Gender Differences in Information Security Perceptions and Behaviour

Information security is of universal concern to computer users from all walks of life. Though gender differences in technology adoption are well researched, scant attention has been devoted to the study of gender differences in information security. We address this research gap by investigating how information security perceptions and behaviours vary between genders in a study involving 624 home users. The results reveal that females exhibit significantly lower overall levels of security behaviour than males. Furthermore, individual perceptions and behaviours in many cases also vary by gender. Our work provides evidence that gender effects should be considered when formulating information security education, training, and awareness initiatives. It also provides a foundation for future work to explore information security gender differences more deeply

Behavioral Approach to Information Security Policy Compliance

Information security is among the top organizational priorities. Theoretically, information security in socio-technical networks is as much of a behavioral issue as it is of a technical issue. Protection motivation theory (PMT), the dominant theory used to investigate end-user security behavior, though has shown conflicting results - primarily due to lack of contextualizing the theory to information security context from a healthcare context. In this paper, we outline a theoretically grounded conceptual model of the major factors influencing information security policy compliance. The model contextualizes the two independent variables of PMT. Threat appraisal evaluation is viewed as construal evaluation based on construal level theory, while coping appraisal evaluation is viewed as an outcome of training based on social cognitive theory. Overall, the model provides a well-grounded nomological network to better explain information security compliance behavior. The paper also outlines key managerial levers that can be used to influence end-user behavior

Seeing the forest and the trees: A meta-analysis of information security policy compliance literature

A rich stream of research has identified numerous antecedents to employee compliance with information security policies. However, the breadth of this literature and inconsistencies in the reported findings warrants a more in-depth analysis. Drawing on 25 quantitative studies focusing on security policy compliance, we classified 105 independent variables into 17 distinct categories. We conducted a meta-analysis for each category’s relationship with security policy compliance and then analyzed the results for possible moderators. Our results revealed a number of illuminating insights, including (1) the importance of categories associated with employees’ personal attitudes, norms and beliefs, (2) the relative weakness of the link between compliance and rewards/punishment, and (3) the enhanced compliance associated with general security policies rather than specific policies (e.g., anti-virus). These findings can be used as a reference point from which future scholarship in this area can be guided

How do employees learn security behavior? Examining the influence of individual cultural values and social learning on ISP compliance behavior.

Recent research on information security has recognized that cultural differences need to be considered, when explaining information security policy compliance behavior (ISPCB). There is also evidence that social mechanisms, such as social learning can influence ISPCB. What existing research has neglected is a relationship between such social mechanisms and their relation to employee’s individual cultural values to explain ISPCB, whereby current research shows that ISPCB as well as social learning are culture-dependent. This study examines (1) the impact of social learning on ISPCB and (2) the influence of cultural values on social learning mechanisms and their association with ISPCB. Our sample, consisting of employees related to information systems, confirm a connection between the mechanisms of SLT and ISPCB and their cultural dependence. In conclusion, we defined implication points of our theoretical research and practical recommendations. A description of future research suggestions concludes this paper

A Separate Phone to Work and Play: Protection Motivation Theory and Smartphone Security Behaviour

Smartphone security is a growing concern. In this study, we use of the Protection Motivation Theory (PMT) to explore users’ attitudes, perceptions and behaviours towards the security of their work provided and personal smartphones. Australian employees from an insurance company participated in in-depth semi-structured interviews focussed on their behaviours. Data was analysed using deductive and inductive thematic analysis, guided by PMT to explore the comparisons between personal and work devices. The main overarching theme was that people behave more safely on their work smartphones compared to on their personal smartphones. Results suggest that perceived vulnerability, perceived reward, response cost, self-efficacy and social influence largely contributed to a lack of protective behaviour displayed when using personal smartphones. Despite the safe behaviour reported for work smartphones, these behaviours appear to be motivated by organisational controls, rather than intrinsically. This research has applied implications for education, relevant to both personal and workplace contexts

Підвищення кібербезпеки транспорту в умовах деструктивного впливу на інформаційно-комунікаційні системи

The information and communication environment of transport (ICET) is focused on interaction with other sectors of the economy in order to reduce delays in shipping, handling of marine and river vessels, containers, wagons, vans through the use of electronic payment systems, "Client-Bank", etc. Possible failures, caused by cyber attacks in systems of such level of complexity require new research of information security (IS) of ICET with emphasis on accessibility, stability, and integrity of the information stored and processed in information systems (IS) and the automated control systems (ACS) of the transport industry.The paper presents the results of research aimed at developing cyber threat detection methods and models for ICET and enhancing their stability under formation of a single information space, introduction of new and modernization of existing IS and ACS in transport and increase in the number of destabilizing effects on the information availability, safety, and integrity. The method of intelligent cyber threat detection based on discrete procedures using the apparatus of logic functions and fuzzy sets is proposed. It will improve the cyber attack detection efficiency, and can also be used to design new hardware and software solutions for systems of cyber defense of ICET.Для повышения информационной безопасности транспортных систем необходимо проводить исследования, направленные на дальнейшее развитие методов и моделей распознавании киберугроз информационно-коммуникационной среде транспорта (ИКСТ) и принятия решений при нечетко заданной входной информации. Предложен новый подход принятия решений для обеспечения кибербезопасности информационных систем наземного транспорта. Рассмотрен случай киберзащиты на основе нечеткого регрессионного механизма логического вывода для системы поддержки принятия решений с нечеткими исходными данными.Для підвищення інформаційної безпеки транспортних систем необхідно проводити дослідження, які спрямовані на подальший розвиток методів та моделей розпізнаванні кіберзагроз інформаційно-комунікаційному середовищу транспорту (ІКСТ) та прийняття рішень при нечітко заданій вхідній інформації. Запропонований новий підхід прийняття рішень для забезпечення кібербезпеки інформаційних систем наземного транспорту. Розглянуто випадок кіберзахисту ІКСТ на основі нечіткого регресійного механізму логічного висновку для системи підтримки прийняття рішень з нечіткими початковими даними

Sharing but caring: Location based mobile applications (LBMA) and privacy protection motivation

Location based mobile applications (LBMA) are developing rapidly with the increasing adoption of smartphones. These applications advantage userś location to provide products or services based on information obtained from their smart devices. However, implementation and execution of these services may raise userś privacy concerns related to sensitive information being handled. In this context, this paper examines the factors that motivate users and lead them to protect their privacy while using LBMA. It also considers potential benefits they could encounter and thus enable their privacy trade. The model proposed is based on Protection Motivation Theory (PMT) and tested through a variance-based Structural Equations Modelling approach. Data were obtained through an online survey with 820 participants. Findings reveal that perceived severity, perceived vulnerability and self-efficacy exert a positive effect on the intention of privacy protection, which in turn is found to be positively related to the behavior of protecting privacy.Spanish Ministry of Economics, Industry and Competitiveness under the grant ECO2017-82449-PFunding for open access charge: Universidad de Granada / CBU

Dampak Teknologi E-Logistic SCM Terhadap Distributor Busana di Pontianak Selatan

Supply Chain Management menjadi salah satu perkembangan inti dari aktivitas organisasi. Dalam berbagai referensi SCM, utilisasi internet dan e-logistic melalui third party logistics mendukung upaya efisiensi supply chain, tetapi berpotensi mengancam rantai distributor. Menimbang kurangnya penelitian sebelumnya di Kalimantan Barat dan Pontianak khususnya, penelitian ini berupaya menjawab pertanyaan bagaimana dampak dari perkembangan SCM dan e-logistics secara praktik dalam rantai distributor di Pontianak Selatan. Metode kualitatif dengan pertanyaan semi terstruktur diutilitasi untuk penelitian. Penelitian mengacu pada teori Protection Motivation Theory untuk membahas dampak perkembangan SCM maupun penerimaan teknologi e-logistic. Alat analisis data menggunakan NVivo 12. Hasil menunjukkan bahwa perkembangan SCM mempengaruhi bisnis distributor dan terdapat persiapan yang unik di antara distributor dalam mengatasi dampak tersebut

Uncovering the Critical Drivers of Blockchain sustainability in higher education using a deep learning-based hybrid SEM-ANN approach

The increasing popularity of Blockchain technology has led to its adoption in various sectors, including higher education. However, the sustainability of Blockchain in higher education is yet to be fully understood. Therefore, this research examines the determinants affecting Blockchain sustainability by developing a theoretical model that integrates the protection motivation theory (PMT) and expectation confirmation model (ECM). Based on 374 valid responses collected from university students, the proposed model is evaluated through a deep learning-based hybrid structural equation modeling (SEM) and artificial neural network (ANN) approach. The PLS-SEM results confirmed most of the hypotheses in the proposed model. The sensitivity analysis outcomes discovered that users’ satisfaction is the most important factor affecting Blockchain sustainability, with 100% normalized importance, followed by perceived usefulness (58.8%), perceived severity (12.1%), and response costs (9.2%). The findings o