Exploratory analysis of a measurement scale of an information security management system

This research shows the analysis of multiple factors that inhibit the implementation of an Information Security Management System (ISMS). The research data were collected from 143 respondents from two universities in northeastern Mexico, in faculties of engineering in related areas. In this study, the Information Security Management System Measurement Instrument (IM-ISMS) was validated. A scale of 24 items was obtained, divided into four factors: organizational policies and regulations, privacy, integrity and authenticity. The results of this study agree with the results found by [10] in which they pre-sent a model that complies with ISO/IEC 27002:2013 controls and security and privacy criteria to improve the ISMS. [48], Mentioned that the implementation of controls based on ISO standards can meet the requirements for cybersecurity best practices.A scale of 24 items was obtained, divided into four factors: organizational policies and regulations, privacy, integrity and authenticity. This version of the instrument meets the criteria established for its validity (KMO, Bartlett's test of sphericity). An extraction was performed by the minimum residuals method, an oblique rotation was performed by the promax method, when performing the rotation 17 of the 24 items were grouped in the corresponding factor. The final reliability of the scale was calculated by the Omega coefficient, in all the dimensions the coefficients were greater than .70, therefore the re-liability of the instrument is good

Understanding the Current State of Knowledge and Future Directions of Doxing Research: A Social Cognitive Theory Perspective

Doxing is the public release of personal information with harmful intentions. It is an emergent online practice that is used in social protest movements, for personal revenge, or even as a means of cyber-warfare. To amalgamate the ambiguous multi-disciplinary research, we summarize the current state of knowledge and identify directions for doxing research. To that end, this study applies social cognitive theory in a systematic review of 28 doxing papers and provides an overview of current doxing research trends. The review shows that doxing research has been primarily focused on the environmental perspective, particularly the legal regulation of doxing while neglecting personal and behavioral factors. We identify a series of research questions to guide and inspire future research on the role of digital technologies in this emerging issue

ETHICAL DISCOURSE OF DOXING IN INDONESIAN TWITTER USERS

Indonesia sebagai negara mayoritas kelima pengguna Twitter di dunia, menjadikan platform ini sebagai dunia maya populer untuk mencari informasi dan kumpulan opini dengan tujuan memenuhi keinginan rasa ingin tahu, pengetahuan, kebencian, suka, atau topik apapun yang dianggap menarik untuk dibicarakan. Tidak jarang diskusi semacam itu mengarah pada perdebatan penting atau sepele yang membuat seseorang mengungkapkan informasi kredensial lawan mereka. Tindakan mengungkapkan informasi kredensial tentang lawan mereka disebut 'doxing'. Namun demikian, fenomena doxing adalah paradoks, karena beberapa orang mungkin mengatakan doxing dapat terjadi dengan niat jahat, sementara yang lain menganggap doxing sebagai perbuatan baik mengungkapkan aktor kasus kriminal atau tidak bermoral. Oleh karena itu, tulisan ini bertujuan untuk membahas "apa wacana etis untuk aktivitas doxing di kalangan pengguna Twitter Indonesia?". Kasus doxing yang menjadi subjek kajian tulisan ini adalah kasus viral Natalie, Rizky Billar, Gilang 'Bungkus', akun whistle blower anonim, dan dugaan penipuan. Metode dalam tulisan ini adalah kajian wacana kritis, dengan menggunakan teknik pengumpulan data dokumentasi. Hasilnya, tulisan ini menemukan bahwa doxing adalah wacana terbuka yang memiliki kemungkinan untuk diperluas sesuai dengan pluralitas masyarakat, dinamika pemerintah, dan pembatasan kebebasan berbicara di bidang frekuensi publik. 'Doxing Netral' adalah terminologi baru yang diusulkan makalah ini yang percaya bahwa kecukupan doxing terletak pada tujuannya. Kesimpulannya, dalam hak apa pun ada batasan etis untuk mengetahui apakah ada lebih banyak manfaat dalam melakukannya. Ketika, orang memiliki hak untuk mengakui informasi mengenai kesejahteraan mereka maka doxing dapat diterima, juga berlaku sebaliknya. Selain itu, kami percaya bahwa itu berkompromi dengan tujuan doxing

Harm Imbrication and Virtualised Violence: Reconceptualising the Harms of Doxxing

This article develops a framework for analysing the harms of doxxing: the practice of publishing personal identifying information about someone on the internet, usually with malicious intent. Doxxing is not just a breach of privacy, nor are its effects limited to first‑order harms to an individual’s bodily integrity. Rather, doxxing increases the spectre of second-order harms to an individual’s security interests. To better understand these harms—and the relationships between them—we draw together the theories of Bhaskar, Deleuze and Levi to develop two concepts: the virtualisation of violence and harm imbrication. The virtualisation of violence captures how, when concretised into structures, the potential for harm can be virtualised through language, writing and digitisation. We show that doxxed information virtualises violence through constituting harm-generating structures and we analyse how the virtual harm-generating potential of these structures is actualised through first- and second-order harms against a doxxing victim. The concept of harm imbrication, by contrast, helps us to analyse the often-imbricated and supervenient relationship between harms. In doing so, it helps us explain the emergent – and supervenient – relationship between doxxing’s first- and second-order harms

Ethical Hacking for a Good Cause: Finding Missing People using Crowdsourcing and Open-Source Intelligence (OSINT) Tools

Over 600,000 people go missing every year in the US alone. Despite the extensive resources allocated to investigating these cases, the high volume of missing person cases constitutes one of the biggest challenges for law enforcement agencies. One approach to tackle this challenge is using crowdsourcing. That is, volunteers use freely available tools and techniques to aid the existing efforts to investigate missing person cases. Open-Source Intelligence (OSINT) refers to gathering information from publicly available sources and analyzing it through a comprehensive set of open-source tools to produce meaningful and actionable intelligence. OSINT has been applied to address various societal challenges and crimes, including environmental abuse, human rights violations, child exploitation, domestic violence, disasters, and locating missing people. Building on this premise, this case examines a crowdsourced initiative called Trace Labs that aims to assist law enforcement agencies in solving missing person cases using OSINT tools. The case emphasizes socio-technical aspects of cybersecurity, highlighting both the bright and dark sides of technology. It demonstrates the potential of information systems to serve the public good by examining topics such as open-source software, crowdsourcing, and intelligence gathering, while acknowledging that the very same underlying technology can be used for malicious purposes