Exploring the Relationship Between Technology Adoption and Cyber Security Compliance

2021 ◽  
Vol 17 (4) ◽  
pp. 40-62
Author(s):  
Mohammed Saeed A Alqahtani ◽  
Eila Erfani
Keyword(s):  
Cyber Security ◽  
Social Systems ◽  
It Infrastructure ◽  
Security Controls ◽  
Use Of Technology ◽  
Security Compliance ◽  
The Relationship ◽  
Goals And Objectives ◽  
Security Organizations ◽  
Practical Implications

IT infrastructure and systems are made up of technical and social systems that work together to ensure that organization's goals and objectives are met. Security controls and measures are developed and used to protect an organization's data and information systems. To improve cyber security, organizations focus most of their efforts on incorporating new technological approaches in products and processes, leaving out the most important and vulnerable factor. So this study intends to provide some practical implications to the technology developers and policymakers while identifying the factors that affect cyber security compliance in an organization or home environment for general users, HR, IT administrators, engineers, and others. It explored the Unified Theory of Acceptance and Use of Technology 2 (UTAUT2) model and assessed the effect of its factors on cyber security compliance in organizations.

scholarly journals Examining the Impact of Technical Controls, Accountability and Monitoring towards Cyber Security Compliance in E-government Organisations

2021 ◽  
Author(s):  
Mohammed Alqahtani ◽  
Robin Braun
Keyword(s):  
Information Systems ◽  
Cyber Security ◽  
Social Systems ◽  
Monitoring And Evaluation ◽  
Employee Attitudes ◽  
Security Technology ◽  
Security Controls ◽  
Security Compliance ◽  
The Impact ◽  
Technical Measures

Abstract IT infrastructure and systems are made up of technical as well as social systems that work in alliance to ensure that organization's goals and objectives are met. Security controls and measures are developed and used to guard data and information systems of the organization. The breaches of Cyber security are primarily caused by the misuse of information systems and failure to comply with cyber security measures. Cyber security non-compliance is a major concern for organizations. For effective compliance and human acceptance of cyber security technology and complying with cyber practices, it is essential to ascertain, research, and examine the factors which contribute to the compliance and implementation of cyber security. This study has utilized an enhanced UTAUT2 i.e. Unified Theory of Acceptance and Use of Technology 2 model and assessed its relationship with cyber security compliance. Five new formal and informal factors that affect cyber security compliance in organizations are identified and evaluated. The research questions addressed are: how the formal factors of technical measures; accountability; monitoring and evaluation impact employee's behaviour towards cyber security compliance. The study comprises a correlational survey of employees working at e-government organizations in Saudi Arabia. Results indicate that there is a significant role play by technical measures; accountability; monitoring and evaluation, on employee attitudes and behaviour towards cyber security compliance.

scholarly journals Security Control Assessment of Supervisory Control and Data Acquisition for Power Utilities in Tanzania

2020 ◽  
Vol 5 (7) ◽  
pp. 785-789
Author(s):  
Job Asheri Chaula ◽  
Godfrey Weston Luwemba
Keyword(s):  
Data Acquisition ◽  
Supervisory Control ◽  
Cyber Security ◽  
Critical Infrastructure ◽  
Security Evaluation ◽  
Evaluation Tool ◽  
Security Vulnerabilities ◽  
Security Controls ◽  
Security Control ◽  
Security Compliance

The primary purpose of this research was to assess the adequacy and effectiveness of security control of the Supervisory Control and Data Acquisition (SCADA) communication network used by infrastructure companies. Initially, the SCADA networks were physically separated from other networks connected to the internet and hence assumed secure. However, the modern SCADA are now integrated with other network resulting in new security vulnerabilities and attacks similar to those found in traditional IT. Thus, it is important to reassess the security controls of the SCADA because it is operated in an open network environment. In this research, a case of the SCADA security controls in the power sector in Tanzania was assessed, whereby a specific SCADA implementation was studied. The data were gathered using observation, testing, interviews, questionnaire and documentation reviews. The results were analyzed using the Cyber Security Evaluation Tool (CSET) and checked for compliance based on the National Institute of Standards and Technology (NIST) and North America Electric Reliability Corporation (NERC) standards. The findings have shown that there exist security vulnerabilities both in security compliance of the standard and component-based vulnerabilities. Additionally, there is inadequate of audit and accountability, personnel security and system and information integrity. Also, for the component-based security compliance, the finding shows that identification and authentication, security management and audit and accountability. On the basis of the results, the research has indicated the areas that require immediate action in order to protect the critical infrastructure.

Resilience and transparency in social systems

Kybernetes ◽  
2019 ◽  
Vol 48 (4) ◽  
pp. 715-726 ◽  
Author(s):  
Dai Griffiths
Keyword(s):  
Organizational Design ◽  
Empirical Studies ◽  
Social Systems ◽  
Full Range ◽  
Social Environments ◽  
Content Type ◽  
Management Interventions ◽  
The Relationship ◽  
Practical Implications ◽  
Transparency And Accountability

Purpose This paper draws on the literature of cybernetics to argue that the resilience of organizations can be diminished by an unconsidered maximization of transparency and accountability. In doing so, it critically examines the concept of resilience and the relationship of resilience to neoliberalism. Design/methodology/approach A conceptual analysis of resilience is carried out at two levels. First, the use of the concepts of resilience, viability, transparency, accountability and neoliberalism is considered, together with the relationship between them. Second, the management interventions that result from the application of these related ideas are critiqued from the perspective of cybernetics and particularly of variety and black boxes. Findings It is shown that within complex social environments, the unconsidered imposition of transparency and accountability as a management strategy may constrain the resilience of the organizations and individuals rather than enhance it. The use of data analytics enhances this tendency. Research limitations/implications The theoretical analysis of the relationship between transparency and resilience offers a basis for carrying out empirical studies. Practical implications There are practical implications for organizational managers, employees and stakeholders, offering them a means of understanding the systemic threat posed by organizational design decisions which enhance transparency and accountability without taking into consideration the full range of interactions which act to maintain organizational viability. Social implications The analysis provides a rationale for resisting the imposition of social policies inspired by neoliberalism. Originality/value The bringing together of the concepts of resilience, neoliberalism, transparency and accountability, and their exposure to cybernetic analysis, provides a novel perspective on resilience, and new insights into way that organizations maintain their viability.

Generational perceptions at work: in-group favoritism and out-group stereotypes

2017 ◽  
Vol 36 (1) ◽  
pp. 33-53 ◽  
Author(s):  
Kelly Pledger Weeks ◽  
Matthew Weeks ◽  
Nicolas Long
Keyword(s):  
Baby Boomers ◽  
Generation X ◽  
Design Methodology ◽  
Life Balance ◽  
Content Type ◽  
Use Of Technology ◽  
Generational Perceptions ◽  
The Relationship ◽  
Practical Implications ◽  
Practical Recommendations

Purpose The purpose of this paper is to examine the relationship between stereotypes, in-group favoritism, and in-group bolstering effects across generations. Design/methodology/approach Based on the trends found in a qualitative study on generational stereotypes, questions on work ethic, work-life balance, and use of technology were administered to 255 participants identified as Millennials, Generation X, and Baby Boomers. Hypotheses predicted that with a strong stereotype, traditional in-group favoritism will not be found; however, an in-group bolstering effect will emerge. In the absence of a strong stereotype, traditional in-group favoritism is expected. Findings Generally, there was a strong stereotype that Baby Boomers are worse at technology than Generation X and Generation X is worse than Millennials. There was also a strong stereotype that Millennials do not do what it takes to get the job done as much as other generations. In the presence of these stereotypes, traditional in-group favoritism was not found, but in-groups bolstered themselves by rating themselves more favorably than other groups rated them. Although these findings did not hold for every item studied, there was moderate support for all three hypotheses. Practical implications As employees become aware of their biases, they can collaborate better with employees who are different than they are. Practical recommendations are suggested. Originality/value The paper applies theory of in-group favoritism to the perceptions of generational cohorts.

Are all innovation modes beneficial to firms’ innovation performance? New findings from an emerging market

2020 ◽  
Vol 14 (4) ◽  
pp. 1015-1034
Author(s):  
Shilei Hu ◽  
Xiaohong Wang ◽  
Ben Zhang
Keyword(s):  
Emerging Market ◽  
Innovation Performance ◽  
It Infrastructure ◽  
Content Type ◽  
Business Innovation ◽  
Innovation Modes ◽  
It Usage ◽  
The Impact ◽  
The Relationship ◽  
Practical Implications

Purpose This paper aims to examine the influence of individual and combined effects of the mode focused on scientific and technological-based innovation (STI) and the mode based on learning by doing, by using and by interacting (DUI) on firms’ innovation performance and whether information technology (IT) moderates the relation between different innovation modes and firms’ innovation performance. Design/methodology/approach A conceptual model linking innovation modes, IT (including IT infrastructure and the frequency of IT usage) and firms’ innovation performance was developed, and the proposed hypotheses were tested empirically using World Bank’s micro survey data collected from manufacturing firms in an emerging market (China). Findings The results show that individually both STI mode of innovation and DUI mode of innovation have a significant positive effect on firms’ innovative performance, whereas the combined STI and DUI mode of innovation has a negative impact. IT infrastructure moderates the relation between STI (or STI and DUI) mode of innovation and firms’ innovation performance, while the frequency of IT usage has no moderating effects on the relationship between any kind of innovation modes and firms’ innovation performance. Research limitations/implications Although some results are quite different from what is expected, these are insightful for both academics and policymakers. The use of cross-sectional data has its limitations. Therefore, future studies based on longitudinal data should be conducted. This study points toward the need to conduct the meta-analysis to better explain the existing inconsistencies in the findings of relevant quantitative studies. Practical implications This study provides firm managers with practical implications. The conclusions of this study imply that the impact of the combined STI and DUI mode of innovation is likely to be contextual, so firms should make contingent decisions on whether to engage in STI mode of innovation and DUI mode of innovation simultaneously according to their own organizational conditions. Moreover, face-to-face contacts are particularly important when a firm engages in DUI mode of innovation. In addition, the focus of IT strategy of firms engaged in STI mode of innovation should be on perfecting their IT infrastructure rather than increasing the frequency of IT usage. Originality/value This paper provides new evidence for the relation between business innovation modes and firms’ innovation performance, and it is one of the few empirical studies that focus on emerging markets. More importantly, this paper proposes a persuasive explanation framework for understanding the heterogeneous impacts of the combined STI and DUI mode of innovation on firms’ innovation performance. This is the first study that examines the moderating effect of IT on the relationship between business innovation modes and a firm’s innovation performance.

Toward an intellectual capital cyber security theory: insights from Lebanon

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Puzant Balozian ◽  
Dorothy Leidner ◽  
Botong Xue
Keyword(s):  
Information Systems ◽  
Intellectual Capital ◽  
Cyber Security ◽  
Theory Building ◽  
Content Type ◽  
Systems Security ◽  
Research Article ◽  
Compliance Behavior ◽  
Security Compliance ◽  
Practical Implications

PurposeIntellectual capital (IC) cyber security is a priority in all organizations. Because of the dearth in IC cyber security (ICCS) research theories and the constant call to theory building, this study proposes a theory of ICCS drawing upon tested empirical data of information systems security (ISS) theory in Lebanon.Design/methodology/approachAfter a pilot test, the authors tested the newly developed ISS theory using a field study consisting of 187 respondents, representing many industries, thus contributing to generalizability. ISS theory is used as a proxy for the development of ICCS theory.FindingsBased on a review of the literature from the past three decades in the information systems (IS) discipline and a discovery of the partial yet significant relevance of ISS literature to ICCS, this study succinctly summarized the antecedents and independent variables impacting security compliance behavior, putting the variables into one comprehensive yet parsimonious theoretical model. This study shows the theoretical and practical relevancy of ISS theory to ICCS theory building.Practical implicationsThis paper highlights the importance of ISS compliance in the context of ICCS, especially in the area of spoken knowledge in environments containing Internet-based security devices.Originality/valueThis research article is original, as it presents the theory of ICCS, which was developed by drawing upon a comprehensive literature review of the IS discipline and finding the bridges between the security of both IS and IC.

scholarly journals A cyber situational awareness model to predict the implementation of cyber security controls and precautions by SMEs

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Karen Renaud ◽  
Jacques Ophoff
Keyword(s):  
Situation Awareness ◽  
Cyber Security ◽  
Best Practice ◽  
Online Survey ◽  
Situational Awareness ◽  
Security Measures ◽  
Content Type ◽  
Resource Limitations ◽  
Security Controls ◽  
Practical Implications

PurposeThere is widespread concern about the fact that small- and medium-sized enterprises (SMEs) seem to be particularly vulnerable to cyberattacks. This is perhaps because smaller businesses lack sufficient situational awareness to make informed decisions in this space, or because they lack the resources to implement security controls and precautions.Design/methodology/approachIn this paper, Endsley’s theory of situation awareness was extended to propose a model of SMEs’ cyber situational awareness, and the extent to which this awareness triggers the implementation of cyber security measures. Empirical data were collected through an online survey of 361 UK-based SMEs; subsequently, the authors used partial least squares modeling to validate the model.FindingsThe results show that heightened situational awareness, as well as resource availability, significantly affects SMEs’ implementation of cyber precautions and controls.Research limitations/implicationsWhile resource limitations are undoubtedly a problem for SMEs, their lack of cyber situational awareness seems to be the area requiring most attention.Practical implicationsThe findings of this study are reported and recommendations were made that can help to improve situational awareness, which will have the effect of encouraging the implementation of cyber security measures.Originality/valueThis is the first study to apply the situational awareness theory to understand why SMEs do not implement cyber security best practice measures.

The Relationship Between Leader–Member Exchange and Employees’ Proactive Behaviors

2019 ◽  
Vol 18 (2) ◽  
pp. 106-111
Author(s):  
Fong-Yi Lai ◽  
Szu-Chi Lu ◽  
Cheng-Chen Lin ◽  
Yu-Chin Lee
Keyword(s):  
Hierarchical Linear Modeling ◽  
Future Research ◽  
Leader Member Exchange ◽  
Voice Behavior ◽  
Linear Modeling ◽  
Team Members ◽  
Member Exchange ◽  
Multi Temporal ◽  
The Relationship ◽  
Practical Implications

Abstract. The present study proposed that, unlike prior leader–member exchange (LMX) research which often implicitly assumed that each leader develops equal-quality relationships with their supervisors (leader’s LMX; LLX), every leader develops different relationships with their supervisors and, in turn, receive different amounts of resources. Moreover, these differentiated relationships with superiors will influence how leader–member relationship quality affects team members’ voice and creativity. We adopted a multi-temporal (three wave) and multi-source (leaders and employees) research design. Hypotheses were tested on a sample of 227 bank employees working in 52 departments. Results of the hierarchical linear modeling (HLM) analysis showed that LLX moderates the relationship between LMX and team members’ voice behavior and creative performance. Strengths, limitations, practical implications, and directions for future research are discussed.

Sign in / Sign up

Export Citation Format

Share Document