...Samantha Phillips; Bradley Brummel; Sal Aurigemma; Tyler Moore Purpose Understanding the type of information security culture ( ISC ) present in organizations is important because it guides how employees navigate the use of technology and information resources. This study aims to develop...

... information security innovation management capability (ISIMC) and, subsequently, cybersecurity performance, based on the theoretical framework of CTI capability. Design/methodology/approach This study collected data from employees engaged in information systems and security management across various...

...Simon Andersson; Erik Bergström Purpose This paper aims to examine what contextual knowledge should be documented during the information classification process and how such knowledge can be structured to support information security risk management. Although many tools support documentation...

... Emerald Publishing Limited 2026 Emerald Publishing Limited Licensed re-use rights only Higher education Cybersecurity framework Information security NIST ISO/IEC 27001 COBIT 5 Governance Maturity Assessment Zero trust CMAF.1 Higher education institutions (HEIs) are increasingly...

... requires coordinated prevention, detection and recovery (Lee et al., 2019). Cybersecurity Rational choice theory Information security Data breach Industry specific attacks Attack vectors Our RCT operationalization incorporates three sector-specific mechanisms modifying attacker...

... information security controls proposed by ISO/ IEC 27001:2022. Design/methodology/approach A survey with 22 experts, all chief technology officers, was conducted, to assess the influences between each of these controls by means of a pairwise comparison. Then, the fuzzy Decision-making Trial...

... in ECSF No. Role profile 1 Chief information security officer (CISO) 2 Cyber incident responder 3 Cyber legal, policy and compliance officer 4 Cyber threat intelligence specialist 5 Cybersecurity architect 6 Cybersecurity auditor 7 Cybersecurity educator 8...

... commercial and non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this licence maybe seen at Link to the terms of the CC BY 4.0 licence. Information security Password reuse Social influence Subjective norms Sanctions Intention...

...Marcus Dansarie; Marcus Nohlberg Purpose Digital mobile radio communication networks are used for coordinating operations in many important sectors, including critical infrastructures and large industries. Despite this, there is a dearth of knowledge about how their information security is managed...

...Rafael De Queiroz Batista; Eduardo de Rezende Francisco Purpose Information security (IS) has become relevant in the corporate agenda. Organizations rely on technology to run their business processes. Legislation on data processing is increasingly strict, and cyber risks are growing, making...

... Limited Licensed re-use rights only Dynamic capabilities Cybersecurity Cybersecurity intelligence Survey Information security The research questions driving this study ask: Cyberattacks, malicious actions and fraud in information systems have become pervasive global challenges...

...Gregor Petrič; Špela Orehek Purpose Expressing views on organizational information security (IS) by employees is vital for improving security processes, policies and trainings, while non-communication may conceal the true state of the human factor of IS and lead to security breaches. The purpose...

... of ransomware has increased over the past couple of years. The findings highlight that being transparent about ransomware attacks, when possible, can help others. Moreover, senior management plays an important role in shaping the information security culture of an organisation, whether to have a culture...

.... It is based on the extent to which someone believes that the required behaviour is useful (effective and proportional), urgent and does not involve unreasonable cost and effort (Cialdini, 2003 ; Davis, 1989 ; Greaves, 2017 ; Robbins and Judge, 2019). Information security...

... in the context of SMEs. Rodney Adriko can be contacted at: ra596@kent.ac.uk 31 01 2024 27 03 2024 10 05 2024 © Emerald Publishing Limited 2024 Emerald Publishing Limited Licensed re-use rights only SMEs Information security Risk management Policies Cybersecurity Cyber...

... management support Establish clear visions and achievable goals Presents a framework for evaluating information security culture based on a multi-stage methodology combining literature review and data collected from experts. Describes that support from the management is central and that security management...

... security behaviors; second, the Recsem Inventory, developed within this paper’s context, to evaluate the cybersecurity measures adopted by organizations for remote workers. It was conducted on remote workers to examine their information security practices. The instrument was administered to a sample of 442...

... security behaviour. The formulation of employees’ information security responsibilities should be pragmatic, fostering subconscious compliance to establish routine behaviour (habit). Originality/value This research underscores the pivotal roles played by habit and emotions in shaping behavioural...

...Joshua Nterful; Ibrahim Osman Adam; Muftawu Dzang Alhassan; Abdallah Abdul-Salam; Abubakar Gbambegu Umar Purpose This paper aims to identify the critical success factors in improving information security in Ghanaian firms. Design/methodology/approach Through an exploratory study of both public...

...Gregory Lyon Purpose The rapid expansion of internet usage and device connectivity has underscored the importance of understanding the public’s cyber behavior and knowledge. Despite this, there is little research that examines the public’s objective knowledge of secure information security...