Editorial: IT-enabled Organization Design

Editorial for the issue

Editorial

Editorial for the issue

Editorial

Editorial for the issue

Editorial

Editorial for the issue

The Impact of Board Structure on Information Security Breaches

This paper investigates the association between the board structure of a firm and the possibility of information security breaches. Building on the agency theory and resource dependence theory, we hypothesize that the board structure could affect the guidance and advice capability of the board on the executives’ decision of information security management. Our results show that the board size and the number of independent directors could increase the possibility of security breaches while the average and heterogeneity of age/tenure could reduce it. Our findings shed lights on the crucial role played by the board when managing information security risks in organizations

Employees’ workplace cyberloafing: based on the perspective of guanxi

Cyberloafing is the biggest time waster in organization, 69 percent of respondents admitted waste time on non-work related activities each day. This number might be higher in China for a larger population of cyber citizens. Previous Studies have investigated the antecedents from various perspectives, such as organization justice, deterrence and work stressor. No one addressed cyberloafing from the perspective of guanxi, even though the strength of guanxi directly determines the appropriate behavior of employees , and employees are grounded by such behavioral norms. To fill this gap, we proposed a research model from the perspective of guanxi theory to understand employees’ cyberloafing behavior

Information Systems Security Education: Redressing the Balance of Theory and Practice

One of the perennial concerns in education is the ability of students to apply what they have learnt in a real world context. To tackle this issue, this paper proposes the adoption of a situated learning strategy as a mechanism for linking theory and practice for delivering information systems security education. There are two areas of focus in the research presented. First, we offer an example of an information systems security course applying situated learning strategy. Second, we examine student feedback on this particular teaching design. The exploratory findings suggest that situated learning has potential for knowledge development as well as for balancing theory and practice. Thus we recommend our example of an information systems security course for use as model of practice for other educators in this field