On security preparations against possible IS threats across industries

Chang, Arthur Jung-Ting; Yeh, Quey-Jen

doi:10.1108/09685220610690817

Cited by 23 publications

(7 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Finally, results suggest that the strategies adopted by the managers did not have any significant impact on the enhanced level of cyber-security. While our findings were contradictory to extant studies that successfully examined organisational strategies to influence the maturity levels of cyber-security (Chang and Yeh, 2006; Pérez-González et al , 2019; Nassimbeni et al , 2012; Tang and Liu, 2015), we posited that the conflicting results could be due to the lack of visibility of these strategies among the respondents in our study. Additionally, the lack of any significant positive effect of IT security strategies on the enhanced level of cyber-security in organisations could be due to the choice of the industry sectors for our study, i.e.…”

Section: Discussioncontrasting

confidence: 99%

“…The strategies adopted by the senior management, in general, align with the business strategies of the organisation (Chang and Yeh, 2006; Nassimbeni et al , 2012). For our study, we have categorised the strategies adopted by senior management towards an enhanced level of cyber-security in the organisation, into the following five streams: clear vision , institutionalised IT security governance , risk management controls , reward policy and information sharing .…”

Section: Background Literature and Hypothesis Developmentmentioning

confidence: 99%

See 1 more Smart Citation

Antecedents for enhanced level of cyber-security in organisations

Kumar

Biswas

Bhatia

et al. 2020

JEIM

View full text Add to dashboard Cite

PurposeThe present study aims to identify and investigate the antecedents of enhanced level of cyber-security at the organisational level from both the technical and the human resource perspective using human–organisation–technology (HOT) theory.Design/methodology/approachThe study has been conducted on 151 professionals who have expertise in dealing with cyber-security in organisations in sectors such as retail, education, healthcare, etc. in India. The analysis of the data is carried out using partial least squares based structural equation modelling technique (PLS-SEM).FindingsThe results from the study suggest that “legal consequences” and “technical measures” adopted for securing cyber-security in organisations are the most important antecedents for enhanced cyber-security levels in the organisations. The other significant antecedents for enhanced cyber-security in organisations include “role of senior management” and “proactive information security”.Research limitations/implicationsThis empirical study has significant implications for organisations as they can take pre-emptive measures by focussing on important antecedents and work towards enhancing the level of cyber-security.Originality/valueThe originality of this research is combining both technical and human resource perspective in identifying the determinants of enhanced level of cyber-security in the organisations.

show abstract

Section: Discussioncontrasting

confidence: 99%

Section: Background Literature and Hypothesis Developmentmentioning

confidence: 99%

Antecedents for enhanced level of cyber-security in organisations

Kumar

Biswas

Bhatia

et al. 2020

JEIM

View full text Add to dashboard Cite

show abstract

“…With our theoretical model in mind, we selected a case based on previous research in information security. Prior research has found that organizations in the financial services, telecommunication and utilities sectors present rich cases for information security research due to their greater focus on information security threats and protection [35]. We chose an organization from the financial services sector.…”

Section: Methodsmentioning

confidence: 99%

Towards a Holistic Understanding of Security Process: Formal Controls and Informal Relationships

Soyref

Seltsikas

2014

2014 47th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Despite a variety of existing approaches and techniques for securing corporate information assets, information security threats continue to present an ongoing challenge to business and governments.Existing research suggests that improving the effectiveness of information security depends on the customization of existing security models to specific businesses requirements. A greater socio-technical focus is also cited as necessary. We have used a relational processes lens to examine interactions between the key actors relevant to information security management in a large Australian financial institution from which we present the results of an indepth case study. By examining organizational information security practices we identify how organizational actors engage in cognitive, social and political processes to achieve various securityrelated objectives. We suggest that a focus on social and political processes, such as networking and negotiation, complements formal policy and governance structures in achieving organizational security objectives and can assist information security stakeholders in working together more effectively.

show abstract

“…Effective ISS management is not a standalone activity, but should be founded on a well-developed security strategy (Seeholzer, 2012). ISS security strategies should be balanced with and support business strategies (Chang & Yeh, 2006;McFadzean, Ezingeard, & Birchall, 2011). Organizations must be able to assess the effectiveness of ISS and communicate its value to the organization (McFadzean et al, 2011).…”

Section: Iss Managementmentioning

confidence: 99%

Information system security commitment: A study of external influences on senior management

Barton

Tejay

Lane

et al. 2016

Computers & Security

View full text Add to dashboard Cite

From the beginning, a completed dissertation was the goal, but the real value was in the process, not the product. The dissertation demonstrates the ability of a researcher to complete a significant study, but only after the process provides the skills in conceiving and justifying a research idea, designing a study, collecting and analyzing the data, and finally reporting the results. The process was rewarding in its own right. I sincerely thank my advisor and committee chairperson, Dr. Gurvirender Tejay, for his direction, guidance, and focus. Dr. Tejay's steady and consistent mentorship gave me the confidence to follow a productive and purposeful path to completion. Committee members Dr. Steve Terrell and Dr. Michael Lane provided valuable support through the dissertation process, and created an environment that fostered learning and development. Your insight pushed me to learn beyond where I had set my own limits. I am especially grateful to my wife, Shirley, who encouraged and motivated me, while remaining patient and supporting as I hit the inevitable obstacles. You helped me strike the balance between steady progress and unproductive, wasted effort.

show abstract

On security preparations against possible IS threats across industries

Cited by 23 publications

References 32 publications

Antecedents for enhanced level of cyber-security in organisations

Antecedents for enhanced level of cyber-security in organisations

Towards a Holistic Understanding of Security Process: Formal Controls and Informal Relationships

Information system security commitment: A study of external influences on senior management

Contact Info

Product

Resources

About