issues ◽  
Beijing China ◽  
Theoretical Foundations

This chapter argues, following the scholars of the first category, that human morality has a role as a means for ensuring security. But to achieve this goal solid theoretical foundations, on which a concrete guidance can be based, are needed. The existing proposals (e.g., Kowalski, 1990; Baskerville, 1995; Dhillon & Backhouse, 2000) do not suggest any theoretical foundation nor concrete means for using ethics as a means of ensuring security. The aim of this paper is to propose a framework for the use of ethics in this respect. To achieve this aim, a critique of the relevance of ethics must be considered. The use of human morality as a means of ensuring security has been criticized by Leiwo and Heikkuri (1998a, 1998b) on the grounds of cultural relativism (and hacker ethics/hacking culture). If cultural relativism is valid as an ethical doctrine, the use of human morality as a means of protection is very questionable. It would only be possible in certain “security” cultures, i.e., cultures in which security norms have been established–if at all. However, the objection of Leiwo and Heikkuri (1998a, 1998b) is argued to be questionable. We feel that cultural relativism has detrimental effects on our well-being and security. Things might be better if the weaknesses of cultural relativism were recognized. This paper adopts the conceptual analysis in terms of Järvinen (1997, 2000) as the research approach. An early version of this paper was presented at an international conference on information security (IFIP TC11, Beijing, China, 2000). The chapter is organized as follows. In the second section, the possible ethical theoretical frameworks are discussed. In the third section, the objections to the use of ethics as a means of protection based on cultural relativism (descriptivism) are explored. In the fourth section, an alternative approach based on non-descriptivism is suggested. The fifth section discusses the implications and limitations of this study. The sixth section summarises the key issues of the chapter including future research questions.

On the Role of Human Mortality in Information System Security

2011 ◽  
pp. 301-319
Author(s):  
Mikko T. Siponen
Keyword(s):  
Information System ◽  
System Security ◽  
Well Being ◽  
Cultural Relativism ◽  
Ethical Theories ◽  
Veil Of Ignorance ◽  
Information System Security ◽  
Security Breaches ◽  
The Veil

The question of whether ethical theories appealing to human morality can serve as a means of protection against information system security breaches has been recognized by several authors. The existing views concerning the role of ethics in information systems security can be divided into two categories. These are (1) expressions about the use of human morality and (2) arguments claiming that the use of ethics is useless or, at best, extremely restricted. However, the former views are general statements lacking concrete guidance and the latter viewpoint is based on cultural relativism, and can be thus classified as descriptivism. This paper claims that the use of ethical theories and human morality is useful for security, particularly given that Hare’s Overriding thesis has validity — though it has its limitations, too. This paper further argues that descriptivism (including the doctrine of cultural relativism) leads to several problems, contradictions and causes detrimental effects to our well-being (and security). Therefore, an alternative approach to using ethics in minimizing security breaches that is based on non-descriptive theories is proposed. The use of non-descriptivism will be demonstrated using Rawls’ concept of the “veil of ignorance.” The limitations of non-descriptivism, and appealing to human morality in a general sense, will also be discussed. Finally, suggestions for future research directions are outlined.

The role of norms in information security policy compliance

2020 ◽  
Vol 28 (5) ◽  
pp. 743-761
Author(s):  
Isaac Wiafe ◽  
Felix Nti Koranteng ◽  
Abigail Wiafe ◽  
Emmanuel Nyarko Obeng ◽  
Winfred Yaokumah
Keyword(s):  
Information System ◽  
Information Security ◽  
Security Policy ◽  
System Security ◽  
Policy Compliance ◽  
Content Type ◽  
Information System Security ◽  
Personal Norms ◽  
Security Policy Compliance

Purpose The purpose of this paper is to determine which factors influence information system security policy compliance. It examines how different norms influence compliance intention. Design/methodology/approach Based on relevant literature on information system security policy compliance, a research model was developed and validated. An online questionnaire was used to gather data from respondents and partial least square structural equation modelling (PLS-SEM) was used to analyse 432 responses received. Findings The results indicated that attitude towards information security compliance mediates the effects of personal norms on compliance intention. In addition, descriptive and subjective norms are significant predictors of personal norms. Originality/value Though advancement in technology has reached significant heights, it is still inadequate to guaranteed information systems’ security. Researchers have identified humans to be central in ensuring information security. To this effect, this study provides empirical evidence of the role of norms in influence information security behaviour.

scholarly journals Societal Expectations and Well-being of Academics: Views from University Lecturers in Ghana

2020 ◽  
pp. 74-84
Author(s):  
Dudley W. Ofori ◽  
Jo Bell
Keyword(s):  
Cultural Beliefs ◽  
Well Being ◽  
University Education ◽  
Research Approach ◽  
Negative Effects ◽  
Mind Set ◽  
And Shifts ◽  
Societal Expectations ◽  
University Lecturers

Background: The study aimed to investigate how societal expectation on educational accomplishments can affect workplace well-being of university lecturers. University education is seen by society as the highest level of educational accomplishment in a person’s life and people with such accomplishments are often held in higher esteem by society. In Ghana, this expectation puts pressure on lecturers who are known to have attained higher educational accomplishments. Methods: The study used a qualitative research approach to solicit views from 18 public university lecturers in Ghana. Interpretative Phenomenology Approach (IPA) for data analysis was used to interpret the opinions of lecturers about what society expects of them, how that affects their well-being at work and shifts that are needed to address those expectations. Results: The study found that society indeed expects a lot from university lecturers (core university functions and other cultural and economic issues). Societal expectations have both positive and negative effects on the well-being of lecturers. Findings show that respect that lecturers receive from society provides leverage for positive well-being, while financial pressures placed on them tend to create emotional stresses which impact negatively on their well-being. Conclusion: To our knowledge, this study is the first of its kind to examine the experiences of well-being amongst university academics in Ghana. Results suggest that how the role of university academics is perceived by society can create pressures which affect their well-being negatively. This study highlights the importance of these findings and their impact on well-being. It shows that societal expectations are linked to sociocultural beliefs and economic factors in a developing country context. The authors recommend a mind-set shift amongst society and academics to bring expectations from both sides closer together; through education; engaging community talks on the pressures of societal expectations and demands to create awareness, and observing cultural beliefs that impact the understanding of well-being issues. These initiatives could potentially reduce the pressure of unrealistic expectations on academics and other “knowledge workers”.

The Human Factors Issues in Information Security: What are They and Do They Matter?

1998 ◽  
Vol 42 (4) ◽  
pp. 439-443
Author(s):  
Pamela R. McCauley-Bell ◽  
Lesia L. Crumpton
Keyword(s):  
Information Technology ◽  
Information Systems ◽  
Information Security ◽  
Human Factors ◽  
Human Error ◽  
System Security ◽  
Security Protocol ◽  
Human Interaction ◽  
Security Issues

The information technology field has been increasingly plagued by threats to the security of information systems, networks, and communication media. The solutions to these problems have primarily focused on the techniques to more closely safeguard networks (i.e. firewalls) with similar efforts being put into assessing the vulnerabilities of the hardware and software aspects of the systems. With the exception of discussions into more creative password selection, discussion pertaining to the role of the user, can play in reducing the risk of human error and thus promoting system security has been extremely limited. This lecture will present an overview of information security issues impacted by human interaction that may or may not play a role in promoting system security. Understanding that information systems are in fact composed of hardware and software components which must be addressed using traditional information security protocol, this lecture will provide an understanding of the possible risk that the human/user poses to an information system. Once the risks or factors associated with the human in the security of the system are identified, the next question is do the factors matter? The objective of this lecture is to present an intellectual discussion of human factors issues and their impact on information security. This is an important discussion topic that the information technology field can not afford to ignore.

scholarly journals Using Appreciative Inquiry to Understand the Role of Teaching Practices in Student Well-being at a Research-Intensive University

2018 ◽  
Vol 9 (2) ◽  
Author(s):  
Kathleen Lane ◽  
Minnie Y Teng ◽  
Steven J Barnes ◽  
Katherine Moore ◽  
Karen Smith ◽  
...  
Keyword(s):  
Undergraduate Students ◽  
Appreciative Inquiry ◽  
Teaching Practices ◽  
Qualité De Vie ◽  
Well Being ◽  
Research Approach ◽  
Premier Cycle ◽  
Groupes De Discussion

Appreciative inquiry (a research approach comprising four stages: Discovery, Dream, Design, and Destiny) was used at a research-intensive university to investigate which teaching practices positively influence student well-being (i.e., their health and quality of life). In a survey, undergraduate students were asked to select the teaching practices they believed best supported their well-being. Focus groups also were conducted, with: (1) students, and (2) instructors identified by students as using teaching practices that supported their well-being. Mixed-methods data-analyses subsequently were used to identify instructional strategies that support student well-being. L’enquête appréciative (une approche de recherche qui comprend quatre étapes : découverte, rêve, conception et destinée) a été utilisée dans une université centrée sur la recherche pour enquêter sur les pratiques d’enseignement et déterminer lesquelles influencent positivement le bien-être des étudiants (c’est-à-dire leur santé et leur qualité de vie). Dans un sondage, on a demandé aux étudiants de premier cycle de choisir les pratiques d’enseignement qui, selon eux, favorisaient le mieux leur bien-être. Des groupes de discussion ont également été organisés, avec (1) des étudiants et (2) des instructeurs identifiés par les étudiants comme étant ceux qui employaient des pratiques d’enseignement qui favorisaient leur bien-être. Ensuite, les données ont été analysées selon des méthodes mixtes pour identifier les stratégies d’instruction qui favorisent le bien-être des étudiants.

scholarly journals A community-based participatory research approach to understanding social eating for food well-being

2021 ◽  
Vol 3 ◽  
pp. 11
Author(s):  
Nadina R Luca ◽  
Marsha Smith ◽  
Sally Hibbert
Keyword(s):  
Food Insecurity ◽  
Food Service ◽  
Community Based Participatory Research ◽  
Well Being ◽  
Research Approach ◽  
Community Based ◽  
Social Eating ◽  
The Individual ◽  
Food Charity

‘Social eating initiatives’ are a specific type of community-based food service that provides opportunities for people to eat together in local spaces using surplus food. These initiatives provide a meal that is fresh, affordable and more environmentally friendly than fast or convenience foods. In this research, we build upon the food well-being model to explore how food consumption is experienced in these community settings and the role of social eating projects in shaping the different dimensions of people’s foodscapes. We adopted a community-based participatory approach and engaged in a series of dialogues with staff volunteers and coordinators at four ‘social eating initiatives’. We also conducted 45 interviews with service users and volunteers at three sites in the Midlands region.   The role of community-based food initiatives responding to hunger by utilising surplus food to feed local populations is often conceptualised critically. The conjoining of food insecurity and surplus food appears to instrumentally feed customers and reduce food wastage, but in ways that are stigmatising, and which position customers as passive recipients of food charity. However, closer attention to the experiences of staff, volunteers and customers at these spaces, reveals them as sites where knowledge and experience of food is being developed with this contributing to a sense of well-being beyond nutrition. Shared food practices and eating together contribute to social capital and are important dimensions of food well-being that are significantly restricted by food insecurity. The ‘food well-being’ model envisages a shift in focus from health, defined as the absence of illness, towards well-being as a positive relationship with food at the individual and societal level. In the concluding remarks of this article, it is suggested that this holistic conception is required to understand the role and function of social eating initiatives.

scholarly journals Information Security of Critically Important Information Systems

2019 ◽  
Vol 8 (4) ◽  
pp. 9030-9034
Keyword(s):  
Information System ◽  
Information Systems ◽  
Information Security ◽  
Legal Regulation ◽  
Security Threats ◽  
Legal Basis ◽  
Sources Of Information ◽  
Effective Mechanism ◽  
System Information

The article provides a comprehensive analysis of the concepts related to the information security of critically important information systems in Russia. Today, problems exist, which are associated with numerous threats to Russian information security due to the rapidly increasing role of the information sphere. To solve these problems, an effective mechanism is needed to prevent and eliminate these threats. To develop the organizational and legal basis of the mechanism, it is necessary to define a number of concepts, such as information security, critically important information system, information infrastructure, etc. The authors explore Russian legal regulation, as well as international experience and research on this topic. The article shows the main sources of information security threats and defines general principles and approaches to ensuring information security of critically important information systems. The concept and types of critically important information systems are identified and the necessity of developing and improving their legal regulation is substantiated. A number of legal and organizational measures aimed at ensuring the information system security of Russian infrastructure are proposed.

Sign in / Sign up

Export Citation Format

Share Document