2008
DOI: 10.2753/mis0742-1222250210
|View full text |Cite
|
Sign up to set email alerts
|

Understanding the Value of Countermeasure Portfolios in Information Systems Security

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

2
39
0

Year Published

2012
2012
2019
2019

Publication Types

Select...
6
2

Relationship

0
8

Authors

Journals

citations
Cited by 75 publications
(41 citation statements)
references
References 33 publications
2
39
0
Order By: Relevance
“…Others have noted that some users are more susceptible to cyber threats than others (Furnell et al, 2008;Kumar et al, 2008). Unlike non-home users who have to gain and apply knowledge on cybersecurity and threats, home users are under no obligations to gain any knowledge on security.…”
Section: Cybersecurity Awareness and Enforcementmentioning
confidence: 93%
See 1 more Smart Citation
“…Others have noted that some users are more susceptible to cyber threats than others (Furnell et al, 2008;Kumar et al, 2008). Unlike non-home users who have to gain and apply knowledge on cybersecurity and threats, home users are under no obligations to gain any knowledge on security.…”
Section: Cybersecurity Awareness and Enforcementmentioning
confidence: 93%
“…However, home users have sole responsibility in managing the cybersecurity risks associated with their home computers, mobile devices and networks. Thus, if they are unaware of proper information security knowledge, they will also lack the awareness of cyber risks while solely entrusted with securing their cyber environment (Furnell et al, 2008;Kumar et al, 2008). Lack of information security awareness is attributed to a lack of enforcement by a third party ensuring that home-users are secured while using the Internet or that their information security awareness is up to date (Kritzinger & von Solms, 2010).…”
Section: Cybersecurity Awareness and Enforcementmentioning
confidence: 98%
“…Firms may also resort to economic mechanisms, such as cyberinsurance, risk pooling arrangements, and managed security services, to manage information security risks [70,71]. Analyzing and evaluating security risk [55,68], leveraging system modularity [64], implementing and increasing user awareness of security countermeasures [20,36], and optimizing security investment [8,29,58] are critical procedures for effective information systems security management.…”
Section: Literature Reviewmentioning
confidence: 99%
“…Researchers and professionals agree that people are often the weakest link in security (Crossler et al 2013), but until recently (Anderson and Agarwal 2010;Boss et al 2009;Guo et al 2011;Herath and Rao 2009a;Herath and Rao 2009b;Johnston and Warkentin 2010;Kumar et al 2008;Workman et al 2008) few studies have tried to understand the human component of a secure information system (Cannoy et al 2006;Choobineh et al 2007;Dhillon and Backhouse 2001).…”
Section: Introductionmentioning
confidence: 99%
“…Several of these studies have used an adaptation of Protection Motivation Theory (PMT) to explain differences in security practices. To date, these studies have not empirically tested the theories proposed (Liang and Xue 2009), or have tested the theory with only one measure such as intention to use one particular security tool like anti-spyware (e.g., Johnston and Warkentin 2010;Kumar et al 2008), intentions to generically perform security related behavior (e.g., Anderson and Agarwal 2010), or intentions to comply with security policies (e.g., Herath and Rao 2009b). However, as mentioned above, securing a computer is about performing a number of different practices, not one in particular.…”
Section: Introductionmentioning
confidence: 99%