Investigating the Formation of Information Security Climate Perceptions with Social Network Analysis: A Research Proposal

Over the past years, a large amount of studies has advanced knowledge that explains how individuals react to information security cues and why they are motivated to perform secure practices. Nevertheless, those studies predominantly set their focus on the adoption of secure practices at an individual level; therefore they were unable to analyse such adoption at the higher level. As a consequence, the formation and dissemination processes of information security perceptions were overlooked despite their importance. Understanding those processes would inform methods to distribute effectively desirable information security perceptions within the workplace, while potentially explaining why in some cases implementation of information security measures was not successful at changing the employees’ beliefs and behaviours. The first part of this paper reviews the concept of information security climate that emerge from the individual’s interactions with the work environment, which has been under researched and investigated inconsistently. The second part begins with discussing the influence mechanisms that could disseminate information security climate perceptions, then suggests the adoption of social network analysis techniques to analyse those mechanisms. As a result, the paper forwards an integrated framework about information security climate perceptions, as well as proposes a research agenda for future investigations on how those perceptions could be formed and disseminated within the workplace

Who influences information security behaviours of young home computer users in Vietnam? An ego-centric network analysis approach

This study aims to explore the social roles of the people who can influence young home computer users (HCUs) in Vietnam, as well as the interactions that make those people influential. Since HCUs are considered the weakest link in the security chain and cyber-threats can attack organisation’s information systems indirectly via these HCUs, it is therefore necessary to identify their sources of security influence for designing effective intervention. To this end, the ego-centric network analysis approach was employed to analyse the personal networks of security influence of 116 HCUs, comprising 548 influential sources in total. Close relationships such as family members, partners, friends, and colleagues were predominantly nominated as capable of influencing HCUs’ security behaviours. Furthermore, these sources influence the HCUs by possessing the power bases of expert, reward, and coercive, as well as holding legitimate positions that make them influential

Determinants of Successful ICT Risk Management in Thai Organisations

This paper reports a study of the key factors that affect ICT risk management using Thai businesses as the data sources. Three hundred and two respondents from listed organisations on the Stock Exchange of Thailand (SET) were surveyed and the data analysed to establish the strength of relationships in a model derived from extant literature and the application of the two most commonly used governance standards for information and communication technology (ICT), COBIT and ISO/IEC 17799. The research shows that a small number of key factors have the most effect on successful ICT risk management, namely organisational policy, human resource management planning, organisational security and management of ICT. The focus of the research is to propose the successful ICT risk management model to organisations

Understanding the Formation of Information Security Climate Perceptions: A Longitudinal Social Network Analysis

Business process capture is a first step in the larger endeavour of business process management. In this paper we view business process capture as a knowledge conversion process. We explore the conversion of knowledge when business analysts capture information about business processes from domain experts. We identify seven process capture activities in a thematic analysis of comments made by business analysts in response to open-ended questions in an online survey. The seven activities are involving, simplifying, tailoring, training, combining, confirming, and engaging soft skills. We show how these activities involve the transfer of tacit and explicit knowledge between the business analyst and the domain expert and how the transfer conforms to the SECI modes of knowledge conversion, well known in the research domain of knowledge management. The paper contributes a SECI-based knowledge conversion model of business process capture and insight for business analysts about business process capture activities

Contextual Difference and Intention to Perform Information Security Behaviours Against Malware in a BYOD Environment: a Protection Motivation Theory Approach

The research domain of end-user’s information security behaviours has been gaining much attention over the recent years. While the nature of intention to perform information security behaviours are being revealed, there are still gaps in this area. In particular, few studies have addressed whether such intention remains across contexts, especially from home to public places. Secondly, the amount of the cyber-threats swells with the increase of personal devices with the rapid adoption of the BYOD trend. This research employed MSEM methods to develop a conceptual model based on Protection Motivation Theory by using data collected from 252 higher education students in a BYOD Australian university. Our findings confirmed and explored in details how intention to perform information security behaviours varied due to the change of context. Academics and practitioners could mitigate the security gap by focusing on the intention’s differences discussed in our findings

INVESTIGATING THE POSSIBILITY FOR IS/IT TO SUPPORT THE DELIVERY OF CHINESE MEDICINE

As Chinese medicine (CM) has increased in popularity globally it now becomes imperative to investigate ways in which safe, efficient, effective and evidence-based approaches might be adopted into CM practice. In the case of western or more traditional healthcare delivery practice, IS/IT is often adopted and employed to assist in this regard and thus this paper examines how IS/IT might be used to support the delivery of CM. In particular, the paper investigates how IS/IT tools and techniques might be used in supporting CM clinics daily processes and thereby bring greater value to a country’s healthcare. In doing so, this paper studies the current global CM situation and provides a solid foundation for how to design and develop an enterprise wide CM clinical management system

Using IS/IT to Support the Delivery of Chinese Medicine: The Design of a Chinese Medicine Clinic System

Using Information System/Information Technology (IS/IT) in Chinese Medicine (CM) has not been discussed much, if at all, in the literature. This is unlike the numerous references to the role for IS/IT to support various aspects of western medicine practice. Though the diagnosis and treatments between western medicine and CM are different, the clinical processes are similar. Thus, we believe that by implementing IS/IT system solutions, CM practice can also enjoy many benefits. CM practice relies on expert knowledge, hence applying knowledge management (KM) concepts to any proposed Chinese Medicine Clinic System (CMCS) is a necessary critical factor in the design of suitable IS/IT solutions in this context. This paper serves to identify a role for IS/IT in assisting CM clinic daily key processes as well as identify key system features and functions for a suitable CMCS

Categorizing Young Facebook Users Based On Their Differential Preference of Social Media Heuristics: A Q-Methodology Approach

Background: Social media have become an integral part of our modern society by providing platforms for users to create and exchange news, ideas, and information. The increasing use of social media has raised concerns about the reliability of the shared information, particularly information that is generated from anonymous users. Though prior studies have confirmed the important roles of heuristics and cues in the users’ evaluation of trustworthy information, there has been no research–to our knowledge–that categorized Facebook users based on their approaches to evaluating information credibility. Method: We employed Q-methodology to extract insights from 55 young Vietnamese users and to categorize them into different groups based on the distinct sets of heuristics that they used to evaluate the trustworthiness of online information on Facebook. Results: We identified four distinct types of young Facebook user groups that emerged based on their evaluation of online information trustworthiness. When evaluating online information trustworthiness on Facebook, these user groups assigned priorities differently to the characteristics of the online content, its original source, and the sharers or aggregators. We named these groups: (1) the balanced analyst, (2) the critical analyst, (3) the source analyst, and (4) the social network analyst. Conclusion: The findings offer insights that contribute to information processing literature. Moreover, marketing practitioners who aim to disseminate information effectively on social networks should take these user groups’ perspectives into consideration

COLECCIÓN LUIS SUÁREZ GALVÁN [Material gráfico]

FORMA PARTE DEL ÁLBUM DEL TOUR NORTEAMERICANO REALIZADO POR LUIS SUÁREZ GALVÁN Y SU FAMILIACopia digital. Madrid : Ministerio de Educación, Cultura y Deporte. Subdirección General de Coordinación Bibliotecaria, 201

Barriers and motivations affecting Information Systems usage by Hajj–Umrah religious tourism operators in Saudi Arabia

Hajj & Umrah religious tourism accounts for seven million visitors each year in Saudi Arabia. The government has recently taken initiatives to promote the use of Information Systems (IS) in the religious tourism industry, encouraging firms to adopt IS innovations like e-commerce and enforcing the use of the Makha’a information system in Umrah for external pilgrims and the Yosr information system in Hajj for internal pilgrims. This study outlines the motivations and challenges that affect the utilisation of various IS services in the Saudi religious tourism industry through a qualitative analysis of the views and perceptions of senior executives and owners of travel firms. The findings suggest that while government initiatives and industry competitiveness were two positive factors promoting IS use, there are some major barriers preventing private firms from fully utilising the advantages of information systems. These include external factors such as lack of support from the IT industry and access to IT resources as well as internal factors within an organisation such as lack of commitment or the need for professional IT expertise. The study finds that relative advantage is a critical contributor to IS utilisation which depends on information systems characteristics