Contributions to organizational information security

[no abstract

A Self-Service Supporting Business Intelligence and Big Data Analytics Architecture

Self-service Business Intelligence (SSBI) is an emerging topic for many companies. Casual users should be enabled to independently build their own analyses and reports. This accelerates and simplifies the decision-making processes. Although recent studies began to discuss parts of a self-service environment, none of these present a comprehensive architecture. Following a design science research approach, this study proposes a new self-service oriented BI architecture in order to address this gap. Starting from an in-depth literature review, an initial model was developed and improved by qualitative data analysis from interviews with 18 BI and IT specialists form companies across different industries. The proposed architecture model demonstrates the interaction between introduced self-service elements with each other and with traditional BI components. For example, we look at the integration of collaboration rooms and a self-learning knowledge database that aims to be a source for a report recommender

Towards a Smart Services Enabling Information Architecture for Installed Base Management in Manufacturing

In the manufacturing industry the provision of smart services is an opportunity to gain a competitive advantage. As there are high demands on machine availability, smart services in the field of installed base management are important. Through integrating condition monitoring data with installed base data a digital twin of the installed base can be created. This enables comprehensive analyses and the provision of individualized smart services. But this requires to structure and standardize the data. Following the action design research (ADR) approach, in this article design principles of an information architecture are developed. The architecture is evaluated and improved in the context of an international engineering and manufacturing company. A test run with real machine data shows the applicability in practice

Investigating the influence of security, privacy, and legal concerns on employees' intention to use BYOD mobile devices

The concept of Bring-Your-Own-Device (BYOD) describes the trend of employees using their private mobile devices to manage corporate data from anywhere at any time. BYOD can increase employees' productivity and be cost-cutting for organizations. To implement BYOD, organizations are dependent on employees’ acceptance of BYOD, because employees' participation usually is voluntary. As employees' acceptance is affected by uncertainty, we investigate the influence of security, privacy, and legal concerns on the intention to use BYOD mobile devices. A research model is developed based on the theory of reasoned action (TRA) and the technology acceptance model (TAM), which is tested by means of structural equation modeling (SEM) with data collected from 151 employees. Our results indicate a significant impact of the concerns on employees’ acceptance. Moreover, our study reveals employees' indecision towards their intention to use their private mobile devices for working purposes. Several implications for future research and practitioners are given

Rechts- und ethikkonforme Identifikation von unternehmensschädlichen Handlungen durch semiautomatisierte Prozesse

Heutzutage werden in einem Unternehmen eine Vielzahl sensibler Informationen und Daten verarbeitet, die auch vor Attacken aus dem Inneren des Unternehmens geschützt werden müssen. Ein Umdenken im (IT-) Risikomanagement hin zu einer präventiven Identifikation von potenziell unternehmensschädlichen Handlungen wird bereits in der Literatur diskutiert und setzt u. a. starke Mitarbeiterüberwachungen voraus. Dies stößt auf datenschutzrechtliche Grenzen und wirft ethische sowie moralische Bedenken auf. Mit Fokus auf Compliance des (IT-) Risikomanagement wird in diesem Aufsatz gezeigt, wie ein Modell zur automatisierten Identifikation und Prävention unternehmensschädlicher Handlungen aussehen kann, ins-besondere wenn deutsches Datenschutzrecht und Mitbestimmungsrechte der Arbeitnehmer beachtet sowie ethische und moralische Bedenken berücksichtigt werden

Information security awareness and behavior: A theory-based literature review

Purpose – This paper aims to provide an overview of theories used in the field of employees’ information systems (IS) security behavior over the past decade. Research gaps and implications for future research are worked out by analyzing and synthesizing existing literature. Design/methodology/approach – This paper presents the results of a literature review comprising 113 publications. The literature review was designed to identify applied theories and to understand the cognitive determinants in the research field. A meta-model that explains employees’ IS security behavior is introduced by assembling the core constructs of the used theories. Findings – The paper identified 54 used theories, but four behavioral theories were primarily used: Theory of Planned Behavior (TPB), General Deterrence Theory (GDT), Protection Motivation Theory (PMT) and Technology Acceptance Model (TAM). By synthesizing results of empirically tested research models, a survey of factors proven to have a significant influence on employees’ security behavior is presented. Research limitations/implications – Some relevant publications might be missing within this literature review due to the selection of search terms and/or databases. However, by conduction a forward and a backward search, this paper has limited this error source to a minimum. Practical implications – This study presents an overview of determinants that have been proven to influence employees’ behavioral intention. Based thereon, concrete training and awareness measures can be developed. This is valuable for practitioners in the process of designing Security Education, Training and Awareness (SETA) programs. Originality/value – This paper presents a comprehensive up-to-date overview of existing academic literature in the field of employees’ security awareness and behavior research. Based on a developed meta-model, research gaps are identified and implications for future research are worked out. © Emerald Group Publishing Limited

CaMKIIδ-dependent dysregulation of atrial Na+ homeostasis promotes pro-arrhythmic activity in an obstructive sleep apnea mouse model

Background: Obstructive sleep apnea (OSA) has been linked to various pathologies, including arrhythmias such as atrial fibrillation. Specific treatment options for OSA are mainly limited to symptomatic approaches. We previously showed that increased production of reactive oxygen species (ROS) stimulates late sodium current through the voltage-dependent Na+ channels via Ca2+/calmodulin-dependent protein kinase IIδ (CaMKIIδ), thereby increasing the propensity for arrhythmias. However, the impact on atrial intracellular Na+ homeostasis has never been demonstrated. Moreover, the patients often exhibit a broad range of comorbidities, making it difficult to ascertain the effects of OSA alone. Objective: We analyzed the effects of OSA on ROS production, cytosolic Na+ level, and rate of spontaneous arrhythmia in atrial cardiomyocytes isolated from an OSA mouse model free from comorbidities. Methods: OSA was induced in C57BL/6 wild-type and CaMKIIδ-knockout mice by polytetrafluorethylene (PTFE) injection into the tongue. After 8 weeks, their atrial cardiomyocytes were analyzed for cytosolic and mitochondrial ROS production via laser-scanning confocal microscopy. Quantifications of the cytosolic Na+ concentration and arrhythmia were performed by epifluorescence microscopy. Results: PTFE treatment resulted in increased cytosolic and mitochondrial ROS production. Importantly, the cytosolic Na+ concentration was dramatically increased at various stimulation frequencies in the PTFE-treated mice, while the CaMKIIδ-knockout mice were protected. Accordingly, the rate of spontaneous Ca2+ release events increased in the wild-type PTFE mice while being impeded in the CaMKIIδ-knockout mice. Conclusion: Atrial Na+ concentration and propensity for spontaneous Ca2+ release events were higher in an OSA mouse model in a CaMKIIδ-dependent manner, which could have therapeutic implications

Transformational Leadership and Employees’ Information Security Performance: The Mediating Role of Motivation and Climate

The importance of organizational information security is constantly increasing. Next to technical information security measures, research has incorporated multidisciplinary behavioral theories in order to explain employees’ information security awareness and behavior. While focusing on employees as the weakest link in the information security chain, the role of leadership has been considered less. To address this gap, the purpose of this explorative study is to investigate how transformational leadership can influence employees’ information security performance. A research model is developed that is empirically tested by means of structural equation modeling (SEM) with data collected from 208 employees across different industries. Our results indicate a significant influence of transformational leadership on employees’ information security participation. Moreover, our study reveals that transformational leaders are able to form a positive organizational climate towards information security and thereby (indirectly) enhance employees’ motivation. Drawing from our findings, implications for practitioners and future IS research are derived

Investigating the Influence of Security, Privacy, and Legal Concerns on Employees\u27 Intention to Use BYOD Mobile Devices

The concept of Bring-Your-Own-Device (BYOD) describes the trend of employees using their private mobile devices to manage corporate data from anywhere at any time. BYOD can increase employees\u27 productivity and be cost-cutting for organizations. To implement BYOD, organizations are dependent on employees’ acceptance of BYOD, because employees\u27 participation usually is voluntary. As employees\u27 acceptance is affected by uncertainty, we investigate the influence of security, privacy, and legal concerns on the intention to use BYOD mobile devices. A research model is developed based on the theory of reasoned action (TRA) and the technology acceptance model (TAM), which is tested by means of structural equation modeling (SEM) with data collected from 151 employees. Our results indicate a significant impact of the concerns on employees’ acceptance. Moreover, our study reveals employees\u27 indecision towards their intention to use their private mobile devices for working purposes. Several implications for future research and practitioners are given