Search results

1 – 10 of 14
Per page
102050
Citations:
Loading...
Access Restricted. View access options
Article
Publication date: 14 September 2010

Kosheek Sewchurran, Derek Smith and Dewald Roode

The paper aims to paper an overview of a completed doctoral thesis which pursued the development of underlying theory (ontology) to give coherence to research in the information…

1206

Abstract

Purpose

The paper aims to paper an overview of a completed doctoral thesis which pursued the development of underlying theory (ontology) to give coherence to research in the information systems (IS) project management space.

Design/methodology/approach

As a result of the considerable concern about a lack of underlying theory in project management the author has chosen to investigate the development of underlying theory to serve as a regional ontology to give debates undertaken to improve IS project management coherence. The thesis is a critical interpretive a priori effort. In the pursuit of the goal of developing a regional ontology, the notions, concepts and theories related to existentialism and social construction were investigated. These were investigated because the research literature places considerable emphasis on the need to understand as‐lived project experiences.

Findings

One of the significant outcomes that results from this research is the development of a proposed regional ontology. This was achieved by fusing the theories of Heidegger's Dasein, Bourdieu's “Theory of practice” and Maturana and Varela's “Theory of living systems”. The regional ontology is a consolidation of the various concepts defined by these researchers. These theories complement each other to give rise to a relational model of social construction which also has related phenomenological, existential and biological perspectives.

Practical implications

The proposed ontology was interpreted using the popular alternatives that have recently emerged alongside the established best practices such as project management body of knowledge. The perspectives of complex, responsive processes of relating, the temporary organisation, agility and organisational becoming were reviewed using the regional ontology. The interpretation process illustrated that the regional ontology is able to provide a more fundamental and coherent context to subsume and delimit these emerging new frames.

Originality/value

The thesis also discusses the researcher's view of contemporary project management practice that accords with the regional ontology principles. Through argument and the contemporary context of IS project management practice that was sketched, the principles of the regional ontology are illuminated. Through this process it was possible to claim that established best practice modes of education should not exist in isolation but should instead be situated within a wider analogical context that embraces the values of learning, becoming and innovating.

Details

International Journal of Managing Projects in Business, vol. 3 no. 4
Type: Research Article
ISSN: 1753-8378

Keywords

Access Restricted. View access options
Article
Publication date: 1 March 2002

Brian O’Donovan and Dewald Roode

The debate about the emerging discipline of IS has been continuing at least since Banville and Landry questioned the possibility of “disciplining” MIS in 1989. Recent papers such…

1306

Abstract

The debate about the emerging discipline of IS has been continuing at least since Banville and Landry questioned the possibility of “disciplining” MIS in 1989. Recent papers such as those in the book by Mingers and Stowell introduce fresh viewpoints and reopen the discussion along a new frontier. It would appear that an ontological framework to define a discipline could assist in making sense of what it is that information systems are all about. To this end, we develop a framework which derives from Heidegger’s concept of a regional ontology informed by the fundamental ontology of Dasein. This framework draws from Heidegger’s work and contends that a discipline also has Dasein’s kind of being. Following Heidegger, we arrive at a static model of a discipline in which the two constitutive parts are the cultural structure and the context of significance. A discipline is a totality, which emerges from and integrates these two components which are simultaneously irreducible to one another, and nonseparable in the whole. We then utilise Heidegger’s four ways of being, to show how change in a discipline can be incorporated in the framework. Finally, we reflect on how the framework could contribute towards the understanding of the discipline of information systems.

Details

Information Technology & People, vol. 15 no. 1
Type: Research Article
ISSN: 0959-3845

Keywords

Available. Content available
Article
Publication date: 1 March 2002

208

Abstract

Details

Information Technology & People, vol. 15 no. 1
Type: Research Article
ISSN: 0959-3845

Available. Open Access. Open Access
Article
Publication date: 20 September 2021

Kavya Sharma, Xinhui Zhan, Fiona Fui-Hoon Nah, Keng Siau and Maggie X. Cheng

Phishing attacks are the most common cyber threats targeted at users. Digital nudging in the form of framing and priming may reduce user susceptibility to phishing. This research…

5239

Abstract

Purpose

Phishing attacks are the most common cyber threats targeted at users. Digital nudging in the form of framing and priming may reduce user susceptibility to phishing. This research focuses on two types of digital nudging, framing and priming, and examines the impact of framing and priming on users' behavior (i.e. action) in a cybersecurity setting. It draws on prospect theory, instance-based learning theory and dual-process theory to generate the research hypotheses.

Design/methodology/approach

A 3 × 2 experimental study was carried out to test the hypotheses. The experiment consisted of three levels for framing (i.e. no framing, negative framing and positive framing) and two levels for priming (i.e. with and without priming).

Findings

The findings suggest that priming users to information security risks reduces their risk-taking behavior, whereas positive and negative framing of information security messages regarding potential consequences of the available choices do not change users' behavior. The results also indicate that risk-averse cybersecurity behavior is associated with greater confidence with the action, greater perceived severity of cybersecurity risks, lower perceived susceptibility to cybersecurity risks resulting from the action and lower trust in the download link.

Originality/value

This research shows that digital nudging in the form of priming is an effective way to reduce users' exposure to cybersecurity risks.

Details

Organizational Cybersecurity Journal: Practice, Process and People, vol. 1 no. 1
Type: Research Article
ISSN: 2635-0270

Keywords

Access Restricted. View access options
Article
Publication date: 18 February 2021

Hao Chen, Ofir Turel and Yufei Yuan

Electronic waste (e-waste) such as discarded computers and smartphones may contain large amounts of confidential data. Improper handling of remaining information in e-waste can…

885

Abstract

Purpose

Electronic waste (e-waste) such as discarded computers and smartphones may contain large amounts of confidential data. Improper handling of remaining information in e-waste can, therefore, drive information security risk. This risk, however, is not always properly assessed and managed. The authors take the protection motivation theory (PMT) lens of analysis to understand intentions to protect one's discarded electronic assets.

Design/methodology/approach

By applying structural equation modeling, the authors empirically tested the proposed model with survey data from 348 e-waste handling users.

Findings

Results highlight that (1) protection intention is influenced by the perceived threat of discarding untreated e-waste (a threat appraisal) and self-efficacy to treat the discarded e-waste (a coping appraisal) and (2) optimism bias plays a dual-role in a direct and moderating way to reduce the perceived threat of untreated e-waste and its effect on protection intentions.

Originality/value

Results support the assertions and portray a unique theoretical account of the processes that underline people's motivation to protect their data when discarding e-waste. As such, this study explains a relatively understudied information security risk behavior in the e-waste context, points to the role of optimism bias in such decisions and highlights potential interventions that can help to alleviate this information security risk behavior.

Details

Information Technology & People, vol. 35 no. 2
Type: Research Article
ISSN: 0959-3845

Keywords

Access Restricted. View access options
Article
Publication date: 16 February 2021

Jeffrey D. Wall and Prashant Palvia

The authors seek to understand the formation of control- and security-related identities among organizational employees through and interpretive narrative analysis. The authors…

873

Abstract

Purpose

The authors seek to understand the formation of control- and security-related identities among organizational employees through and interpretive narrative analysis. The authors also seek to identify how the identities form over time and across contexts. Several identities are identified as well as the changes that may occur in the identities.

Design/methodology/approach

Few interpretive or critical studies exist in behavioral information security research to represent employee perspectives of power and control. Using qualitative interviews and narrative analysis of the interview transcripts, this paper analyzes the security- and control-related identities and values that employees adopt in organizational settings.

Findings

Two major categories of behavioral security compliance identities were identified: compliant and noncompliant. Specific identities within the compliant category included: faithful follower vs the reasoned follower, and other-preserving versus the self-preserving identities. The noncompliant category included: anti-authority identity, utilitarian identity, trusting identity and unaware identity. Furthermore, three patterns of identity changes were observed.

Research limitations/implications

The authors’ narrative stories suggest that employee identities are complex and multi-faceted, and that they may be fluid and adaptive to situational factors. Future research should avoid assumptions that all employees are the same or that employee beliefs remain constant over time or in different contexts. Identities are also strongly rooted in individuals' rearing and other life experiences. Thus, security control is far broader than is studied in behavioral studies. The authors find that history matters and should be examined carefully.

Practical implications

The authors’ study provides insights that managers can use to enhance security initiatives. It is clear that different employees build different control-related identities. Managers must understand that their employees are unique and will not all respond to policies, punishments, and other forms of control in the same way. The narratives also suggest that many organizations lack appropriate programs to enhance employees' awareness of security issues.

Originality/value

The authors’ narrative analysis suggests that employee security identities are complex and multi-faceted, and that they are fluid and adaptive to situational factors. Research should avoid assumptions that all employees are the same or that their beliefs remain constant over time or in different contexts. Identities are also strongly rooted in individuals' rearing and other life experiences. Their history matters and should be examined carefully.

Details

Information Technology & People, vol. 35 no. 1
Type: Research Article
ISSN: 0959-3845

Keywords

Access Restricted. View access options
Article
Publication date: 16 July 2024

Xiaoguang Tian

The purpose of this study is to comprehensively explore the password manager adoption landscape, delving into crucial factors such as performance, trust, social influence…

110

Abstract

Purpose

The purpose of this study is to comprehensively explore the password manager adoption landscape, delving into crucial factors such as performance, trust, social influence, self-efficacy, risk perception, security concerns, enjoyment and facilitating conditions. It also aims to contribute meaningful insights to security product research and practice.

Design/methodology/approach

A survey was used to investigate the characteristics of adoption intention for password managers. In total, 156 participants from a public university located in the Midwest region of the USA voluntarily completed the survey. Partial least squares structural equation modeling was used to estimate and validate causal relationships and the proposed research model.

Findings

Through empirical validation, this study demonstrates that constructs such as social influence, web-specific self-efficacy and perceived risk directly impact trust in password managers. Facilitating conditions and perceived security controls are identified as direct influencers on performance expectancy, deviating from the pathways of the traditional framework. Moreover, the model introduces novel elements crucial for comprehending password manager adoption, including “web-specific self-efficacy” and “perceived security control.”

Originality/value

The paper systematically reviews existing research on password managers, shedding light on crucial factors significantly influencing adoption behavior. By introducing deviations from conventional frameworks and theories, the study emphasizes the innovative nature of its model. It also formulates strategies to catalyze wider adoption and promote effective design of password managers, increasing user engagement rates.

Details

Information & Computer Security, vol. 33 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

Access Restricted. View access options
Article
Publication date: 11 September 2024

Israa Abuelezz, Mahmoud Barhamgi, Armstrong Nhlabatsi, Khaled Md. Khan and Raian Ali

The aim of this study is to investigate how the demographics and appearance cues of potential social engineers influence the likelihood that targets will trust them and accept…

28

Abstract

Purpose

The aim of this study is to investigate how the demographics and appearance cues of potential social engineers influence the likelihood that targets will trust them and accept security risk.

Design/methodology/approach

Data were collected through an online survey of 635 participants, including 322 participants from Arab countries and 313 participants from the UK. The survey presented scenarios with 16 personas who offered participants the use of their mobile internet hotspot. These personas were characterized by combinations of age (young vs aged), gender (male vs female), ethnicity (Arab vs UK) and look formality (casual vs formal). The study measured both participants’ offer acceptance and trust in the persona.

Findings

Results indicated a higher likelihood of offer acceptance from female and aged personas, as well as a greater trust in these groups. Arab participants showed a preference for personas with Arabian ethnic features. In both samples, trust and acceptance were influenced by the persona’s appearance, which was found to be gender-dependent; with female personas in casual attire and male personas in formal attire being trusted more in comparison to female with formal attire and male with informal, respectively.

Practical implications

Findings highlight the importance of incorporating awareness of appearance-based biases in cybersecurity training, suggesting the need for culturally sensitive training programs to enhance defense against social engineering.

Originality/value

This study distinguishes itself by elucidating the influence of social engineers’ demographic and appearance cues on the likelihood of individuals to take security risks, thus addressing a significant gap in the literature which has traditionally emphasized the profiles of targets.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

Access Restricted. View access options
Article
Publication date: 28 May 2024

Naurin Farooq Khan, Hajra Murtaza, Komal Malik, Muzammil Mahmood and Muhammad Aslam Asadi

This research aims to understand the smartphone security behavior using protection motivation theory (PMT) and tests the current PMT model employing statistical and predictive…

199

Abstract

Purpose

This research aims to understand the smartphone security behavior using protection motivation theory (PMT) and tests the current PMT model employing statistical and predictive analysis using machine learning (ML) algorithms.

Design/methodology/approach

This study employs a total of 241 questionnaire-based responses in a nonmandated security setting and uses multimethod approach. The research model includes both security intention and behavior making use of a valid smartphone security behavior scale. Structural equation modeling (SEM) – explanatory analysis was used in understanding the relationships. ML algorithms were employed to predict the accuracy of the PMT model in an experimental evaluation.

Findings

The results revealed that the threat-appraisal element of the PMT did not have any influence on the intention to secure smartphone while the response efficacy had a role in explaining the smartphone security intention and behavior. The ML predictive analysis showed that the protection motivation elements were able to predict smartphone security intention and behavior with an accuracy of 73%.

Research limitations/implications

The findings imply that the response efficacy of the individuals be improved by cybersecurity training programs in order to enhance the protection motivation. Researchers can test other PMT models, including fear appeals to improve the predictive accuracy.

Originality/value

This study is the first study that makes use of theory-driven SEM analysis and data-driven ML analysis to bridge the gap between smartphone security’s theory and practice.

Details

Information Technology & People, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 0959-3845

Keywords

Access Restricted. View access options
Article
Publication date: 17 April 2024

Hassan Jamil, Tanveer Zia, Tahmid Nayeem, Monica T. Whitty and Steven D'Alessandro

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However…

440

Abstract

Purpose

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.

Design/methodology/approach

The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.

Findings

The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.

Originality/value

The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.

Details

Information & Computer Security, vol. 33 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

1 – 10 of 14
Per page
102050