The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Traditional studies on security have been based on the assumption that users would feel the sense of security when provided with objectively secure systems. In this research, we investigate users' subjective sense of security, which we call An shin in Japanese. We conducted surveys on An shin to the users of information security technology without technical knowledge. In order to deduce reasonable...
This paper describes the application of Group Support Systems (GSS) in the field of Business Information Security Governance (BISG). The focus is on longitudinal small team collaboration -- for instance within Boards of Directors (BoD) and groups of experts -- with large amounts of items. Apart from this focus on small groups, there is an operational link to the Information Security Management cycle...
The current and emerging security threats poses a variety of security risks to e-government services. The Tanzanian national e-government strategy recognizes the importance and use of e-government maturity models (eGMMs) as a tool for guiding and benchmarking e-government implementation and service delivery. However, the models lack security services (technical and non-technical) in their maturity...
Earlier work describes computational models of critical infrastructure that allow an analyst to estimate the security of a system in terms of the impact of loss per stakeholder resulting from security breakdowns. Here, we consider how to identify, monitor and estimate risk impact and probability for different smart grid stakeholders. Our constructive method leverages currently available standards...
The present research investigates the influence of culture on telemedicine adoption and patient information privacy, security, and policy. The results, based on the SEM analysis of the data collected in the United States, demonstrate that culture plays a significant role in telemedicine adoption. The results further show that culture also indirectly influences telemedicine adoption through information...
While organizations are making a considerable effort to leverage formal and informal control mechanisms (e.g., policies, procedures, organizational culture) to improve security, their impact and effectiveness is under scrutiny as employees seldom comply with information security procedures. Drawing upon Griffin and Neal's safety climate and performance model, we develop an information security climate...
Today's organizations are highly dependent on information management and processes. Information security is one of the top issues for researchers and practitioners. In literature, there is consent that employees are the weakest link in IS security. A variety of researchers discuss planations for employees' security related awareness and behavior. This paper presents a theory-based literature review...
Passwords remain the dominant authentication mechanism for information security. Unfortunately, research has shown that most passwords are highly insecure. Given the risks of using weak passwords, there is a need to effectively motivate users to select strong passwords. In this study we examine the influence of interactivity, as well as static and interactive fear appeals, on motivating users to increase...
Lack of compliance with organizational information security policies (ISPOs) is a widespread organizational issue that increasingly bears very large direct and qualitative costs. The purpose of our study was to explain the causes of tensions within organizations to either comply with new ISPOs or react negatively against them. To do so, we proposed an innovative model, which pits organizational control...
Information security policy compliance (ISP) is one of the key concerns that face organizations today. Although technical and procedural measures help improve information security, there is an increased need to accommodate human, social and organizational factors. Despite the plethora of studies that attempt to identify the factors that motivate compliance behavior or discourage abuse and misuse behaviors,...
Regulatory compliance and data security are important objectives for IT managers. Building on the resource-based view, this study examines the impact of IT security resources, functional capabilities, and managerial capabilities on regulatory compliance and data security. Using binomial and multinomial log it models, we analyze data from 250 healthcare organizations. The results show that IT security...
Researchers and practitioners of Information Systems Security (ISS) operate semi-disconnected. Standards and frameworks born out of the cumulated best-practice experiences have filled this gap. But without the rigor of the scientific process their validity is in question. To aid in building the required scientific foundation, existing empirical evidence needs to be processed further than the scope...
A major concern for IS managers is that information security policies seldom produce expected outcomes. Previously, scholars have studied motivations underlying non-conformance to policies and proposed approaches for motivating employees. However, the socio-cognitive aspects that shape employees' perceptions of the policies and implications for policy outcomes have received modest attention. This...
Organizations are investing substantial resources in technical security measures that aim at preventively protecting their information assets. The way management -- or information security executives -- deals with potential security measures varies individually and depends on personality traits and cognitive factors. Based on the Theory of Planned Behavior, we examine the relationship between the...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.