Managing Information Risks and Protecting Information Assets in a Web 2.0 Era

The growth in volume of digital information arising from business activities presents organisations with the increasingly difficult challenge of protecting their information assets. Failure to protect such information opens up a range of new business risks. The increase in externally hosted services and social networking tools also adds a new layer of complication to achieving information protection. Prior research has recognised the need for a socio-organisational view of information protection, shifting the emphasis from a narrowly defined technical concern to an enterprise-wide, business-led responsibility encompassing strategic and governance issues. We argue that this shift is important but not enough and that greater attention should be given to understanding the nature and complexities of digital business information. In this paper we examine the extent to which existing frameworks for information protection are structured to account for changes in the information environment. Our findings indicate that whilst these frameworks address the need to adopt a broader social and organisational perspective there remain a number of significant limitations in terms of the way the information is treated. To address these limitations we propose a more co-ordinated and information-centric approach to information protection

Managing enterprise information: meeting performance and conformance objectives in a changing information environment

This paper presents the findings of an in-depth survey to examine the current status of enterprise information management (EIM) in organizations. The survey explores five key areas: drivers and capabilities of EIM; current status of EIM strategies; EIM content and technologies; EIM and compliance; and the changing role of the information professional. The survey reveals that the drivers for EIM cannot be simply reduced to a series of technical or organizational needs and that EIM is a complex sociotechnical phenomenon. A fine balance is required to achieve business performance objectives whilst at the same time also meeting conformance requirements. To date, few organizations have implemented enterprise-wide EIM strategies; however those who do have them are better able to keep track of, and achieve, performance objectives. In terms of technologies and content the landscape is complex with organizations focusing their efforts into managing and reducing this complexity. Finally information management work is changing; the survey reveals EIM as a multi-stakeholder activity requiring the combination of a wide range of professional groups, skills and knowledge. The survey findings provide the basis for further research investigations in supporting organization in their EIM initiatives

Managing enterprise information: meeting performance and conformance objectives in a changing information environment

This paper presents the findings of an in-depth survey to examine the current status of enterprise information management (EIM) in organizations. The survey explores five key areas: drivers and capabilities of EIM; current status of EIM strategies; EIM content and technologies; EIM and compliance; and the changing role of the information professional. The survey reveals that the drivers for EIM cannot be simply reduced to a series of technical or organizational needs and that EIM is a complex sociotechnical phenomenon. A fine balance is required to achieve business performance objectives whilst at the same time also meeting conformance requirements. To date, few organizations have implemented enterprise-wide EIM strategies; however those who do have them are better able to keep track of, and achieve, performance objectives. In terms of technologies and content the landscape is complex with organizations focusing their efforts into managing and reducing this complexity. Finally information management work is changing; the survey reveals EIM as a multi-stakeholder activity requiring the combination of a wide range of professional groups, skills and knowledge. The survey findings provide the basis for further research investigations in supporting organization in their EIM initiatives

Revisiting Cybersecurity Awareness in the Midst of Disruptions

The awareness of cybersecurity and knowledge about risks from a variety of threats, which present harm or steal private information in internetworking could help in mitigation of vulnerabilities to risks of threats in safeguarding information from malware and bots. Revisiting cybersecurity awareness of every member and evaluation of organization’s posture might help to protect sensitive or private information from a network of computers, working together and forming into botnets. The purpose of the qualitative case study narrative was to explore prospects for integrating cybersecurity education into elementary school children’s curriculum through interviews of elementary schoolteachers, IT experts, and parents to gain feedback about perceptions on cybersecurity knowledge and awareness. The analysis of schools’ organizational security postures related to all levels of education, recommending in raising awareness of the underlying and unprecedented security vulnerabilities. One area of greatest need is in protecting the wellbeing of people in securing private or protected assets and sensitive information, most valuable and vulnerable amid disruption. The possible lack of cybersecurity awareness in online settings could increase an organizational vulnerability to risks of threats and outsider attempts to install malware during a variety of cyber-attacks. Organizations with online ambiguity face a threat from botnets to infect networks. This qualitative exploratory single case-study into perceptions of teachers and leaders, information technology (IT) experts, and parents of elementary school children about cybersecurity awareness level of children in elementary schools helped to reinforce the important role of education in building foundational cyber-safety practices

Enabling the effective open innovation in Business Ecosystem: A case study of Chinese catch-up firm Huawei

Introduction This report evaluates the strategies regarding to how to enable the effective open innovation in the context of business ecosystem and explores what role the open innovation ecosystem plays in the Chinese catch-up ICT firm Huawei. Moreover, this report aims to unveil the risks, challenges and implication for catch-up firms in the eras of globalization. Findings and recommendations First, one interesting finding is that firm shall take a holistic perspective if it wishes to enable the effective open innovation. Thus, firm shall evaluate its business ecosystem stage and identify the relevant players accordingly. Moreover, it’s crucial to implement the strategy corresponding to the business environment and choose and manage the open innovation mode tactically. Specifically, knowledge management and innovative leadership are also key components for success. Second, this research provides some supports for the conceptual premise that benefits of open innovation in reducing cost and risks, adding more value in the commodity chain, creating more market opportunities, creating and sharing knowledge and enhancing its competitive advantage etc. Therefore, it can be assumed that for catch-up firm, it’s strategic to adopt the open innovation if it wishes to enhance the competitive advantage. Nevertheless, this finding has important implication for firms from developing countries, its impractical to imitate the western paths. In essence, It’s crucial to develop its own path according to its particular situation and align with the national goal strategically. What is surprising is that this research also suggests Huawei benefits significantly from Chinese government’s ambition in developing and promoting its national ICT industry in global scale. This raises the intriguing question regarding to the nature and extent of the relationship between government and business. The evidences from this study also implies the importance of establishing cooperative long term relationship with government and indigenous policy makers where firm wishes to expand its business. In addition, it seems to be a definite need for not only catch-up firms as Huawei, but also government and policy makers shall be aware of the risks and challenges and comply with the stipulated rules in the globalization. Furthermore, government and policy maker shall regulate more transparent, open polices which promote effective open innovation in healthy business ecosystem and give market more space and eventually spur the radical innovation. Taken together, those results from this report suggest that its strategic for catching-up firm to adopt the open innovation in business ecosystem if it wishes to enhance its competitive advantage and compete in global market

Assessing the Potential Involutionary Effects of New Copyright Laws: A Techno-legal Analysis Based on the Impact of Web 3.0 on Copyright Protection

As Internet technology evolves, legal professionals and academics must stay current and adapt to these inevitable technological changes. This article investigates the extensive influence of the latest version of the World Wide Web (the Web)—Web 3.0—on copyright laws based on a techno-legal analysis that considers the opportunities and challenges of this new technology. The principal version of copyright laws, the Digital Millennium Copyright Act (DMCA), was enacted in 1998 during the Web 1.0 era, signifying an impending need for appropriate updates in the new Web 3.0 era. This article traces the historical development of U.S. copyright laws by positing it has undergone three phases: illegalization, institutionalization, and criminalization. The article then explores the possible development of new legal frameworks to address the unique challenges of Web 3.0 and the formulation of novel technical solutions in the new phase of decentralization. The article also assesses the possible involutionary effects of new copyright laws that can detrimentally impact privacy, freedom of speech, and fair competition on the Internet. Finally, this article provides recommendations for establishing new copyright laws’ parameters in the forthcoming decentralization phase

Assessing the Current Status of Information Security Policies Among Saccos in Kenya

In 2013, Communication Authority of Kenya (CAK) recorded cyber-attacks amounting to Sh5.4 million loses. In April 2016, Bandari Savings and Credit Cooperative Society lost Sh5 million through fraudulent ATM withdrawals (Nation Newspapers, April 8, 2016). These examples demonstrate weaknesses that may exist from security breaches and incidents caused by people, processes, and technology. Ministry of ICT and CAK are lacking specific Information Security Models tailored towards SACCOS in Kenya. The study therefore sought to assess the current status of information security policies among SACCOS in Kenya. The study adopted descriptive research design. The unit of observation was 135 SACCOS registered with SACCO Societies Regulatory Authority (SASRA) while the unit of analysis was 270 ICT personnel working in the 135 targeted SACCOS. The study targeted the SACCOS heads of IT department. The study used Nassiuma (2000) formula to get a sample of 85 respondents. Purposive sampling was further used in selecting study participants in every SACCOS who were considered to be knowledgeable of the variables under study. The study utilized questionnaire as the survey instrument to collect both quantitative and qualitative data. The study adopted descriptive statistics. Descriptive data was presented by use of frequency tables. The study established that in all the SACCOS studied, information security policy is used. However, there are still challenges on how information security breaches and incidents can be contained based on the results of the study and therefore calls for further research in academic research. The findings of the study indicate that SACCOS were able to validate that the enhanced information security model using an integrated approach worked as planned and reported to auditors, managers and executives that incident response programs are robust and reliable. If security controls didn’t work as planned, they will need to fix them. The actions and resources needed should be included in in the report to executives in the SACCOS sector in KenyaKeywords: SACCOS, Management controls, Information Security Policies, Risk assessmentDOI: 10.7176/EJBM/11-27-09 Publication date:September 30th 201

USING BIG DATA IN BUSINESS MANAGEMENT

Digitalization is fundamentally changing companies and other organizations, just as the business world has never seen before. Changes also take place on the financial and accounting side of a company. Future digital advancements are a necessity because providers use this type of systems. The use of new technologies in business management is expected especially in terms of document recognition, data exchange, receipt and payment transactions, communication, excel replacement, text recognition. Big Data is becoming an indispensable resource for many organizations. Digitalization is fundamentally changing companies and other organizations, just as the business world has never seen before. The term Big Data has evolved in a flash to take into account the rapidly expanding quantities of digital information systems that are generated, the hard work of creating that information that can be analyzed, and the actual use of that data as capital to increase efficiency, create and enable innovation, and improve decision-making

Best Practice Social Media Policy: Comparison of Organizational Use of Social Media Policy

Social media is a phenomenon that businesses are using to communicate with both internal and external stakeholders. The new communication channel is different from the traditional channels used by marketing, public relations, and human resources because of user created content, social dynamics, and frequent changes to the autonomous online platforms\u27 structure and social make-up. Social media websites like YouTube, Facebook and Twitter have received significant attention from both scholars and practitioners seeking best practice for organizational engagement with the phenomenon. Much of the information published for businesses, communities, and activists, who are looking into social media engagement provides consistent instruction, but are the recommended practices reflected in the practice of organizations? This thesis investigates the language used by organizations to manage use of social media in order to learn how closely they follow published advice. An analysis of the content presented in 25 organizational social media policy documents from sources spanning five industries is used to explore how corporations are approaching the use of social media. The findings reveal which practices are uniformly included in policy, and which practices are unique to the industrial focus or identity of particular organizations