Reference Citation Analysis: Find an Article, Find a Category, Find a Journal, Find a Scholar

For: Nasir A, Arshah RA, Hamid MRA, Fahmy S. An analysis on the dimensions of information security culture concept: A review. Journal of Information Security and Applications 2019. [DOI: 10.1016/j.jisa.2018.11.003] [Citation(s) in RCA: 12] [Impact Index Per Article: 2.4] [Reference Citation Analysis] [What about the content of this article? (0)] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 10/27/2022]

For:	Nasir A, Arshah RA, Hamid MRA, Fahmy S. An analysis on the dimensions of information security culture concept: A review. Journal of Information Security and Applications 2019. [DOI: 10.1016/j.jisa.2018.11.003] [Citation(s) in RCA: 12] [Impact Index Per Article: 2.4] [Reference Citation Analysis] [What about the content of this article? (0)] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 10/27/2022]

Number	Cited by Other Article(s)
1	Lee I. Analyzing Web Descriptions of Cybersecurity Breaches in the Healthcare Provider Sector: A Content Analytics Research Method. Comput Secur 2023. [DOI: 10.1016/j.cose.2023.103185] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 03/22/2023] Abstract Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
2	Examining the effect of regulatory factors on avoiding online blackmail threats on social media: A structural equation modeling approach. COMPUTERS IN HUMAN BEHAVIOR 2023. [DOI: 10.1016/j.chb.2023.107702] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 02/25/2023] Abstract Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
3	Information Security Behavior in Health Information Systems: A Review of Research Trends and Antecedent Factors. Healthcare (Basel) 2022;10:healthcare10122531. [PMID: 36554055 PMCID: PMC9777837 DOI: 10.3390/healthcare10122531] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 10/18/2022] [Revised: 12/09/2022] [Accepted: 12/12/2022] [Indexed: 12/23/2022] Open Abstract This study aims to review the literature on antecedent factors of information security related to the protection of health information systems (HISs) in the healthcare organization. We classify those factors into organizational and individual aspects. We followed the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) framework. Academic articles were sourced from five online databases (Scopus, PubMed, IEEE, ScienceDirect, and SAGE) using keywords related to information security, behavior, and healthcare facilities. The search yielded 35 studies, in which the three most frequent individual factors were self-efficacy, perceived severity, and attitudes, while the three most frequent organizational factors were management support, cues to action, and organizational culture. Individual factors for patients and medical students are still understudied, as are the organizational factors of academic healthcare facilities. More individual factors have been found to significantly influence security behavior. Previous studies have been dominated by the security compliance behavior of clinical and non-clinical hospital staff. These research gaps highlight the theoretical implications of this study. This study provides insight for managers of healthcare facilities and governments to consider individual factors in establishing information security policies and programs for improving security behavior. Collapse Key Words antecedent factor health information system healthcare information security behavior systematic review Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
4	Khan NF, Yaqoob A, Khan MS, Ikram N. The Cybersecurity Behavioral Research: A Tertiary Study. Comput Secur 2022. [DOI: 10.1016/j.cose.2022.102826] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/27/2022] Abstract Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
5	Karlsson M, Karlsson F, Åström J, Denk T. The effect of perceived organizational culture on employees’ information security compliance. INFORMATION AND COMPUTER SECURITY 2022. [DOI: 10.1108/ics-06-2021-0073] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/17/2022] Abstract Purpose This paper aims to investigate the connection between different perceived organizational cultures and information security policy compliance among white-collar workers. Design/methodology/approach The survey using the Organizational Culture Assessment Instrument was sent to white-collar workers in Sweden (n = 674), asking about compliance with information security policies. The survey instrument is an operationalization of the Competing Values Framework that distinguishes between four different types of organizational culture: clan, adhocracy, market and bureaucracy. Findings The results indicate that organizational cultures with an internal focus are positively related to employees’ information security policy compliance. Differences in organizational culture with regards to control and flexibility seem to have less effect. The analysis shows that a bureaucratic form of organizational culture is most fruitful for fostering employees’ information security policy compliance. Research limitations/implications The results suggest that differences in organizational culture are important for employees’ information security policy compliance. This justifies further investigating the mechanisms linking organizational culture to information security compliance. Practical implications Practitioners should be aware that the different organizational cultures do matter for employees’ information security compliance. In businesses and the public sector, the authors see a development toward customer orientation and marketization, i.e. the opposite an internal focus, that may have negative ramifications for the information security of organizations. Originality/value Few information security policy compliance studies exist on the consequences of different organizational/information cultures. Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
6	Owusu Kwateng K, Amanor C, Tetteh FK. Enterprise risk management and information technology security in the financial sector. INFORMATION AND COMPUTER SECURITY 2022. [DOI: 10.1108/ics-11-2020-0185] [Citation(s) in RCA: 1] [Impact Index Per Article: 0.5] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/17/2022] Abstract Purpose This study aims to empirically investigate the relationship between enterprise risk management (ERM) and information technology (IT) security within the financial sector. Design/methodology/approach Risk officers of financial institutions licensed by the Central Bank of Ghana constituted the sample frame. A structured questionnaire was used to elicit data from the respondents. The structural equation modeling method was employed to analyze the hypothesized model. Findings The results revealed that ERM has a strong positive substantial effect on IT security within financial institutions. However, organizational culture failed to moderate the relationship between ERM and IT security. Practical implications A well-managed risk helps to eliminate ineffective, archaic and redundant technology as the originator of rising perils and organizational concerns in today's corporate financial institutions since ERM established a substantially strong positive correlation among the variables. Originality/value ERM studies in the African context are rare. This paper adds to contemporary literature by providing a new perspective toward the understanding of the relationship between ERM and IT security, especially in the financial industry. Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
7	Leite L, dos Santos DR, Almeida F. The impact of general data protection regulation on software engineering practices. INFORMATION AND COMPUTER SECURITY 2022. [DOI: 10.1108/ics-03-2020-0043] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/17/2022] Abstract Purpose This paper aims to explore the changes imposed by the general data protection regulation (GDPR) on software engineering practices. The fundamental objective is to have a perception of the practices and phases that have experienced the greatest changes. Additionally, it aims to identify a set of good practices that can be adopted by software engineering companies. Design/methodology/approach This study uses a qualitative methodology through four case studies involving Portuguese software engineering companies. Two of these companies are small and medium enterprises (SMEs) while the other remaining two are micro-companies. The thematic analysis is adopted to identify patterns in the performed interviews. Findings The findings indicate that significant changes have occurred at all stages of software development. In particular, the initial stages of identifying requirements and modeling processes were the stages that experienced the greatest changes. On the opposite, the technical development phase has not noticeably changed but, nevertheless, it is necessary to look at the importance of training software developers for GDPR rules and practices. Research limitations/implications Two relevant limitations were identified as follows: only four case studies involving micro-companies and SMEs were considered, and only the traditional software development methodology was considered. The use of agile methodologies was not explored in this study and the findings can only be mainly applied to the waterfall model. Originality/value This study offers mainly practical contributions by identifying a set of challenges that are posed to software engineering companies by the implementation of GDPR. Through their knowledge, it is expected to help these companies to better prepare themselves and anticipate the challenges they will necessarily face. Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
8	Developing a Risk Analysis Strategy Framework for Impact Assessment in Information Security Management Systems: A Case Study in IT Consulting Industry. SUSTAINABILITY 2022. [DOI: 10.3390/su14031269] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 12/04/2022] Abstract Organizations must be committed to ensuring the confidentiality, availability, and integrity of the information in their possession to manage legal and regulatory obligations and to maintain trusted business relationships. Information security management systems (ISMSs) support companies to better deal with information security risks and cyber-attacks. Although there are many different approaches to successfully implementing an ISMS in a company, the most important and time-consuming part of establishing an ISMS is a risk assessment. The purpose of this paper was to develop a risk assessment framework that a company followed in the information technology sector to conduct the risk assessment process to comply with International Organization for Standardization (ISO) 27001. The findings analyze the conditions that force organizations to invest in protecting information and the benefits they can derive from this process. In particular, the paper delves into a multinational IT consulting services company that undertakes and implements large business support installation and customization projects. It explains the risk assessment process and the management of the necessary configurations so that its functions are acceptable and in line with information security standards. Finally, it presents the difficulties and challenges encountered. Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
9	Uchendu B, Nurse JR, Bada M, Furnell S. Developing a cyber security culture: Current practices and future needs. Comput Secur 2021. [DOI: 10.1016/j.cose.2021.102387] [Citation(s) in RCA: 4] [Impact Index Per Article: 1.3] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 10/21/2022] Abstract Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
10	Arbanas K, Spremic M, Zajdela Hrustek N. Holistic framework for evaluating and improving information security culture. ASLIB J INFORM MANAG 2021. [DOI: 10.1108/ajim-02-2021-0037] [Citation(s) in RCA: 2] [Impact Index Per Article: 0.7] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/17/2022] Abstract PurposeThe objective of this research was to propose and validate a holistic framework for information security culture evaluation, built around a novel approach, which includes technological, organizational and social issues. The framework's validity and reliability were determined with the help of experts in the information security field and by using multivariate statistical methods.Design/methodology/approachThe conceptual framework was constructed upon a detailed literature review and validated using a range of methods: first, measuring instrument was developed, and then content and construct validity of measuring instrument was confirmed via experts' opinion and by closed map sorting method. Convergent validity was confirmed by factor analysis, while the reliability of the measuring instrument was tested using Cronbach's alpha coefficient to measure internal consistency.FindingsThe proposed framework was validated based upon the results of empirical research and the usage of multivariate analysis. The resulting framework ultimately consists of 46 items (manifest variables), describing eight factors (first level latent variables), grouped into three categories (second level latent variables). These three categories were built around technological, organizational and social issues.Originality/valueThis paper contributes to the body of knowledge in information security culture by developing and validating holistic framework for information security culture evaluation, which does not observe information security culture in only one aspect but takes into account its organizational, sociological and technical component. Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
11	Astakhova LV, Medvedev IA. An Information Tool for Increasing the Resistance of Employees of an Organization to Social Engineering Attacks. SCIENTIFIC AND TECHNICAL INFORMATION PROCESSING 2021. [DOI: 10.3103/s0147688221010020] [Citation(s) in RCA: 3] [Impact Index Per Article: 1.0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/30/2022] Abstract Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
12	The Effect of Organizational Information Security Climate on Information Security Policy Compliance: The Mediating Effect of Social Bonding towards Healthcare Nurses. SUSTAINABILITY 2021. [DOI: 10.3390/su13052800] [Citation(s) in RCA: 16] [Impact Index Per Article: 5.3] [Reference Citation Analysis] [Abstract] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 01/10/2023] Abstract The advancement of information communication technology in healthcare institutions has increased information security breaches. Scholars and industry practitioners have reported that most security breaches are due to negligence towards organizational information security policy compliance (ISPC) by healthcare employees such as nurses. There is, however, a lack of understanding of the factors that ensure ISPC among nurses, especially in developing countries such as Malaysia. This paper develops and examines a research framework that draws upon the factors of organizational climate of information security (OCIS) and social bond theory to enhance ISPC among nurses. A questionnaire was adopted in which responses were obtained from 241 nurses employed in 30 hospitals in Malaysia. The findings from the study demonstrated that the ISPC among nurses is enhanced through OCIS factors. The influence on ISPC was even more significant when examined by the mediating effect of the social bond. It implies that influential OCIS factors reinforce social bonds among nurses and eventually increase the ISPC. For information security practitioners, the study findings emphasize the prevalence of socio-active information security culture in healthcare organizations to enhance ISP compliance among nurses. Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse
13	Astakhova LV. Issues of the Culture of Information Security under the Conditions of the Digital Economy. SCIENTIFIC AND TECHNICAL INFORMATION PROCESSING 2020. [DOI: 10.3103/s0147688220010062] [Citation(s) in RCA: 6] [Impact Index Per Article: 1.5] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/30/2022] Abstract Collapse Key Words Collapse MESH Headings Collapse Grants Collapse Affiliation(s) Collapse