Trust Account Fraud and Effective Information Security Management

The integrity of lawyers’ trust accounts has come under scrutiny in the last few years. There are strong possibilities of information technology security breaches happening within the firms, either accidental or deliberate. The damage caused by these security breaches could be extreme. For example, a trust account fund in an Australian law firm was misused in a security breach in which Telstra charged A$50,000 for phone usage, mainly for ISD calls to Hong Kong. Our study involved interviewing principals of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. We simultaneously carried out a survey to see if the trends identified in our case-studies could be backed up with broader quantitative data. We have also conducted in-depth interviews of five trust account regulators from the Law society of South Australia to know their view points on security threats on trust accounts. An overall finding highlights that law firms were not current with technology to combat computer crime, and inadequate access control was a major concern in safeguarding account data. Our conclusions revealed the urgent need for law firms to adopt security controls, implement information security policies and procedures and obtain cooperation from management to communicate these policies to staff

A Critical Analysis on Theoretical Perspectives of Teaching Information Security in Tertiary Education

The purpose of this paper is to critically examine the application of theoretical teaching models to the development and teaching of the Information Security (ISEC) curriculum in tertiary education. Based on the author’s personal experiences, the paper examines various teaching theories, discusses their suitability to the ISEC curriculum and recommends a suitable teaching style for the ISEC course

Evaluation of users’ perspective on VOIP’s security vulnerabilities

Voice over Internet protocol (VoIP) represents a major newish trend in telecommunications and an alternative to traditional phone systems. VoIP uses IP networks and therefore inherits their vulnerabilities. Adding voice traffic to IP networks complicates security issues and introduces a range of vulnerabilities. A VoIP system may face either an exclusive attack or an attack to the underlying IP network. The significance of security and privacy in VoIP communications are well known, and many studies mostly from the technical perspective have been published. However to date, no known research has been conducted to evaluate users’ perspectives on these issues. In light of this scarcity, we carried out a survey to evaluate users’ awareness of VoIP security vulnerabilities, and their attitudes towards privacy in VoIP communications. An overall finding highlights the fact that the majority of participants are neither concerned about VoIP privacy (eavesdropping) or VoIP security

Adolescents’ Safe Online Behaviour: A Multi-Factor Analysis Based on Social Cognitive Theory

This study sought to prove six hypotheses about the correlation between adolescents’ online use and parental behaviour, adolescents’ self-efficacy and adolescents’ self-regulation. Social Cognitive Theory (SCT) underpinned a survey of 340 respondents (182 males and 158 females) in the 12-17 year age group from 2 high schools in metropolitan South Australia. Structural Equation Modeling was used to test the significance of the hypotheses. The survey results revealed that environmental factors such as parental monitoring and guidance had a significant impact on adolescents’ online use. They also indicated that adolescents’ self-regulatory behaviour concerning online use may be influenced by other factors such as self-knowledge and self-determination. Personal factors such as instinct and motivation were found to influence the outcomes of online misuse, and encourage adolescents to adopt moderate and safe use patterns. The results demonstrated that self-efficacy – namely confidence, motivation and personality – has a positive impact on self-regulatory behaviour. A theoretical framework adapted from SCT specifically for this study generated new knowledge about factors that support a preventative approach to risky online use among adolescents

Case Study on an Investigation of Information Security Management among Law Firms

The integrity of lawyers trust accounts as come under scrutiny in the last few years. There have been many incidents of trust account fraud reported internationally, including a case in Australia, where an employee of a law firm stole $4,500,000 from the trust funds of forty-two clients. Our study involved interviewing principles of ten law companies to find out solicitors’ attitudes to computer security and the possibility of breaches of their trust accounts. An overall finding highlights that law firms were not current with technology to combat computer crime, and inadequate access control was a major concern in safeguarding account data. Our conclusions revealed the urgent need for law firms to adopt security controls, implement information security policies and procedures and obtain cooperation from management to communicate these policies to staff

Contributions of Guest Speakers to Online Delivery of IT Program

This paper aims to assess the benefits of inviting guest speakers for both IT undergraduate and postgraduate students in the online delivery of IT programs. A relevance and usefulness discourse framework is introduced to better understand the type of guest speakers that university academics should invite to enhance IT educational experience. This study will be conducted using a quantitative study based on an online survey to understand the students’ experiences, expectations and benefits of guest speakers in IT degrees which could give some interesting insights. This study will be performed before the course and then again after the speaker, to see how students now viewed what they learned in the course. The study findings are expected to provide useful suggestions for IT academics to maximise the guest speakers’ presentations with online delivery and achieving the intended learning outcomes

Information Security Models are a Solution or Puzzle for SMEs? A Systematic Literature Review

Effective information security management is necessary in the success of any organisation, including Small-and-Medium-Sized Enterprises (SMEs). Nonetheless, keeping their security needs met is always a challenge for SMEs. One of the proven ways to manage information security is through applying available international standards, frameworks and best practices. However, choosing a suitable model that addresses the SMEs holistic needs may be an overwhelming task. This systematic literature review formed the initial phase of a larger analytical project of existing models in three categories: risk management models, standards-based models and ‘other’ models. The review showed that most of models are theoretically conceived but have not been further tested empirically. Hence, their usability is unknown. More in-depth research is required to find a suitable model that may be applicable to all SMEs

An Investigation into Domestic Violence Victims\u27 Adoption of Chatbots for Help-seeking: Based on the UTAUT2 and Health Belief Models

Domestic violence cases have increased during and post COVID-19 pandemic, which significantly jeopardizes victims\u27 health. However, victims rarely seek help due to the associated stigma. One of the strategies to encourage them to seek help is through the use of digital communication tools for achieving confidentiality and anonymity. Thus, this study aims to investigate their adoption intention of chatbots for help-seeking. A review of the related literature is conducted, leading to the development of a conceptual framework within the theoretical background of the Unified Theory of Acceptance and Use of Technology 2 (UTAUT2) and Health Belief Model (HBM) for better exploring domestic violence victims\u27 adoption intention of chatbots. This study will provide insights into the impacts of information communication technology on domestic violence victims\u27 adoption of relevant chatbots, and offer insightful information to domestic violence organizations and healthcare providers in the development and implementation of chatbots for help-seeking

A Framework for Information Security Risk Management in IT Outsourcing

Qualitative researchers in business and management information systems fields often need to employ a method of inter-coder reliability to test the trustworthiness of the findings of their content analysis. A suitable method for checking the inter-coder reliability enables researchers to rigorously assess the degree of agreement among two or more independent qualitative coders. By employing this method, researchers can identify mistakes in the content analysis before the codes are used in developing and testing a theory or a measurement model and avoid any associated time, effort and financial cost. However, little guidance is available on what method of inter-coder reliability check should be used. In this paper, we present a critical analysis of these methods that are suitable for qualitative business and management IS research, and provide an example of how we employed the most rigorous method among these methods for a qualitative behavioural IS study