Web 2.0 in Higher Education: Collaborative Learning

Web 2.0 has created an open-context that promotes collaborative learning by allowing interaction, participation, and transaction. Introducing Web 2.0 into curriculum will enhance students’ learning experiences in higher education while serving the pedagogical objectives pertaining to collaborative learning. Google Docs & Spreadsheets (GDS), a Web 2.0 technology, was introduced as a collaborative tool to improve team-based learning in both undergraduate and graduate classes. This research paper plans to adopt hermeneutics circle approach to provide insights on how to facilitate and enhance collaborative learning in a team-oriented environment

Collaborative Learning with Web 2.0 Technology: Synchronicity Dimension

Web 2.0 technology provides an open platform to promote active users’ interaction and participation in anytime and anyplace, enabling knowledge creation, sharing, and transfer. Using grounded theory approach, this study examines how effective the online collaboration tool that employs Web 2.0 technology could enhance collaborative learning in a team-based environment in higher education. The study results discover that Web 2.0 collaboration tool lacks high synchronicity dimension. High synchronicity dimension of a communication channel is characterized by immediacy of feedback in support of attaining shared understanding, focus, and trust in team interaction. As learning is an outcome of interaction among team members who exchange ideas and share experiences to attain group solutions and bring about knowledge construction, the study suggests that Web 2.0 collaboration tool should include features supporting high synchronicity dimension

A role theory perspective: Will shifting left become a pain for application developers?

To foster application security (AppSec), organizations are adopting development, security, and operations (DevSecOps) framework that integrates application development with security controls and systems operations. With DevSecOps. application developers have to “wear many hats”. Besides coding, developers are assigned additional tasks including system testing and operations, thus adopting the roles of systems testers and systems engineers. Transitioning from one role to another involves boundary crossing through which individuals have to embrace changes for performing new tasks defined by another role. This may instigate developers’ mental fatigue. Also, tasks associated with “non-developer” roles (e.g., systems operations) may not be a good cognitive fit, thus provoking developers’ mental distress. To address this issue, we examine the effects of multi-roles adoptions on developers’ well-being that will gradually affect their cognitions of cyber situational awareness (i.e., awareness of cyber threats relative to AppSec)

A Cross Industry Study: Differences in Information Security Policy Compliance between the Banking Industry and Higher Education

This study adopts Neo-Institutional Theory (NIT) to address the underlying differences in information security policy compliance between the banking industry and higher education. Drawing on NIT, this study examines how regulative, normative, and cognitive expectations effect internal organizational efforts of staying compliant across both industries. Using Partial Least Square (PLS) method, the analysis results suggest that both industries rely on the interrelations between regulative and normative expectations to propel the organizational efforts of attaining compliance. However, the main difference lies within cognitive expectation. In the institution of higher education, cognitive expectation influences regulative expectation that subsequently drives information security policies compliance. On the other hand, cognitive expectation reflects on the regulatory pressure in the banking industry. Given these findings, this study provides suggestions to policy makers for promoting information security policy compliance across industries

IT GOVERNANCE FRAMEWORK: ONE SIZE FITS ALL?

Most of the IT governance frameworks address information systems management in the corporate settings that support top-down management. However, this neglects some organizational settings in favor of bottom-up approach, such as, higher education. To close the gap, this study compares the management styles and organizational practices between higher education and banking industry to reveal the underlying factors that drive organizational security norms in both industries. The results reveal that higher education operates in an open environment that supports employee’s participation for policy compliance. On the other hand, top-down management enforces policies and facilitates employee’s participation for information security safeguard in the banking industry. Accordingly, this study suggests that a new paradigm of IT Governance framework (ITG) is necessary for addressing the unique culture of higher education. Additionally, IT governance can operate in a decentralized mode in the banking industry for encouraging employee’s participation in support of information policy compliance

The “Right” recipes for security culture: a competing values model perspective

This study argues that the effect of perceived organizational culture on the formation of security-related subjective norms and the level of compliance pressure will vary based on how the employees perceive their organization’s cultural values. These perceptions reflect on the assumptions and principles that organizations use to guide their security-related behaviors. To make these arguments, we adopt the competing values model (CVM), which is a model used to understand the range of organizational values and resulting cultural archetypes

Impact of External Pressures on Information Security Policy Compliance in the Banking Industry

There has been virtually no previous study discussing how external pressures impel banks to stay compliant. These external pressures could be a compelling force driving banks to comply. Hinged on the Neo-Institutional Theory (NIT), this study examines how the external pressures, namely, regulative, normative, and cognitive expectations, drive banks to comply. The research findings reveal that information security policy compliance in banking organizations is directly driven by normative expectation. Normative expectation encompasses the pressures of fulfilling social/moral obligation and conforming to the industry norms defined by the standardized information security mechanisms. Since the findings uncover that normative expectation is a significant force in the institution of banking, this study suggests drafting internal organizational policies to (1) meet normative expectation and (2) provide a new avenue for risk assessment based on the normative elements