The Empirical Study of the Factors that Influence Threat Avoidance Behavior in Ransomware Security Incidents

Ransomware security incidents have become one of the biggest threats to general computer users who are oblivious to the ease of infection, severity, and cost of the damage it causes. University networks and their students are susceptible to ransomware security incidents. College students have vast technical skills and knowledge, however they risk ransomware security incidents because of their lack of mitigating actions to the threats and the belief that it would not happen to them. Interaction with peers may play a part in college students’ perception of the threats and behavior to secure their computers. Identifying what influences students’ threat avoidance behavior in the face of ransomware security incidents is essential to managing students’ behaviors to protect their personal and university computer systems. The goal of this research is to empirically examine threat avoidance behavior in the context of ransomware security incidents among college students. The research model extends the Technology Threat Avoidance Theory with the addition of the factors of subjective norm, attitude toward knowledge sharing, and experience of threat. The study focuses on the effects these factors have on threat avoidance behavior. These factors determine if externalities such as social pressures or previous experiences of threat influence avoidance behavior. This study was a quantitative and empirical study using a non-probability design for gathering data. The convenience sampling method was used to collect data using a survey instrument. The items of the survey instrument were designed using the 7-point Likert Scale. The data was collected from 174 United States college students using an online survey tool. Prior to the main data collection effort, an expert panel review and a pilot study were conducted. Pre-analysis data screening was conducted before analyzing the data. Data analysis with survey data was conducted using Partial Least Square Structural Equation Modeling (PLS-SEM) using SmartPLS 3.0. The results of the study showed a positive and significant relationship between avoidance motivation and threat avoidance behavior. Subjective norm was found to have a positive effect on attitude towards knowledge sharing. However, the relationship between subjective norm and response efficacy was not significant. The study contributes to the body of knowledge by providing empirical evidence about the effect of factors of threat avoidance behavior on ransomware security incidents among college students. It provides insight into the experience and preparedness of students to deal with the threat of ransomware

Management of security information in the security industry

Incidents, threats and vulnerabilities have the potential to negatively affect an organisation’s assets. Information on these incidents, threats and vulnerabilities are important to security. It is therefore necessary for this security information to be effectively and efficiently managed, so that correct decisions may be made on the implementation of security risk control measures. This study explored the management of security information in the security industry by undertaking the following: • establishing the “status quo” of the collection and analysis of security information and the implementation of security risk control measures in practice; • identifying the nature and extent of problems experienced in the collection and analysis of security information and the implementation of security risk control measures; and the • discovery of a new Security Information Management Model (SIMM). Mixed methods research was used to study the management of security information in the security industry. The explorative research design was used for this purpose. Semi-structured and focus group interviews were conducted with senior security managers and operational security officers, respectively. The grounded theory research design was used to analyse the qualitative data in order to generate a substantive grounded theory. The theory is that security officers operate without a standardised framework to manage security information. The data from the semi-structured and the focus group interviews were used to design a questionnaire to conduct a survey using the quantitative approach. The non-experimental research design was used to conduct this self-administered questionnaire survey. The data from this questionnaire survey helped validate and confirm the substantive grounded theory. The study found that there was the need for a Security Information Management Model to manage security information in the security industry. Based on this finding the researcher recommended a new Security Information Management Model for the management of security information in the security industry.Criminology and Security ScienceD. Litt. et Phil. (Criminology

The impact of security on Philippine tourism : a thesis presented in fulfilment of the requirements for the degree of Master of Philosophy in Development Studies at Massey University

This study investigates the nexus between security and tourism within the development context within political structures and institutions examining specifically the impacts of security issues on the tourism industry of the Philippines. The latest global security events and the country's volatile security situation caused by political instability issues, terrorism and incidence of crime have together posed serious threats to the government's efforts to promote the country as a premiere tourist destination While tourism may be perceived by many social science and development writers as just a western mechanism to propagate capitalism, it has, for most Third World countries like the Philippines, nevertheless contributed significantly to their economies in terms of foreign exchange earnings, taxes and jobs generated. In examining the impact of security events and issues on Philippine tourism, a quantitative analysis which compared arrivals before and after security events led to the finding that terrorism caused the biggest declines. The fieldwork results which were based on surveys of tourists (both foreign and domestic), hotel management staff, and officials from government and the industry itself also led to a similar proposition that terrorism has affected travel decisions more than political instability and crime. However, fieldwork also revealed that internal conflicts caused by clashes between the government and Muslim and communist rebels have influenced tourists' choice of tourist destinations both in the countries they travel to and among the destinations in the Philippines. While political instability and incidents of crime within the Philippines did not seriously concern tourists on the whole, problems of corruption and a perceived weak government system to solve local security incidents have surfaced indicating the need for strategies to address problems within political institutions and structures. There were also differences in perceptions of fear and security between foreign and domestic tourists, and also among foreign tourists of different nationalities. Considering these observed perception levels in promoting tourism to these different groups may be more effective in attracting tourists to the country. This study concludes that Philippine tourism can recover from the consequences of both global and local security events provided that the government imposes stricter and more effective security systems, engages in more effective promotional strategies which target particular nationalities, and continues to cooperate with its ASEAN neighbors and international organizations like the WTO and WTTC to resolve security issues at hand. Utilization of risk management plans and crisis management plans implemented by countries that were affected by security problems in the past should provide some valuable means to the Philippines, and any other country with security problems. Overall, a combination of factors such as the active involvement of the Philippines in regional activities, constant dialogues with rebel forces and other insurgent groups, prosecution of perpetuators of terrorist acts and crimes, and a government of good integrity will enable tourism to lead to development

Alcohol, assault and licensed premises in inner-city areas

This report contains eight linked feasibility studies conducted in Cairns during 2010. These exploratory studies examine the complex challenges of compiling and sharing information about incidents of person-to-person violence in a late night entertainment precinct (LNEP). The challenges were methodological as well as logistical and ethical. The studies look at how information can be usefully shared, while preserving the confidentiality of those involved. They also examine how information can be compiled from routinely collected sources with little or no additional resources, and then shared by the agencies that are providing and using the information.Although the studies are linked, they are also stand-alone and so can be published in peer-reviewed literature. Some have already been published, or are ‘in press’ or have been submitted for review. Others require the NDLERF board’s permission to be published as they include data related more directly to policing, or they include information provided by police.The studies are incorporated into the document under section headings. In each section, they are introduced and then presented in their final draft form. The final published form of each paper, however, is likely to be different from the draft because of journal and reviewer requirements. The content, results and implications of each study are discussed in summaries included in each section.Funded by the National Drug Law Enforcement Research Fund, an initiative of the National Drug StrategyAlan R Clough (PhD) School of Public Health, Tropical Medicine and Rehabilitation Sciences James Cook UniversityCharmaine S Hayes-Jonkers (BPsy, BSocSci (Hon1)) James Cook University, Cairns.Edward S Pointing (BPsych) James Cook University, Cairns

Security Economics: A Guide for Data Availability and Needs

The rapid and accelerating development of security economics has generated great demand for more and better data to accommodate the empirical research agenda. The present paper serves as a guide to policy makers and researchers for security-related databases. The paper focuses on two main issues. Firstly, it takes stock of the existing databases, highlighting their main components and also performs a brief statistical comparison. Secondly, it discusses data shortages and needs that are considered essential for enhancing our understanding of the complex phenomenon of terrorism as well as designing and evaluating policy.

A Violência no Local de Trabalho em Instituições de Saúde: Um Estudo Monocêntrico sobre Causas, Consequências e Estratégias de Prevenção

Introduction: Workplace violence is one of the main risk factors in the professional world. Healthcare workers are at higher risk when compared to other sectors. Our study aimed to characterize physical and verbal violence in a public hospital and to define occupational health prevention and surveillance strategies. Material and Methods: Single center observational cross-sectional study, carried amongst healthcare workers in a public hospital in Lisbon. A qualitative survey was carried out through six in-depth interviews. A quantitative survey was carried through questionnaires delivered to 32 workers. A significance level of 5% was accepted in the assessment of statistical differences. The Mann-Whitney test and the Fisher’s exact test were used to calculate p values. Results: The main results are: (1) 41 violence incidents were reported in the quantitative phase; (2) 5/21 [23.81%] victims notified the incident to the occupational health department; (3) 18/21 [85.71%] victims reported a permanent state of hypervigilance; (4) 22/28 [78.57%] participants self-reported poor or no familiarity with internal reporting procedures; (5) 24/28 [85.71%] participants believed it is possible to minimize workplace violence. Discussion: Workplace violence is favored by unrestricted access to working areas, absence of security guards and police officers or scarce intervention. The low notification rate contributes to organizational lack of action. The state of hypervigilance reported in our study reflects the negative effects of threatening occupational stressors on mental health. Conclusion: Our results show that workplace violence is a relevant risk factor that significantly impacts workers’ health in a noxious manner, deserving a tailored occupational health approach whose priority areas and strategies have been determined.Introdução: A violência no local de trabalho é um dos principais fatores de risco no mundo do trabalho. Os trabalhadores da saúde apresentam um risco superior. O nosso estudo teve como objetivo caracterizar a violência física e verbal num hospital público e definir estratégias de prevenção e vigilância em saúde ocupacional. Material e Métodos: Estudo observacional transversal monocêntrico, conduzido num hospital público em Lisboa com trabalhadores da saúde. Foi realizado um inquérito qualitativo com entrevistas em profundidade a seis trabalhadores e um inquérito quantitativo com questionários a 32 trabalhadores. Aceitou-se um nível de significância de 5% na avaliação das diferenças estatísticas. O teste de Mann-Whitney e o teste exato de Fisher foram usados para calcular os valores de p. Resultados: Os principais resultados são: (1) 41 episódios reportados na fase quantitativa; (2) 5/21 [23,81%] vítimas notificaram o incidente; (3) 18/21 [85.71%] vítimas reportaram estados de hipervigilância permanente; (4) 22/28 [78,57%] participantes não conheciam ou conheciam mal os procedimentos de notificação; (5) 24/28 [85,71%] consideravam possível minimizar o problema. Discussão: A violência é favorecida pelo acesso livre às zonas de trabalho, ausência de agentes de segurança e polícia ou falta da respetiva intervenção. A baixa notificação contribui para a ausência de medidas organizacionais. O estado de hipervigilância relatado reflete o efeito prejudicial da exposição a fontes de stress e ameaça. Conclusão: A violência no local de trabalho é um fator de risco relevante, com impacto negativo na saúde dos trabalhadores e merece uma abordagem individualizada no âmbito da saúde ocupacional, cujas áreas e estratégias prioritárias foram definidas neste estudo. Palavras-chave: Fatores de Risco Profissionais; Prevenção; Saúde Ocupacional; Trabalhadores da Saúde; Violência no Local de trabalho.info:eu-repo/semantics/publishedVersio

Model-Based Mitigation of Availability Risks

The assessment and mitigation of risks related to the availability of the IT infrastructure is becoming increasingly important in modern organizations. Unfortunately, present standards for Risk Assessment and Mitigation show limitations when evaluating and mitigating availability risks. This is due to the fact that they do not fully consider the dependencies between the constituents of an IT infrastructure that are paramount in large enterprises. These dependencies make the technical problem of assessing availability issues very challenging. In this paper we define a method and a tool for carrying out a Risk Mitigation activity which allows to assess the global impact of a set of risks and to choose the best set of countermeasures to cope with them. To this end, the presence of a tool is necessary due to the high complexity of the assessment problem. Our approach can be integrated in present Risk Management methodologies (e.g. COBIT) to provide a more precise Risk Mitigation activity. We substantiate the viability of this approach by showing that most of the input required by the tool is available as part of a standard business continuity plan, and/or by performing a common tool-assisted Risk Management

Violence against women students in the UK: time to take action

Sexual and gendered violence in the education sector is a worldwide concern, but in the UK it has been marginalised in research and policy. In this paper we present findings from the National Union of Students' study Hidden Marks, the first nationwide survey of women students' experiences of violence. This research established high levels of prevalence, with one in four respondents being subject to unwanted sexual behaviour during their studies. We analyse why the issue of violence against women students has remained low profile in this country, whereas in the USA, where victimisation rates are similar, it has had a high profile since the 1980s and interventions to tackle it have received a significant amount of federal support. We urge UK policymakers, universities, students' unions and academics to address the problem, and make suggestions about initial actions to take

The Critical Incident Technique

{Excerpt} Organizations are often challenged to identify and resolve workplace problems. The Critical Incident technique gives them a starting point and a process for advancing organizational development through learning experiences. It helps them study “what people do” in various situations. One might think there are no answers to the following questions: How fast can you think on your feet? How do you react in the face of the unexpected? How can you prepare if you cannot predict? And yet, there are. Evidently, some behaviors contribute to the successor failure of individuals—and organizations—in specific situations. And so, responses to the unforeseen lie in identifying before the fact events or circumstances, or series of them, that are outside the range of ordinary human experiences. The questions posed earlier are as old as mankind; but our ability to address them owes largely to the relatively recent work of John Flanagan. These days critical incidents can be harvested to provide a rich, personal perspective of life that facilitates understanding of the issues and obstacles people face every now and then and illuminates avenues for improvement (or replication if outcomes are effective)—avenues that may not be apparent through purely quantitative methods of data collection. This should matter to high-performance organizations