Business Commons^™

Organizing Digital Platforms And Customer Needs For Digital Service Innovation, Gamel O. Wiredu

The African Journal of Information Systems

Digital organizations have become highly dependent on digital platforms and customer needs as key resources for digital service innovation. These resources in the competitive environment are making and shaping innovation of digital services because, though external, they remain central to digital organizations’ strategic innovation and competitiveness. Yet, how and why organizing these resources influences digital service innovation is under-explained in the literature. This paper, based on an empirical study and grounded theory methodology, addresses this limitation. It explains that digital service innovation occurs through two complementary types of organizing, namely: foundational knowledge organizing by combining digital platforms and customer needs, …

Secure Cloud-Based Iot Water Quality Gathering For Analysis And Visualization, Soin Abdoul Kassif Baba M Traore, Maria Valero, Amy Gruss

KSU Proceedings on Cybersecurity Education, Research and Practice

Water quality refers to measurable water characteristics, including chemical, biological, physical, and radiological characteristics usually relative to human needs. Dumping waste and untreated sewage is the reason for water pollution and several diseases to the living hood. The quality of water can also have a significant impact on animals and plant ecosystems. Therefore, keeping track of water quality is a substantial national interest. Much research has been done for measuring water quality using sensors to prevent water pollution. In summary, those systems are built based on online and reagent-free water monitoring SCADA systems in wired networks. However, centralized servers, transmission …

Cybercrime In The Developing World, David A. Ghelerter, John E. Wilson, Noah L. Welch, John-David Rusk

KSU Proceedings on Cybersecurity Education, Research and Practice

This paper attempts to discover the reasons behind the increase in cybercrime in developing nations over the past two decades. It discusses many examples and cases of projects to increase internet access in developing countries and how they enabled cybercrime. This paper examines how nations where many cybercrimes occurred, did not have the necessary resources or neglected to react appropriately. The other primary focus is how cybercrimes are not viewed the same as other crimes in many of these countries and how this perception allows cybercriminals to do as they please with no stigma from their neighbors. It concludes that …

Microtransactions And Gambling In The Video Game Industry, Christopher L. Antepenko, Samuel R. Rickey, Angel L. Hibbets, John-David Rusk

KSU Proceedings on Cybersecurity Education, Research and Practice

The beginning of the 21st century has had a drastic effect on the video game industry. The advent of almost universal Internet access, the release of inexpensive broadband-enabled consoles, and the availability of mobile gaming have led to game developers and publishers heavily relying on premium in-game currencies, exclusive paid items, and loot boxes to subsidize or even replace profits from traditional video game business models. By 2020, in-game purchases made up a market of $92.6B worldwide and, in the US, experienced growth of over 30%.[1] In this highly lucrative market, the legal and ethical landscape is constantly bubbling with …

Social Media Platforms And Responsibility For Disinformation, Matt T. Figlia, Brandon M. Henschen, Joseph T. Sims, John-David Rusk

KSU Proceedings on Cybersecurity Education, Research and Practice

Researchers are paying closer attention to the rise of disinformation on social media platforms and what responsibility, if any, the companies that control these platforms have for false information being spread on their websites. In this paper, we highlight the recent growth in concern regarding online disinformation, discuss other works regarding the use of social media as a tool for spreading disinformation, and discuss how coordinated disinformation campaigns on social media platforms are used to spread propaganda and lies about current political events. We also evaluate the reactions of social media platforms in combatting disinformation and the difficulty in policing …

Using Experts For Improving Project Cybersecurity Risk Scenarios, Steven S. Presley, Jeffrey P. Landry, Jordan Shropshire, Philip Menard

KSU Proceedings on Cybersecurity Education, Research and Practice

This study implemented an expert panel to assess the content validity of hypothetical scenarios to be used in a survey of cybersecurity risk across project meta-phases. Six out of 10 experts solicited completed the expert panel exercise. Results indicate that although experts often disagreed with each other and on the expected mapping of scenario to project meta-phase, the experts generally found risk present in the scenarios and across all three project meta-phases, as hypothesized.

Towards Assessing Organizational Cybersecurity Risks Via Remote Workers’ Cyberslacking And Their Computer Security Posture, Ariel Luna, Yair Levy, Gregory Simco, Wei Li

KSU Proceedings on Cybersecurity Education, Research and Practice

Cyberslacking is conducted by employees who are using their companies’ equipment and network for personal purposes instead of performing their work duties during work hours. Cyberslacking has a significant adverse effect on overall employee productivity, however, recently, due to COVID19 pandemic move to remote working also pose a cybersecurity risk to organizations networks and infrastructure. In this work-in-progress research study, we are developing, validating, and will empirically test taxonomy to assess an organization’s remote workers’ risk level of cybersecurity threats. This study includes a three-phased developmental approach in developing the Remote Worker Cyberslacking Security Risk Taxonomy. With feedback from cybersecurity …

Nids In Airgapped Lans--Does It Matter?, Winston Messer

KSU Proceedings on Cybersecurity Education, Research and Practice

This paper presents an assessment of the methods and benefits of adding network intrusion detection systems (NIDS) to certain high-security airgapped isolated local area networks. The proposed network architecture was empirically tested via a series of simulated network attacks on a virtualized network. The results show an improvement of double the chances of an analyst receiving a specific, appropriately-severe alert when NIDS is implemented alongside host-based measures when compared to host-based measures alone. Further, the inclusion of NIDS increased the likelihood of the analyst receiving a high-severity alert in response to the simulated attack attempt by four times when compared …

What You See Is Not What You Know: Deepfake Image Manipulation, Cathryn Allen, Bryson Payne, Tamirat Abegaz, Chuck Robertson

KSU Proceedings on Cybersecurity Education, Research and Practice

Research indicates that deceitful videos tend to spread rapidly online and influence people’s opinions and ideas. Because of this, video misinformation via deepfake video manipulation poses a significant online threat. This study aims to discover what factors can influence viewers’ capability of distinguishing deepfake videos from genuine video footage. This work focuses on exploring deepfake videos’ potential use for deception and misinformation by exploring people’s ability to determine whether videos are deepfakes in a survey consisting of deepfake videos and original unedited videos. The participants viewed a set of four videos and were asked to judge whether the videos shown …

Editors' Preface, Michael E. Whitman, Herbert J. Mattord, Hossain Shahriar

KSU Proceedings on Cybersecurity Education, Research and Practice

Since 2004, Kennesaw State University, Georgia, has hosted an academic conference. Over the years, the event has brought together hundreds of faculty and students from throughout the U.S., sharing research into pedagogical efforts and instructional innovations. Initially, the conference was named the Information Security Curriculum Development conference and served as KSU’s contribution to engage our colleagues in growing security education from its infancy. It was paired with KSU’s inaugural security education journal, the Information Security Education Journal. In 2016, the event was rebranded as the Conference on Cybersecurity Education, Research, and Practice to reflect both an expansion of topics suitable …

Modelling Online Advertising Design Quality Influences On Millennial Consumer Attitudes In South Africa, Rodney G. Duffett Dr, Natassha V. Miller Ms

The African Journal of Information Systems

Millennials’ advanced knowledge and exposure to product experiences, and irrelevant placement of online advertising has led to an increase of online advertising avoidance. However, effective online advertising design may assist in establishing more positive sentiments towards digital forms of marketing communication. The study used the visual rhetoric theory as the theoretical basis to examine millennial consumer attitudes. The main research aims were to propose an online advertising design quality model, and to ascertain the influence of online advertising design quality on millennial consumer attitudes. The study employed a quantitative research design via an empirical online survey. Online advertising design quality …

Value Propositions Of Implemented E-Government Projects: Towards Developing A Framework From A Systematic Review, Yusuf Ephraim Chidama, Chidi Ononiwu

The African Journal of Information Systems

This study aims to develop a framework that identifies and measures the value propositions of implemented e-Government projects. Consequently, the study conducted a systematic review using a concept-centric and thematic approach by reviewing 84 articles as primary research data. In doing so, it identified: (1) effective public organizations; (2) quality service delivery; (3) open government and democratic value; and (4) social value and well-being. Furthermore, two gaps were identified, namely a dearth of studies on the measures well as actualization, and sustainability of the value propositions. The study synchronized the identified value propositions to develop a framework for value propositions …

Developing A Model To Assess Feasible Capacity To Work-From-Home, Ryan Tripod, Sumarie Roodt

African Conference on Information Systems and Technology

With the growing popularity of Work-From-Home (WFH) organizations have been required to adapt their ‘ways of working’ strategies to the ‘new normal’, as both employees and organizations aim to reap the benefits of WFH. This has resulted in organizations and their leadership teams needing to create WFH strategies for their organizations. With many of these WFH strategies developed in isolation of all stakeholders, with the feasibility of these WFH strategies remain uncertain. Therefore, this research task has reviewed literature to develop a conceptual model that describes how leadership teams can make informed feasible WFH strategy decisions, through the concept of …

The Impact Of Mobile Banking Customer Experience On Loyalty Among Millennials In South Africa, Justice Ncube, Salah Kabanda

African Conference on Information Systems and Technology

Banks need to remain competitive in the ever-changing business environment. Millennials are one of the largest customer segments with a large digital and mobile appetite; as a result, they form a natural target for banks. To increase their customer base, banks need to ensure that their customer experience strategy caters for these young customers in accordance with their expectations. This study explores factors that influence customer experience in mobile banking and how this experience influences customer loyalty to their bank. This study used a mixed-methods strategy and collected data from 344 mobile banking users via an online survey questionnaire and …

Factors Affecting The Adoption Of Information And Communication Technologies In Africa: Literature Review, Edison Wazoel Lubua

African Conference on Information Systems and Technology

This paper synthesised the literature on the adoption of Information and Communication Technology within Africa. The purpose was to determine factors (reported by the literature) determining technology adoption and use, in Africa. The paper used the systematic literature review. The study analysed the factors descriptively. Based on the analysis, the following are the main five factors reported to affect the adoption and use of Information Technology in Africa: Lack of ICT knowledge, unreliable infrastructure, high cost of adoption, the perceived usefulness of ICT, and the perceived ease of use. The government and technology implementing organisation has the key role to …

Digital Contact Tracing And Privacy, Mahdi Nasereddin, Edward J. Glantz, Galen A. Grimes, Joanne Peca, Michelle Gordon, Mike Bartolacci

Journal of Cybersecurity Education, Research and Practice

Digital contact tracing tools were developed to decrease the spread of COVID-19 by supplementing traditional manual methods. Although these tools have great potential, they were developed rather quickly resulting in tools with varying levels of success. The main issues with these tools are over privacy and who might have access to the information gathered. In general, their effectiveness varied globally, where users expressed privacy concerns associated with sharing identity, illness, and location information. This paper reviews these issues in deployments across Asia, Europe, and the United States. The goal is to begin a discussion that improves the design and development …

Security Simulations In Undergraduate Education: A Review, Joseph Simpson, Aaron Brantly

Journal of Cybersecurity Education, Research and Practice

Several decades of research in simulation and gamification in higher education shows that simulations are highly effective in improving a range of outcomes for students including declarative knowledge and interest in the topic being taught. While there appears to be a broad array of options to provide education in an undergraduate setting related to security, no previous reviews have explored computer-based simulations covering all facets of security. Given the increasing importance and adoption of interdisciplinary educational programs, it is important to take stock of simulations as a tool to broaden the range of problems, perspectives, and solutions presented to students. …

The Acceptance And Use Of Online Learning By Law Students In A South African University: An Application Of The Utaut2 Model, Jameson Goto, Anzanilufuno Munyai

The African Journal of Information Systems

COVID-19 forced many universities to shift from traditional face-to-face or blended learning, to full online learning. The sudden shift was not easy for both students and lecturers, who had to adapt to the new learning mode. This study aimed to evaluate the acceptance and use of online learning of university students in the law faculty at a South African university during the COVID-19 pandemic. The study employs the extended unified theory of acceptance and use of technology (UTAUT2) model particularised to the online learning context in a country with a developing economy. An online survey was administered to the student …

Editorial, Michael E. Whitman, Herbert J. Mattord, Hossain Shahriar

Journal of Cybersecurity Education, Research and Practice

Since 2016, it has been the mission of the Journal of Cybersecurity Education, Research, and Practice (JCERP) to be a premier outlet for high-quality information security and cybersecurity-related articles of interest to teaching faculty and students. This is the 12^th edition of the (JCERP) and, as ever, we are seeking authors who produce high-quality research and practice-oriented articles focused on the development and delivery of information security and cybersecurity curriculum, innovation in applied scholarship, and industry best practices in information security and cybersecurity in the enterprise for double-blind review and publication. The journal invites submissions on Information Security, Cybersecurity, …

Determinants Of Software-As-A-Service Adoption By Small And Medium Enterprises In Tanzania, Riziki Majengo, Mercy Mbise

The African Journal of Information Systems

Organizations in developed economies use the software-as-a-service (SaaS) model to improve performance and efficiency. However, its adoption in developing economies such as Tanzania is very low due to limited research on its adoption. This study enhances the adoption of SaaS in Tanzanian small and medium enterprises (SMEs) by proposing a conceptual framework based on the diffusion of innovation theory and the technology-organization-environment framework and recommending strategies for improving adoption. The framework was tested using regression analysis on data collected from 139 SMEs. Findings show that eight factors, relative advantage, compatibility, awareness, cost, perceived security and privacy risk, reliability and availability, …

Challenges Smallholder Farmers Face In Extracting Value From Agricultural Information, Daniel Muhanguzi, John Ngubiri

The African Journal of Information Systems

Agricultural information can enhance smallholder farmers’ knowledge and decision-making ability, where the ubiquity of ICTs has resulted in an exponential increase of ICT based agricultural information services. However, there is still poor utilization of agricultural information. This study examines challenges that impede smallholder farmers from deriving value from agricultural information despite availability of information services. A mixed-method research approach was employed to gather data from 200 farmers using semi-structured interviews, Likert scale surveys and five focus group discussions. The findings indicate that the challenges faced include low education levels, poor quality information, poorly designed information channels, and high cost of …

Digital Transformation: Implementing 3d Printing Activities Into Core Business Classes, Shota Yasuda, Rohit Gibson, Will Smith, Beau Wilkins, Blair Dilbeck, Jamari Baker

Symposium of Student Scholars

The business college’s new 3D lab, launched in August 2021, has been providing 3D design and 3D printing workshops for core business classes, specifically IS 2200 and IS 3100, to allow students to experiment with additive manufacturing, more commonly known as 3D printing. In the age of digital transformation, it is more important than ever that business school graduates are exposed to these emerging technologies, learn from experimentation, and develop a foundational understanding of these technologies so that they are better prepared to innovate and lead once they have graduated.

The idea of the 3D printing workshops is that a …

Experimental Study To Assess The Impact Of Timers On User Susceptibility To Phishing Attacks, Amy E. Antonucci, Yair Levy, Laurie P. Dringus, Martha Snyder

Journal of Cybersecurity Education, Research and Practice

Social engineering costs organizations billions of dollars. It exploits the weakest link of information systems security, the users. It is well-documented in literature that users continue to click on phishing emails costing them and their employers significant monetary resources and data loss. Training does not appear to mitigate the effects of phishing much; other solutions are warranted. Kahneman introduced the concepts of System-One and System-Two thinking. System-One is a quick, instinctual decision-making process, while System-Two is a process by which humans use a slow, logical, and is easily disrupted. The key aim of our experimental field study was to investigate …

Subject Matter Experts’ Feedback On Experimental Procedures To Measure User’S Judgment Errors In Social Engineering Attacks, Tommy Pollock, Yair Levy, Wei Li, Ajoy Kumar

Journal of Cybersecurity Education, Research and Practice

Distracted users can fail to correctly distinguish the differences between legitimate and malicious emails or search engine results. Mobile phone users can have a more challenging time identifying malicious content due to the smaller screen size and the limited security features in mobile phone applications. Thus, the main goal of this research study was to design, develop, and validate a set of field experiments to assess user’s judgment when exposed to two types of simulated social engineering attacks: phishing and Potentially Malicious Search Engine Results (PMSER), based on the interaction of the environment (distracting vs. non-distracting) and type of device …

A Taxonomy Of Cyberattacks Against Critical Infrastructure, Miloslava Plachkinova, Ace Vo

Journal of Cybersecurity Education, Research and Practice

The current study proposes a taxonomy to organize existing knowledge on cybercrimes against critical infrastructure such as power plants, water treatment facilities, dams, and nuclear facilities. Routine Activity Theory is used to inform a three-dimensional taxonomy with the following dimensions: hacker motivation (likely offender), cyber, physical, and cyber-physical components of any cyber-physical system (suitable target), and security (capable guardian). The focus of the study is to develop and evaluate the classification tool using Design Science Research (DSR) methodology. Publicly available data was used to evaluate the utility and usability of the proposed artifact by exploring three possible scenarios – Stuxnet, …

The 2020 Twitter Hack – So Many Lessons To Be Learned, Paul D. Witman, Scott Mackelprang

Journal of Cybersecurity Education, Research and Practice

In mid-July 2020, the social media site Twitter had over 100 of its most prominent user accounts start to tweet requests to send Bitcoin to specified Bitcoin wallets. The requests promised that the Bitcoin senders would receive their money back doubled, as a gesture of charity amidst the COVID-19 pandemic. The attack appears to have been carried out by a small group of hackers, leveraging social engineering to get access to internal Twitter support tools. These tools allowed the hackers to gain full control of the high-profile user accounts and post messages on their behalf. The attack provides many paths …

Editorial Vol 2021, No 2, Herbert J. Mattord, Michael E. Whitman, Hossain Shahriar

Journal of Cybersecurity Education, Research and Practice

Welcome to the Winter 2021 edition of the Journal for Cybersecurity Education, Research, and Practice.

The Impact Of A Gencyber Camp On In-Service Teachers’ Tpack, Kevin M. Thomas, Jessica Ivy, Kristin Cook, Robert R. Kelley

Journal of Cybersecurity Education, Research and Practice

The purpose of this study was to examine the impact of a GenCyber camp curriculum on teachers’ technology, pedagogy, and content knowledge (TPACK). The camp was designed to engage participants in developing the knowledge and skills to incorporate GenCyber Cybersecurity First Principles and GenCyber Cybersecurity Concepts (GenCyber, 2019) into their curriculums. Participants (37 middle and high school teachers from a variety of disciplines) attended one of two weeklong camps held at a Midwestern liberal arts university. Using the TPACK Self-Reflection and TPACK Self-Assessment Surveys, pre- and post-camp data were collected from participants. Findings indicate that participants demonstrated an increase in …

Editorial, Michael E. Whitman, Herbert J. Mattord, Hossain Shahriar

Journal of Cybersecurity Education, Research and Practice

Since 2016, it has been the mission of the Journal of Cybersecurity Education, Research, and Practice (JCERP) to be a premier outlet for high-quality information security and cybersecurity-related articles of interest to teaching faculty and students. This is the 13^th edition of the (JCERP) and, as ever, we are seeking authors who produce high-quality research and practice-oriented articles focused on the development and delivery of information security and cybersecurity curriculum, innovation in applied scholarship, and industry best practices in information security and cybersecurity in the enterprise for double-blind review and publication. The journal invites submissions on Information Security, Cybersecurity, …