The Impact of Information Security Technologies Upon Society

This paper's aims are concerned with the effects of information security technologies upon society in general and civil society organisations in particular. Information security mechanisms have the potential to act as enablers or disablers for the work of civil society groups. Recent increased emphasis on national security issues by state actors, particularly 'anti-terrorism' initiatives, have resulted in legislative instruments that impinge upon the civil liberties of many citizens and have the potential to restrict the free flow of information vital for civil society actors. The nascent area of cyberactivism, or hactivism, is at risk of being labelled cyberterrorism, with the accompanying change of perception from a legitimate form of electronic civil disobedience to an abhorrent crime. Biometric technology can be an invasive intrusion into citizens' privacy. Internet censorship and surveillance is widespread and increasing. These implementations of information security technology are becoming more widely deployed with profound implications for the type of societies that will result

Management Perception of Unintentional Information Security Risks

This paper will examine the difference between management’s perception of the information security risks and actual information security risks that occur within their organization, arguing that management’s perceptions are based mostly on (1)technology solutions to protect organizational information and (2) their beliefs that employees follow established information security policies. Slovic’s perception of risk theory will be used as a theoretical foundation for this study. The paper will focus on the neglected human element of information security management, with the primary focus on employees’ actions that unintentionally expose organizational information to security risks. These employee actions can threaten information contained within the organization’s computer-based systems as well as information in the form of computer-based system output, such as printed reports, customer receipts, and backup tapes. There has been substantial literature exploring the human threat to organizational information; however past research has focused on intentional behavior, typically referred to as “computer abuse”. Less research has investigated employees’ actions that unintentionally expose an organization to information security risks. Based upon this premise, the purpose of this study is to draw attention to such human threats and in turn shed light on the relationship between unintentional threats caused by employees’ behavior and information security risks. Using a case study conducted in a financial institution, this study investigates these unintentional threats and management’s perception of potential information security risks that these employees’ actions may cause. The research reveals that many of management’s taken-for-granted assumptions about information security within their organization are inaccurate. It is suggested that by increasing management’s awareness of these risks, they will take precautions to eliminate this behavior to ensure that the organization’s information is better secured

Evaluasi Kinerja Sistem Informasi Manajemen di Balai Besar Kesehatan Paru Masyarakat Surakarta Berdasarkan Aspek Persepsi Pengguna

Universitas Diponegoro Fakultas Kesehatan Masyarakat Program Magister Ilmu Kesehatan Masyarakat Konsentrasi Sistem Informasi Manajemen Kesehatan 2015 ABSTRAK Novita Yuliani Evaluasi Kinerja Sistem Informasi Manajemen di Balai Besar Kesehatan Paru Masyarakat Surakarta Berdasarkan Aspek Persepsi Pengguna xv + 104 halaman + 19 tabel + 3 gambar + 23 lampiran Sistem informasi rumah sakit (hospital information system /HIS) turut berkembang seiring dengan perkembangan teknologi informasi. Balai Besar Kesehatan Paru Masyarakat (BBKPM) Surakarta pada tahun 2013 telah mengaplikasikan SIMRS berbasis komputer, yang awalnya sistem pelaporannya masih manual. Jenis penelitian ini adalah penelitian deskriptif evaluatif dengan pendekatan cross sectional, instrumen penelitian ini dengan menggunakan kuesioner. Metode evaluasi sistem informasi yang ada di BBKPM Surakarta adalah menggunakan metode PIECES yang dari Performance, Information/Data, Economic, Control/Security, Efficiency, Service. Hasil penelitian ini adalah, persepsi pengguna berdasarkan aspek performace dikategorikan persepsi baik47,5% dan persepsi kurang baik 52,5%, aspek informasi dikategorikan baik 50% dan kurang baik 50%, aspek ekonomi dikategorikan persepsi baik 60% dan persepsi kurang baik 40%, aspek kontrol dikategorikan persepsi baik 47,5% dan persepsi persepsi kurang baik 52,5%%, serta aspek efisiensi dikategorikan persepsi baik 47,5% dan persepsi kurang baik 52,5%, kemudian aspek servis dikategorikan persepsi baik 60% dan persepsi kurang baik 40%. Kesimpulan dalam penelitian ini bahwa persepsi pengguna berdasarkan aspek secara keseluruhan (aspek performance, informasi, ekonomi, kontrol, efisiensi, dan servis) yaitu dikategorikan baik 52,08% dan kurang baik 47,92%. Saran untuk Balai Besar Kesehatan Paru Masyarakat Surakarta adalah perlu adanya pembenahan dalam aspek performan dan kontrol serta melibatkan user dalam pengembangan sistem informasi. Pembenahan aspek efisiensi dan pelatihan menggunakan sistem informasi manajemen rumah sakit. Kata Kunci : Kinerja, sistem informasi, persepsi pengguna, metode PIECES Pustaka : 27 (1994-2013) Diponegoro University Faculty of Public Health Master’s Program in Public Health Majoring in Health Management Information System 2015 ABSTRACT Novita Yuliani Performance Evaluation of Management Information System at Council of Public Lung Health in Surakarta based upon Aspect of User’s Perception xv + 104 pages + 19 tables + 3 figures + 23 enclosures Hospital information system (HIS) developed together with information technology. Council of Public Lung Health in Surakarta in 2013 had applied HIS based on computer, previously done manually. This was descriptive-evaluative study with cross sectional approach. Research instrument used a questionnaire. Evaluation method of information system available at Council of Public Lung Health in Surakarta was PIECES (Performance, Information/Data, Economic, Control/Security, Efficiency, and Service). The results of this research showed that in terms of the aspect of performance, users had good perception (47.5%) and bad perception (52.5%); aspect of information, users had good perception (50%) and bad perception (50%); aspect of economic, users had good perception (60%) and bad perception (40%); aspect of control, users had good perception (47.5%) and bad perception (52.5%); aspect of efficiency, users had good perception (47.5%) and bad perception (52.5%); and for aspect of service, users had good perception (60%) and bad perception (40%). In conclusion, users’ perceptions of all measured aspects (performance, information, economic, control, efficiency, and service) were categorised as good (52.08%) and bad (47.92%). As suggestions, the Council needs to improve the aspects of performance and control that involves users in development of information system. In addition, improvement of efficiency aspect and training uses HIS. Key Words : Performance, Information System, Users’ Perceptions, PIECES method Bibliography : 27 (1994-2013

Perception of Economic Security

The article examines the perception of economic security, the analysis of economic security perception responds to this information. In fact, the perception of economic security came from the cross-section of economics and political science. Scientists from different countries are currently talking and preparing various analysis about economic security. Until now, there is no unified concept of economic security, and every scientist provides his understanding of economic security. Various structures are presented, such as economic sovereignty, economic independence, stability, sustainability. The article aims to show what another understanding of economic security is

The Impact Of Information Richness On Information Security Awareness Training Effectiveness

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using theInternet. To reduce losses, organizations have made information security awareness a top priority. The threemain barriers to information security awareness are: (1) general security awareness, (2) employees’ computerskills, and (3) organizational budgets. Online learning appears a feasible alternative to providing information security awareness and countering these three barriers. Research has identified three levels of security awareness: perception, comprehension and projection. This paper reports on a laboratory experiment thatinvestigates the impacts of hypermedia, multimedia and hypertext to increase information security awareness among the three awareness levels in an online training environment. The results indicate that: (1) learners who have the better understanding at the perception and comprehension levels can improve understanding at the projection level; (2) learners with text material perform better at the perception level; and (3) learners withmultimedia material perform better at the comprehension level and projection level. The results could be used by educators and training designers to create meaningful information security awareness material

Managing ERP Implementation Failure: A Project Management Perspective

In recent years, rapid progress in the use of the internet has resulted in huge losses in many organizations due to lax security. As a result, information security awareness is becoming an important issue to anyone using theInternet. To reduce losses, organizations have made information security awareness a top priority. The three main barriers to information security awareness are: (1) general security awareness, (2) employees’ computerskills, and (3) organizational budgets. Online learning appears a feasible alternative to providing information security awareness and countering these three barriers. Research has identified three levels of securityawareness: perception, comprehension and projection. This paper reports on a laboratory experiment that investigates the impacts of hypermedia, multimedia and hypertext to increase information security awarenessamong the three awareness levels in an online training environment. The results indicate that: (1) learners who have the better understanding at the perception and comprehension levels can improve understanding at the projection level; (2) learners with text material perform better at the perception level; and (3) learners with multimedia material perform better at the comprehension level and projection level. The results could be used by educators and training designers to create meaningful information security awareness materials

Using anomalous data to foster conceptual change in security awareness

Users are often regarded as the weakest link in an information system. To this, information security awareness nowadays gains much attention in organizations, schools, and universities. Since the practice of safe computing involves individual perception, effective pedagogy that can deliver a proper message about security awareness is vital for information security education. This article reports an experiment conducted on 102 university students which determined if anomalous data can provoke conceptual change, and whether anomaly can affect the perception of information security of the students. With evidences found from the experiment, it is concluded that conceptual change fostered by anomalous data is an effective pedagogy for information security education. ©2009 IEEE.published_or_final_versionThe IEEE International Symposium on Intelligent Signal Processing and Communication Systems (ISPACS 2009), Kanazawa, Japan, 7-9 January 2009. In Proceedings of the IEEE ISPACS, 2009, p. 638-64

How Paternalistic Leaders Motivate Employees’ Information Security Policy Compliance? Building Climate or Applying Sanctions

This paper studies the influencing mechanisms of Paternalistic Leadership in motivating employees’ Information Security Polices Compliance. We proposed that Sanctions and Information Security Climate can mediate the impact of different PL dimensions. Based on survey data from 760 participants, we found that, for different PL dimension, their influencing mechanism are different. The impact of AL dimension is partially mediated by employees’ perception of the Sanction, while the impact of BL dimension and ML dimension are partially mediated by employees’ perception of the Information Security Climate. Our research extends the existing literature by introducing the impact of specific leadership styles on employees’ ISP Compliance and discovering the mediating role of Sanction and Information Security Climate. New knowledge is also found about how each PL dimension affects employees’ Compliance in the information security context

Privacy and Security Information Awareness and Disclosure of Private Information by Users of Online Social Media in the Ibadan Metropolis, Nigeria

The purpose of this paper is to investigate information privacy and security awareness among online social media (OSM) users in the Ibadan metropolis, Nigeria. Building upon the social exchange theory, some factors that could influence the disclosure of private information on social media were identified. Findings from the analysis of data of 255 respondents revealed that most were aware of information privacy and security measures available on OSM, and the risks associated with the disclosure of private information on OSM. Privacy and security awareness, the perception of benefits associated with the use of OSM, the perception of risks associated with the use of OSM, trust in the security of OSM, and the respondents’ privacy and security self-efficacy influenced the disclosure of private information, while gender did not. Social media providers should provide more enlightenment on privacy settings available on the platforms to create more security and privacy consciousness