Arthur Jung-Ting Chang scite author profile

PurposeModernized information systems (IS) have brought enterprises not only enormous benefits, but also linked information threats. Most enterprises solve their IS security‐related problems using technical means alone, and focus on technical rather than managerial controls, which may imply potential crises. This study examines whether the security preparation of firms matches the severity of IS threats they perceive in developing countries, especially in issues concerning “people” and “administration”. Additionally, this study discusses appropriate threat mitigation strategies for the four sectors as well.Design/methodology/approachUsing an empirical study, this study explores the past and current concerns of IS threats of firms in different industries, and the countermeasures prepared by them to protect themselves from such threats. The empirical data was provided by 109 Taiwanese enterprises from four sectors.FindingsThe analytical results revealed the differences in both the IS threats concerned and the security scopes prepared among the four sectors. Moreover, the preparation scopes were not commensurate with the perceived severity of threats. All four industries rated the network as posing the strongest threat, following regulation and personnel issues, while among the countermeasures in use, these three issues have larger application deficiencies.Originality/valueThis study concludes that the firms do not well prepare themselves against IS threats entailed to non‐technical administration issues and discusses appropriate threat mitigation strategies for the four sectors. Specifically, firms should be aware of IS threats to their business and prepare suitable security protections.

show abstract

Roles of perceived risk and usefulness in information system security adoption

Chang

2010

View full text Add to dashboard Cite

Past research has clarified effective IS security and examined the contributors to security technology adoption in organizations. Based on the research as well as the traditional technology acceptance model, this study proposes a conceptual model that employs risk-related factors to predict managerial attitude towards adopting security technologies. Unlike most works that merely consider perceived usefulness of technology from the positive benefits perspective, this study suggests that the downside of risk is a major determinant of managerial behavior in adopting security technology. This study adds two perceived risks and decision-maker risk propensity into the model to clarify the relationships between the three risk-related factors and perceived usefulness, as well as their effects on security technology adoption. Propositions derived from the conceptual model provide an agenda for future studies of individual risk behavior in organizational settings.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Arthur Jung-Ting Chang

Threats and countermeasures for information system security: A cross-industry study

The effects of job satisfaction and organization commitment on information security policy adoption and compliance

Proliferation of computers among Taiwanese SMEs

On security preparations against possible IS threats across industries

Roles of perceived risk and usefulness in information system security adoption

Contact Info

Product

Resources

About