Information systems resources and information security

Chang, Kuo‐Chung; Wang, Chih‐Ping

doi:10.1007/s10796-010-9232-6

Cited by 26 publications

(14 citation statements)

References 62 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…That is, they outline strategies, plans, and investments based on an understanding of business objectives, values, and needs. Previous research have shown that organizations with business competent information security executives conduct proper management of information assets and effective allocation of resources (Chang and Wang, 2010). In line with the findings from the exploratory study, we believe that a deep understanding of the business environments, processes and the organizational goals should enable the development of effective information security strategies, provide information security services that fit organizational needs, and enable a more effective coordination of information security activities.…”

Section: The Role Of Business-based Information Security Managementsupporting

confidence: 83%

“…While all the aforementioned approaches have increased the understating of problems related to behavioral information security governance, and potential solutions to those problems, none of them have developed and empirically tested a theoretical model that include behavioral information security governance constructs. In fact, by reviewing related work the authors of the present paper only found four studies that fulfil this criteria (Straub, 1990;Kankanhalli, 2003;Knapp et al, 2007;Chang and Wang, 2010). Considering the lack of empirical studies related to behavioral information security governance, the present study aims at complementing the body of literature on behavioral information security governance by exploring, developing, and empirically testing a theoretical model explaining the establishment of security knowledge sharing throughout an organization.…”

Section: Introductionmentioning

confidence: 94%

“…When possible, the items were based on existing scales that have been proven reliable. Items representing business-based information security management, were identified from previous work (Chang and Wang, 2010;Spears and Barki, 2010). Thus, a major part of the items were developed specifically for this study.…”

Section: Item Developmentmentioning

confidence: 99%

“…In the present study, we quantitatively assessed the content validity using the item-sorting method proposed by Anderson and Gerbing (1991). This was done for all constructs except business-based information security management as these items were already proven reliable by previous empirical research (Chang and Wang, 2010;Spears and Barki, 2010). Besides providing a statistical result to assess the adequacy of content validity of each item, the method does not make any implicit assumptions about the direction of the relationship between the items and their corresponding factors or about the correlations between the items themselves.…”

Section: Content Validity Assessmentmentioning

confidence: 99%

See 3 more Smart Citations

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Flores

Antonsen

Ekstedt

2014

Computers & Security

121

View full text Add to dashboard Cite

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture.Computers & Security, http://dx.doi.org/10.1016/j.cose. 2014.03.004 Access to the published version may require subscription. N.B. When citing this work, cite the original published paper. Permanent link to this version:http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva- 142630 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 AbstractThis paper presents an empirical investigation on what behavioral information security governance factors drives the establishment of information security knowledge sharing in organizations. Data was collected from organizations located in different geographic regions of the world, and the amount of data collected from two countries -namely, USA and Sweden -allowed us to investigate if the effect of behavioral information security governance factors on the establishment of security knowledge sharing differs based on national culture.The study followed a mixed methods research design, wherein qualitative data was collected to both establish the study"s research model and develop a survey instrument that was distributed to 578 information security executives. The results suggest that processes to coordinate implemented security knowledge sharing mechanisms have a major direct influence on the establishment of security knowledge sharing in organizations; the effect of organizational structure (e.g., centralized security function to develop and deploy uniform firm-wide policies, and use of steering committees to facilitate information security planning) is slightly weaker, while business-based information security management has no significant direct effect on security knowledge sharing. A mediation analysis revealed that the reason for the non-significant direct relation between business-based information security management and security knowledge sharing is the fully mediating effect of coordinating information security processes. Thus, the results disentangles the interrelated influences of behavioral information security governance factors on security knowledge sharing by showing that information security governance sets the platform to establish security knowledge sharing, and coordinating processes realize the effect of both the structure of the information security function and the alignment of information security management with business needs.A multigroup analysis identified that national culture had a significant moderating effect on the association between four of the six proposed relations. In Sweden -which is seen as a less individualist, feminine country -managers tend to focus their efforts on implementing controls that are aligned with business activities and employees" need; monitoring the effectiveness of the implemented con...

show abstract

Section: The Role Of Business-based Information Security Managementsupporting

confidence: 83%

Section: Introductionmentioning

confidence: 94%

Section: Item Developmentmentioning

confidence: 99%

Section: Content Validity Assessmentmentioning

confidence: 99%

See 2 more Smart Citations

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Flores

Antonsen

Ekstedt

2014

Computers & Security

121

View full text Add to dashboard Cite

show abstract

“…Apart from studies done by Xu and Bowrin (2005), Thorpe (2005) and Duncan and Duggan (2008) information security remains a relatively under-researched field in the Caribbean context. This study aims to add to the reservoir of local knowledge and in this endeavour we will use the information security model developed by Chang and Wang (2010). Peltier (2005) states that information security "encompasses the use of physical and logical data access controls to ensure the proper use of data and to prohibit unauthorized or accidental modification, destruction, disclosure, or loss of access".…”

Section: Caribbean Contextmentioning

confidence: 99%

Organizational Characteristics and Their Influence on Information Security in Trinidad and Tobago

Papin-Ramcharan¹

2014

Encyclopedia of Information Science and Technology, Third Edition

View full text Add to dashboard Cite

This article investigates the effect of organizational characteristics on information security practices in Trinidad and Tobago. As a theoretical lens, this study relies on a hypothesized model derived from Chang and Wang (2010) to test 24 hypotheses relating to information security practices. The data was collected using online surveys and was analyzed using factor analysis and structured equation modeling (SEM). Upon final analysis, 8 of the 24 hypotheses were confirmed.

show abstract

Datenschutz und Datensicherheit in der additiven Fertigung

Becker

Hofmann

2021

Sharing Economy in Der Industrie

View full text Add to dashboard Cite

Information systems resources and information security

Cited by 26 publications

References 62 publications

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture

Organizational Characteristics and Their Influence on Information Security in Trinidad and Tobago

Datenschutz und Datensicherheit in der additiven Fertigung

Contact Info

Product

Resources

About