Identifying Factors that Influence Corporate Information Security Behavior

In this paper, we present a social/behavioral meta-study of good corporate information security practices. The research model combines social cognitive theory and control theory in order to explain the individual and environmental factors that influence corporate information security behavior. The model includes employees’ beliefs about their abilities to competently use computer information security tools in the determination of effective information security practices within organizations. We present the definition and operationalization of constructs such as information security awareness and information security practice as the dependent variable and then support within the organization, encouragement by others, others’ use as environmental factors in the information security context; and finally, self-efficacy and outcome expectations as the independent variables of the model. This research model is aimed to develop an effective audit and recommendation model for organizations that are looking to make significant improvements in their information security profiles

Three Perspectives on the Value of Bridgers Within IT: A Longitudinal Study of Eight Years of Job Placement of IT Graduates

Job placement data is important for understanding where graduates get jobs. We present an empirical study of eight years of undergraduate and graduate IT placement data to explore IT jobs obtained within IT functions. Niederman, Ferratt, and Trauth (2016) propose clustering IT jobs into four macro-level categories based on the knowledge, skills, and abilities (KSAs) required for these jobs: IT bridgers, technical specialists, application domain specialists, and IT managers. They argue an increased need for and value placed on “bridgers” who can fill bridging jobs within IT. Bridgers within IT possess both technical and “soft skills” like communications/managerial and change/project management and work within the IT function but can liaise between IT and business units. Using a longitudinal sample of 1,980 IT graduates from one Information School, the data supports that IT bridgers are hired within IT, are hired earlier, and are largely hired in consulting, technology, and finance industry sectors. Contributions include exploring the utility of the macro-level categorization of NFT IT job categories to analyze job placement, the importance of tracking IT job placement in employer sectors, and the overall value of IT placement data for IT educators and administrators

Information Security Awareness and Information Security Practices of Internet Users in Bolivia: A Socio-Cognitive View

In this study, the authors look at the factors that influence individual information security practices of internet users in Bolivia. The research model uses social cognitive theory to explain the individual cognitive factors that influence the information security behavior of Internet users. The model includes individuals’ beliefs about the individual abilities to competently use computer information security tools and their information security awareness in the determination of effective information security practices. The operationalization of the constructs that are part of the research model such as information security practice as the dependent variable, self-efficacy, and information security awareness as independent variables, are presented both in Spanish and English. In this study, we offer the analysis of a survey of 255 internet users from Bolivia who replied to our survey and provided responses about their information security behavior. A discussion about information security awareness and practices is presented. En este estudio, los autores analizan los factores que influyen en las prácticas individuales de seguridad de la información de los usuarios de Internet en Bolivia. El modelo de investigación utiliza la teoría social cognitiva para explicar los factores cognitivos individuales que influyen en el comportamiento de seguridad de la información de los usuarios de Internet. El modelo incluye las creencias de las personas sobre las habilidades individuales para utilizar de manera competente las herramientas de seguridad de la información y su conocimiento de la seguridad de la información en la determinación de prácticas efectivas de seguridad de la información. La operacionalización de constructos que forman parte de nuestro modelo de investigación, como la práctica de la seguridad de la información como variable dependiente, la autoeficacia y la conciencia de seguridad de la información como variables independientes, se presentan tanto en español como en inglés. En este estudio, ofrecemos el análisis de una encuesta a 255 usuarios de Internet de Bolivia que respondieron a nuestra encuesta y proporcionaron respuestas sobre su comportamiento de seguridad de la información. Se presenta una discusión sobre la conciencia y las prácticas de seguridad de la información

Information Security Practices in Latin America: The case of Bolivia

In this paper, we present a social/behavioral study of individual information security practices of internet users in Latin America, specifically presenting the case of Bolivia. The research model uses social cognitive theory in order to explain the individual cognitive factors that influence information security behavior. The model includes individuals’ beliefs about their abilities to competently use computer information security tools and information security awareness in the determination of effective information security practices. The operationalization of constructs that are part of our research model, such as information security practice as the dependent variable, self-efficacy and information security awareness as independent variables , are presented both in Spanish and English. In this study, we offer the analysis of a survey of 255 Internet users from Bolivia who replied to our survey and provided responses about their information security behavior. A discussion about information security awareness and practices is presented

AN EQUITY THEORY VIEW OF PERSONAL INFORMATION DISCLOSURE IN AN ONLINE TRANSACTIONAL EXCHANGE

This study draws upon equity theory to present a conceptual model for the study of personal information disclosure in an online buyer-seller transactional exchange. Prior research studies have utilized social contract and principal-agent theories to explain how information privacy concerns influence consumers’ intentions to provide their personal information to online sellers. Herein, equity theory is viewed as another “fairness and justice” lens through which online information privacy concerns can be explored while accommodating a broader set of situational factors, e.g., vendor loyalty, that also influence a buyer's willingness to provide their personal information to an online seller. The model operationalizes the “distress” construct that, according to equity theory, acts as an equity restoration mechanism and explores its mediation effects. Results of this empirical study show that event-driven distress can positively motivate an individual to provide personal information; and, that it can mediate the impact of certain situational factors on an individual’s willingness to provide personal information. Finally, vendor loyalty is conceptualized as a broadening of the “personalization” concept from the personalization-privacy paradox literature. It was also determined that “marital status” was significant in affecting one’s intention to disclose personal information while the significance of “age” was deemed inconclusive

Social Cognitive Theory: Information Security Awareness and Practice

In this paper, the authors discuss employees’ beliefs about their abilities to competently use computer information security tools in the determination of effective information security practices within organizations. In the first section the authors present a background about information security practices at work. Then, the authors present a research approach based on social cognitive theory applied in the information security context within organizations to address the individual and environmental factors that explain information security behavior of end users. The objective of the literature review is to describe the definition and operationalization of constructs such as information security awareness and information security practice as the mediating and dependent variables, and the independent variables of support within the organization, encouragement by others, others’ use as environmental factors in the information security context; and finally, self-efficacy and outcome expectations as the individual factors. A research model with a set of propositions is presented to improve the understanding of the personal and environmental factors that influence the effective security practices of organizational employees

Collaborative and Open Technologies and their Impact on Information Systems Instruction

The advent of the Internet and subsequent proliferation of collaborative technologies are changing the nature of communication and learning. In response, we will stimulate a debate about the role and desired use of collaborative technologies in the context of education in the IS discipline. In particular, we explore the potential contribution of specific technologies based on our practical experience with them. Furthermore, we propose several design principles of using such technologies and illustrate those using working prototypes that we have developed. Finally, we call for participation and further action in realizing the benefits of collaborative technologies in IS education

What Attracts Women to the IT Field? The First Process of Occupational Socialization

Socialization in an occupation differs in important ways from organizational socialization. Entering a defined occupation is apt to involve a lifelong commitment, yet it is one that individuals often drift into gradually. Entering occupations involves five different, but overlapping processes: attraction, access, adjustment, identification and commitment (Trice & Beyer, 1993). The first of these five processes refers to the specific features of the occupation that get individuals attention and attract them to the occupation. Such features include specific members of the occupation to whom newcomers get attracted such as successful heroes and mentors. It could also be the activities distinctive of the occupational culture or the kinds of extrinsic and intrinsic rewards that the occupation appears to offer. This research study focuses on the attraction process of occupational socialization to the information technology (Ahuja, 2002) field of female students in order to understand women’s experiences and initial perceptions of the IT occupation. This study gathers empirical evidence from current female students in IT-related majors based on a qualitative approach and the use of focus groups as the elicitation technique. The goal of our research study is to contribute to a better understanding of the initial process of occupational socialization of female students in IT majors. The findings of this study, we believe, can help in improving and customizing recruitment strategies for female students that would emphasize the most attractive features of the IT occupation as perceived by women. In this research in progress we present the findings of our study based on eight focus groups conducted with students of three IT related academic majors in two academic institutions in the United States

ELLAS Architecture and Process: Collecting and Curating Data on Women’s Presence in STEM

The underrepresentation of women in STEM fields needs to be highlighted through data to assist decision-makers and public policy creators in addressing the issue effectively. However, the lack of structured, organized data published openly in this domain is still a reality. To address this problem, a Latin American research network called ELLAS was created. The project's goal is to develop a platform with Semantic Web-based technologies to structure and concentrate data from Brazil, Peru, and Bolivia, initially. This paper presents the processes defined for the collection and curation of both unstructured and structured data, sourced from scientific articles, social networks, and existing open data. We explore the architecture design in a way that facilitates understanding of the details of the processes and the actors involved for each data source. We present the preliminary results from the application of these processes, and the strategies for future work, which include the data extraction and curation, and the ontology and knowledge graph development We also present some of the undergoing work, such as the survey development and application as well as showing what still hasn't been done, such as the platform development