Information security conscious care behaviour formation in organizations

Today, the Internet can be considered to be a basic commodity, similar to electricity, without which many businesses simply cannot operate. However, information security for both private and business aspects is important. Experts believe that technology cannot solely guarantee a secure environment for information. Users' behaviour should be considered as an important factor in this domain. The Internet is a huge network with great potential for information security breaches. Hackers use different methods to change confidentiality, integrity, and the availability of information in line with their benefits, while users intentionally or through negligence are a great threat for information security. Sharing their account information, downloading any software from the Internet, writing passwords on sticky paper, and using social security numbers as a username or password are examples of their mistakes. Users’ negligence, ignorance, lack of awareness, mischievous, apathy and resistance are usually the reasons for security breaches. Users’ poor information security behaviour is the main problem in this domain and the presented model endeavours to reduce the risk of users’ behaviour in this realm. The results of structural equation modelling (SEM) showed that Information Security Awareness, Information Security Organization Policy, Information Security Experience and Involvement, Attitude towards information security, Subjective Norms, Threat Appraisal, and Information Security Self-efficacy have a positive effect on users’ behaviour. However, Perceived Behavioural Control does not affect their behaviour significantly. The Protection Motivation Theory and Theory of Planned Behaviour were applied as the backbone of the research model

Segurança da Informação e Meio de Seu Suporte Jurídico

The article is devoted to the consideration of the problem of legal regulation of relations on the provision of information security in the world. The author also raises questions of informational propaganda. The article introduces the author's concept of information hygiene. As a result of the research carried out, the author came to the conclusion that it is necessary to introduce legal regulation of information relations both at the international and national levels.El artículo está dedicado a la consideración del problema de la regulación legal de las relaciones en la provisión de seguridad de la información en el mundo. El autor también plantea cuestiones de propaganda informativa. El artículo introduce el concepto del autor de higiene de la información. Como resultado de la investigación realizada, el autor llegó a la conclusión de que es necesario introducir una regulación legal de las relaciones de información tanto a nivel internacional como nacional.O artigo é dedicado à consideração do problema da regulação legal das relações sobre a prestação de segurança da informação no mundo. O autor também levanta questões de propaganda informacional. O artigo introduz o conceito de higiene da informação do autor. Como resultado da pesquisa realizada, o autor chegou à conclusão de que é necessário introduzir uma regulação legal das relações de informação tanto no nível internacional quanto nacional

A descriptive review and classification of organizational information security awareness research

Information security awareness (ISA) is a vital component of information security in organizations. The purpose of this research is to descriptively review and classify the current body of knowledge on ISA. A sample of 59 peer-reviewed academic journal articles, which were published over the last decade from 2008 to 2018, were analyzed. Articles were classified using coding techniques from the grounded theory literature-review method. The results show that ISA research is evolving with behavioral research studies still being explored. Quantitative empirical research is the dominant methodology and the top three theories used are general deterrence theory, theory of planned behavior, and protection motivation theory. Future research could focus on qualitative approaches to provide greater depth of ISA understanding

Implementing Islamic Criminal Law: Does it Break Indonesian Legal System?

Islamic criminal law in Indonesia also known as Aceh Jinayat Law Qanun is a legal product in Aceh, whose source of legal material the Islamic Shari’a. The Aceh Jinayat Law Qanun should follow the legal system in force in Indonesia. The Indonesian National Legal System is based on Pancasila and the 1945 Constitution. Each existing legal domain must derive from Pancasila and the 1945 Constitution. Based on the results of the study, it appears that the enactment of the Aceh Jinayat Qanun is in line with the Aceh Government's specific authority on Islamic Shari'a. In legal perspective, this authority is legally legitimate as an attributive authorit, which was previously not existent, but it has been made and established by the legislators or DPR (the People’s House of Representative) which specifically heldit u

Information Security from a Scientometric Perspective

During recent years, Information societies are continually confronted with security threats and information vulnerabilities. Literature analysis of major disciplines is one of the key tools available to policymakers of research institutions and organizations. Scientometrics is the field of study which concerns itself with measuring and analyzing scientific literature. The purpose of the present study was to evaluate the research trends of information security in the Middle-East and the world from a scientometric perspective. Descriptive and analytical statistics were used in this study. The Scopus citation database was used to collect the publication data, as the largest abstract and citation database of peer-reviewed literature. Therefore, all documents related to "information security" were retrieved and analyzed. The results showed that the majority of scientific publications in the field of information security were produced in the United States of America and China. Among the Middle-Eastern countries, Iran ranked the first in terms of scientific publications in the field of information security while ranked 23th among the countries of the world. It is apparent that paying special attention to the field of information and data security in terms of international scientific collaborations, using knowledge and experiences of the leading, and supporting research and development in this field can improve the quality and quantity of scientific publications in this field. The expertise gathered during the process will prove invaluable and effective in confronting the security threats and vulnerabilities posed to information societies

Incidents Correlation Mechanism for Assessing Average and Total Criticality Level of Situation in the Infosphere

Today, the methods of incidents / potential crisis situations detecting and their criticality level assessing are proposed. However, these methods do not describe simultaneous occurrence of several crisis situations and determining of the average and total criticality level. In this paper the correlation issues of several events - security incidents – are reviewed and the mechanism for calculating an average and total criticality level of incidents is proposed. A mechanism basis of events correlation, as well as crisis management methods itself, includes Delphi methods and fuzzy logic model. Proposed mechanism appliance will allow the simultaneous occurrence of several incidents to be taken into account and assess their average and total impact on the information system

Analisis Minat Penggunaan Fintech Berdasarkan Konsep ECT-IS

This research aims to obtain empirical evidence regarding the behavior intention in using Fintech as electronic-based financial access through the ECT-IS model combined with data security system. The sampling method for this research using judgment sampling. The survey method is carried out in the process of collecting data. Empirical evidence of research explains that perceived usefulness has a positive and significant effect on the level of satisfaction and behavior intention. The effect confirmation of use on perceived usefulness and individual satisfaction has positive and significant effect. The effect of data security systems on individual satisfaction is positive and significant. Likewise, the level of individual satisfaction have significant effect on behavior intention in using Fintech