9 research outputs found
a qualitative research amongst ICT professionals
Ruivo, P., Santos, V., & Oliveira, T. (2014). Data protection in services and support roles: a qualitative research amongst ICT professionals. In CENTERIS 2014 - Conference On Enterprise Information Systems / Projman 2014 - International Conference On Project Management / Hcist 2014 - International Conference On Health And Social Care Information Systems And Technologies (Vol. 16, pp. 710-717). (Procedia Technology). DOI: 10.1016/j.protcy.2014.10.020Customers expect their data to be protected and not used in a manner inconsistent. The protection of their data is paramount to customers, and they evaluate ICTs in part on how well they handle and protect it from being stolen or used improperly. In many industries customers are specifically mandated to evaluate how ICTs firms protects their data. When customers create an account with ICTs firms, or use their services, they expect that a set of specific rules around how ICTs are used to manage their information. This qualitative research studied which recommendations service and support professionals should follow in their daily tasks to ensure customer data protection. It present 12 recommendations: Data classification (three categories: low, medium and high business impact), Encryption security tools, Password protection, Services tools for data collection and storage, Who access data, How many access data, Testing customer data, Geographic rules, Data retention, Data minimization, Escalating issues, and Readiness and training. This paper is intended to help ICTs how to apply key data protection principles on their daily work. Provides important data protection recommendations that ICTs are expected to apply when handle customer data. By handling customer data safely, ICTs firms build trust and loyalty.publishersversionpublishe
combining traditional interviews with delphi method
Ruivo, P., Santos, V., & Oliveira, T. (2019). Success factors for data protection in services and support roles: combining traditional interviews with delphi method. In Censorship, Surveillance, and Privacy: Concepts, Methodologies, Tools, and Applications (Vol. 2, pp. 814-829). IGI Global. DOI: 10.4018/978-1-5225-7113-1.ch042The transformation of todayâs information and communications technology (ICT) firms requires the services and support organizations to think differently about customers data protection. Data protection represents one of the security and privacy areas considered to be the next âblue oceanâ in leveraging the creation of business opportunities. Based in contemporary literature, the authors conducted a two phasesâ qualitative methodology - the expertâs interviews and Delphi method to identify and rank 12 factors on which service and support professionals should follow in their daily tasks to ensure customer data protection: 1) Data classification, 2) Encryption, 3) Password protection, 4) Approved tools, 5) Access controls, 6) How many access data, 7) Testing data, 8) Geographic rules, 9) Data retention, 10) Data minimization, 11) Escalating issues, and 12) Readiness and training. This paper contribute to the growing body of knowledge of data protection filed. The authors provide directions for future work for practitioners and researchers.authorsversionpublishe
Privacy through security: policy and practice in a small-medium enterprise.
The chapter discusses how one small business planned for, and implemented, the security of its data in a new enterprise-wide system. The companys data was perceived as sensitive, and any breach of privacy as commercially critical. From this perspective, the chapter outlines the organizational and technical facets of the policies and practices evidenced. Lessons for other businesses can be drawn from the case by recognizing the need for investments to be made that will address threats in business critical areas. By highlighting the need for organizations to understand the nature of the risk and the probability of an event occurring, the security approaches highlight the need to address both the threats and actions in the event of an incident to reduce the risk to privacy
THE INVESTIGATION OF THE FACTORS ASSOCIATING CONSUMERSâ TRUST IN E-COMMERCE ADOPTION
The success of electronic commerce significantly depends on providing security and
privacy for its consumersâ sensitive personal information. Consumersâ lack of
acceptance in electronic commerce adoption today is not merely due to the concerns
on security and privacy of their personal information, but also lack of trust and
reliability of web vendors. Consumersâ trust in online transactions is crucial for the
continuous growth and development of electronic commerce. Since Business to
Consumer (B2C) e-commerce requires the consumers to engage the technologies, the
consumers face a variety of security risks. This study addressed the role of security,
privacy and risk perceptions of consumers to shop online in order to establish a
consensus among them. The findings provided reliability, factors analysis for the
research variables and for each of the studyâs research constructs, correlations as well
as regression analyses for both non-online purchasersâ and online purchasersâ
perspectives, and structural equation modeling (SEM) for overall model fit. The
overall model was tested by AMOS 18.0 and the hypothesis, assumptions for SEM
and descriptive statistics were analyzed by SPSS 12.0.
The empirical results of the first study indicated that there were poor correlations
existed between consumersâ perceived security and consumersâ trust as well as
between consumersâ perceived privacy and consumersâ trust regarding e-commerce
transactions. However, the construct of perceived privacy manifested itself primarily
through perceived security and trustworthiness of web vendors. While trustworthiness
of web vendors was a critical factor in explaining consumersâ trust to adopt ecommerce,
it was important to pay attention to the consumersâ risk concerns on ecommerce
transactions. It was found that economic incentives and institutional trust
had no impact on consumersâ perceived risk.
Findings from the second study indicated that perceived privacy was still to be the
slight concern for consumersâ trust in e-commerce transactions, though poor
vi i
relationships or associations existed between perceived security and consumersâ trust,
between trustworthiness of web vendors and consumersâ trust, and between perceived
risk and consumersâ trust. The findings also showed that the construct of perceived
privacy manifested itself primarily through perceived security and trustworthiness of
web vendors. It was found that though economic incentives influenced a consumersâ
perceived risk in online transactions, institutional trust had no impact on consumersâ
perceived risk.
Overall findings suggested that consumersâ perceived risk influenced their trust in
e-commerce transactions, while the construct of perceived privacy manifested itself
primarily through perceived security as well as trustworthiness of web vendors. In
addition, though economic incentives had no impact on consumersâ perceived risk,
institutional trust influenced a consumersâ perceived risk in online transactions. The
findings also suggested that economic incentives and institutional trust had
relationships or associations with consumersâ perceived privacy.
The findings from this research showed that consumersâ perceived security and
perceived privacy were not mainly concerned to their trust in e-commerce
transactions though consumersâ perceived security and perceived privacy might
slightly influence on the trustworthiness of web vendors in dealing with online store
sites abroad. Furthermore, consumersâ perceptions on the trustworthiness of web
vendors were also related to their perceived risks and the concern about privacy was
also addressed to perceived risks.
Index terms: Perceived security; perceived privacy; perceived risk; trust;
consumersâ behaviour; SE
AnĂĄlisis bibliomĂ©trico de la producciĂłn cientĂfica sobre EconomĂa Experimental
La EconomĂa Experimental (EE) es un mĂ©todo de trabajo de la EconomĂa del
comportamiento que desarrolla modelos teĂłricos de comportamiento humano en
ĂĄmbitos econĂłmicos. Los experimentos econĂłmicos tienen ya una larga tradiciĂłn, y
han proporcionado resultados espectaculares y conclusiones ampliamente
admitidas sobre la dinĂĄmica de mercados y el efecto de las instituciones
econĂłmicas. Las nuevas tecnologĂas facilitan la realizaciĂłn y el anĂĄlisis de estos
experimentos. El objetivo principal de este estudio es la revisiĂłn sistemĂĄtica de la
producciĂłn cientĂfica sobre EconomĂa Experimental, desde el año 1990 hasta finales
de 2021, en las bases de datos de Web of Science Core Collection y Scopus. El
anĂĄlisis descriptivo de datos se realizĂł con el software Rstudio, mientras que el
anĂĄlisis de redes se hizo con el software Vosviewer. El estudio muestra, entre otras
cosas, que la producciĂłn bibliogrĂĄfica en este campo se ha intensificado
exponencialmente; asĂ como, que el paĂs con mĂĄs investigaciones es Estados
Unidos y el autor mĂĄs citado es Urs Fischbacher.Experimental Economics (EE) is a working method of behavioral economics that
develops theoretical models of human behavior in economic settings. Economic
experiments have a long tradition, and have provided spectacular results and widely
accepted conclusions about market dynamics and the effect of economic institutions.
New technologies facilitate the conduct and analysis of these experiments. The main
objective of this study is the systematic review of the scientific production on
Experimental Economics, from 1990 to the end of 2021, in the Web of Science Core
Collection and Scopus databases. Descriptive data analysis was performed with
Rstudio software, while network analysis was performed with Vosviewer software.
The study shows, among other things, that the bibliographic production in this field
has intensified exponentially; as well as, that the country with the most research is
2
the United States and the most cited author is Urs Fischbacher.Universidad de Sevilla. Doble Grado en MatemĂĄticas y EstadĂstic
THE INVESTIGATION OF THE FACTORS ASSOCIATING CONSUMERSâ TRUST IN E-COMMERCE ADOPTION
The success of electronic commerce significantly depends on providing security and
privacy for its consumersâ sensitive personal information. Consumersâ lack of
acceptance in electronic commerce adoption today is not merely due to the concerns
on security and privacy of their personal information, but also lack of trust and
reliability of web vendors. Consumersâ trust in online transactions is crucial for the
continuous growth and development of electronic commerce. Since Business to
Consumer (B2C) e-commerce requires the consumers to engage the technologies, the
consumers face a variety of security risks. This study addressed the role of security,
privacy and risk perceptions of consumers to shop online in order to establish a
consensus among them. The findings provided reliability, factors analysis for the
research variables and for each of the studyâs research constructs, correlations as well
as regression analyses for both non-online purchasersâ and online purchasersâ
perspectives, and structural equation modeling (SEM) for overall model fit. The
overall model was tested by AMOS 18.0 and the hypothesis, assumptions for SEM
and descriptive statistics were analyzed by SPSS 12.0.
The empirical results of the first study indicated that there were poor correlations
existed between consumersâ perceived security and consumersâ trust as well as
between consumersâ perceived privacy and consumersâ trust regarding e-commerce
transactions. However, the construct of perceived privacy manifested itself primarily
through perceived security and trustworthiness of web vendors. While trustworthiness
of web vendors was a critical factor in explaining consumersâ trust to adopt ecommerce,
it was important to pay attention to the consumersâ risk concerns on ecommerce
transactions. It was found that economic incentives and institutional trust
had no impact on consumersâ perceived risk.
Findings from the second study indicated that perceived privacy was still to be the
slight concern for consumersâ trust in e-commerce transactions, though poor
vi i
relationships or associations existed between perceived security and consumersâ trust,
between trustworthiness of web vendors and consumersâ trust, and between perceived
risk and consumersâ trust. The findings also showed that the construct of perceived
privacy manifested itself primarily through perceived security and trustworthiness of
web vendors. It was found that though economic incentives influenced a consumersâ
perceived risk in online transactions, institutional trust had no impact on consumersâ
perceived risk.
Overall findings suggested that consumersâ perceived risk influenced their trust in
e-commerce transactions, while the construct of perceived privacy manifested itself
primarily through perceived security as well as trustworthiness of web vendors. In
addition, though economic incentives had no impact on consumersâ perceived risk,
institutional trust influenced a consumersâ perceived risk in online transactions. The
findings also suggested that economic incentives and institutional trust had
relationships or associations with consumersâ perceived privacy.
The findings from this research showed that consumersâ perceived security and
perceived privacy were not mainly concerned to their trust in e-commerce
transactions though consumersâ perceived security and perceived privacy might
slightly influence on the trustworthiness of web vendors in dealing with online store
sites abroad. Furthermore, consumersâ perceptions on the trustworthiness of web
vendors were also related to their perceived risks and the concern about privacy was
also addressed to perceived risks.
Index terms: Perceived security; perceived privacy; perceived risk; trust;
consumersâ behaviour; SE
A framework for the implementation of B2C e-commerce in Saudi Arabia : a comparative study of Saudis living in Saudi Arabia and those living in the UK, and the perception of Saudi companies
In this digital technology era, e-commerce (EC) has revolutionised the way people engage in business activities. Users now enjoy tremendous advantages, such as buying and selling between multiple parties at different levels of business through computers and smart devices, regardless of their geographical locations, thereby being provided with better choices and prices. However, EC brings its own challenges and users face unknown risks when moving to the digital market. Some countries have been quicker in providing the necessary requirements for the expansion of EC and helped in addressing usersâ worries about trust and fraud. Others have been slow in adopting EC, and both customers and business are missing considerable opportunities. In general, EC is well adopted and used in the advanced countries but struggles to take off in developing countries. Saudi Arabia (SA) is one such country.This study has developed a theoretical framework appropriate to the implementation of Business to Customer (B2C) EC in Saudi Arabia, after reviewing the literature on B2C EC, and testing several factors pertinent to the Saudi Arabian context. The researcher has adopted a novel approach by securing the perceptions of Saudi nationals living in Saudi Arabia and those living in the UK with a view to appreciating the differences and learning from the experience of these two communities. Additionally, the researcher conducted a survey of a sample of Saudi companies to understand their views and aspirations in adopting B2C EC. Data was collected using mixed methods and embracing both quantitative and qualitative research methods. The data was collected in Saudi Arabia via a questionnaire survey of 606 Saudi nationals, and in the UK from 169 questionnaires and interviews with 25 companies. The questionnaire responses were analysed quantitatively by descriptive and statistical methods (percentages and t-test for two independent samples), and the findings were validated by the interview data. From the results, the theoretical framework was developed, thus allowing for an understanding of Saudi customersâ attitudes towards online shopping in the two different environments of B2C EC (SA as a developing country and the UK as a developed country) to be gained. The influence of different environmental variables upon customer choice is seen as significant variations occurred in the two different environments. The framework is potentially useful for policy-makers, the commercial sector, and the government in SA. Hence, the research contributes to knowledge about the key differences in customer behaviour toward B2C EC in SA. The study signifies the first of its kind and thus lays the ground for further research in the area
Recommended from our members
Mixed structural models for decision making under uncertainty using stochastic system simulation and experimental economic methods: application to information security control choice
This research is concerned with whether and to what extent information security managers may be biased
in their evaluation of and decision making over the quantifiable risks posed by information management
systems where the circumstances may be characterized by uncertainty in both the risk inputs (e.g. system
threat and vulnerability factors) and outcomes (actual efficacy of the selected security controls and the
resulting system performance and associated business impacts). Although âquantified securityâ and any
associated risk management remains problematic from both a theoretical and empirical perspective (Anderson 2001; Verendel 2009; Appari 2010), professional practitioners in the field of information security continue to advocate the consideration of quantitative models for risk analysis and management wherever possible because those models permit a reliable economic determination of optimal operational control decisions (Littlewood, Brocklehurst et al. 1993; Nicol, Sanders et al. 2004; Anderson and Moore 2006; Beautement, Coles et al. 2009; Anderson 2010; Beresnevichiene, Pym et al. 2010; Wolter and Reinecke 2010; Li, Parker et al. 2011) The main contribution of this thesis is to bring current quantitative economic methods and experimental choice models to the field of information security risk management to examine the potential for biased decision making by security practitioners, under conditions where
information may be relatively objective or subjective and to demonstrate the potential for informing decision makers about these biases when making control decisions in a security context. No single quantitative security approach appears to have formally incorporated three key features of the security risk management problem addressed in this research: 1) the inherently stochastic nature of the information system inputs and outputs which contribute directly to decisional uncertainty (Conrad 2005; Wang, Chaudhury et al. 2008; Winkelvos, Rudolph et al. 2011); 2) the endogenous estimation of a decision makerâs risk attitude using models which otherwise typically assume risk neutrality or an inherent degree of risk aversion (Danielsson 2002; Harrison, Johnson et al. 2003); and 3) the application of structural modelling which allows for the possible combination and weighting between multiple latent models of choice (Harrison and Rutström 2009). The identification, decomposition and tractability of these decisional factors is of crucial importance to understanding the economic trade-offs inherent in security control choice under conditions of both risk and uncertainty, particularly where established psychological decisional biases such as ambiguity aversion (Ellsberg 1961) or loss aversion (Kahneman and Tversky 1984) may be assumed to be endemic to, if not magnified by, the institutional setting in which these
decisions take place. Minimally, risk averse managers may simply be overspending on controls, overcompensating
for anticipated losses that do not actually occur with the frequency or impact they imagine. On the other hand, risk-seeking managers, where they may exist (practitioners call them âcowboysâ â they are a familiar player in equally risky financial markets) may be simply gambling against ultimately losing odds, putting the entire firm at risk of potentially catastrophic security losses. Identifying and correcting for these scenarios would seem to be increasingly important for now universally networked business computing infrastructures.
From a research design perspective, the field of behavioural economics has made significant and recent
contributions to the empirical evaluation of psychological theories of decision making under uncertainty (Andersen, Harrison et al. 2007) and provides salient examples of lab experiments which can be used to
elicit and isolate a range of latent decision-making behaviours for choice under risk and uncertainty within
relatively controlled conditions versus those which might be obtainable in the field (Harrison and Rutström 2008). My research builds on recent work in the domain of information security control choice by 1) undertaking a series of lab experiments incorporating a stochastic model of a simulated information management system at risk which supports the generation of observational data derived from a range of security control choice decisions under both risk and uncertainty (Baldwin, Beres et al. 2011); and 2) modeling the resulting decisional biases using structural models of choice under risk and uncertainty (ElGamal and Grether 1995; Harrison and Rutström 2009; Keane 2010). The research contribution consists of the novel integration of a model of stochastic system risk and domain relevant structural utility modeling using a mixed model specification for estimation of the latent decision making behaviour. It is anticipated that the research results can be applied to the real world problem of âtuningâ quantitative information security risk management models to the decisional biases and characteristics of the decision maker (Abdellaoui and Munier 1998