Open Access. Powered by Scholars. Published by Universities.®
Management Information Systems Commons™
Open Access. Powered by Scholars. Published by Universities.®
- Discipline
- Publication
Articles 1 - 12 of 12
Full-Text Articles in Management Information Systems
Developing And Implementing Information Security Programs: Amcis 2005 Workshop Proposal, Michael E. Whitman, Herbert J. Mattord
Developing And Implementing Information Security Programs: Amcis 2005 Workshop Proposal, Michael E. Whitman, Herbert J. Mattord
Herbert J. Mattord
One of the continuing challenges facing industry is the security and protection of information. Advances in information security have been unable to keep pace with advances in computing in general. One of the recognized ways to combat the threat to information security is education needed to prepare students to create a secure and ethical computing environment.
A Draft Model Curriculum For Programs Of Study In Information Security And Assurance, Michael E. Whitman, Herbert J. Mattord
A Draft Model Curriculum For Programs Of Study In Information Security And Assurance, Michael E. Whitman, Herbert J. Mattord
Herbert J. Mattord
With the dramatic increase in threats to information security, there is a clear need for a corresponding increase in the number of information security professional. With a lack of formal curriculum models, many academic institutions are unprepared to implement the courses and laboratories needed to prepare this special class of information technologist. This paper provides an overview of lessons learned in the implementation of both individual courses and a degree concentration in information security. It refers to a more comprehensive document, available on the Web, which includes the methodology used in developing the curriculum, individual course syllabi for recommended components, …
Does Privacy Still Matter In The Era Of Web 2.0? A Qualitative Study Of User Behavior Towards Online Social Networking Activities, Qing Hu, Shuo Ma
Does Privacy Still Matter In The Era Of Web 2.0? A Qualitative Study Of User Behavior Towards Online Social Networking Activities, Qing Hu, Shuo Ma
Qing Hu
In this study, we attempt to understand one frequently observed paradox in user social networking behavior – highly concerned about privacy issues on social networking sites, yet actively participating in social networking activities. Based on qualitative analysis of student essays on their social networking activities and perceptions, we propose a theory for user online social networking behavior – the adaptive cognition theory (ACT). The main argument of the theory is that user behavior toward social networking is dynamic and adaptive primarily influenced by the perceived benefits and risks. More often than not, the perceived benefits dominate the perceived risks in …
Why College Students Commit Computer Hacks: Insights From A Cross Culture Analysis, Qing Hu, Zhengchuan Xu, Ali Alper Yayla
Why College Students Commit Computer Hacks: Insights From A Cross Culture Analysis, Qing Hu, Zhengchuan Xu, Ali Alper Yayla
Qing Hu
Computer hacking committed by young adults has become an epidemic that threatens the social and economic prosperity brought by information technology around the world. In this study, we extend previous studies on computer hackers with a cross cultural approach by comparing sources of influence on computer hacking in two countries: China and the United States. This comparative study yielded some significant insights about the contributing factors to the computer hacking phenomenon in these two countries. While some factors are consistent, others are distinctly different, across the two samples. We find that moral beliefs about computer hacking are the most consistent …
Why Individuals Commit Computer Offences In Organizations: Investigating The Roles Of Rational Choice, Self-Control, And Deterrence, Qing Hu, Zhengchuan Xu, Tamara Dinev, Hong Ling
Why Individuals Commit Computer Offences In Organizations: Investigating The Roles Of Rational Choice, Self-Control, And Deterrence, Qing Hu, Zhengchuan Xu, Tamara Dinev, Hong Ling
Qing Hu
Computer offences and crimes against corporate computer systems have increasingly become a major challenge to information security management in the Internet-enabled global economy and society. In this study, we attempt to develop a theoretical model that integrates three main stream criminology theories, i.e., general deterrence, rational choice, and individual propensity. We submit that, while the main decision process leading to an offensive act may be explained by the rational choice theory, self-control and deterrence factors could significantly alter the risk-benefit calculus assumed in the rational choice model. Using data collected from employees in multiple organizations, we tested our model using …
Blending Information Systems Security And Forensics Curricula, Jason Ferguson
Blending Information Systems Security And Forensics Curricula, Jason Ferguson
Jason Connor Ferguson
This paper describes the process of developing an Information Security and Forensics curriculum for a master’s degree. The vision for this degree program is to offer a curriculum that differentiates Friends University in the marketplace from established security degrees by including courses in computer forensics. These are courses rarely seen in a security degree but supported by the regional marketplace that the university serves.
Information Security In The Caribbean Banks, Hongjiang Xu, Pierre Bowrin
Information Security In The Caribbean Banks, Hongjiang Xu, Pierre Bowrin
Hongjiang Xu
Information security is a crucial issue for organizations, especially for banking and financial institutions. However, not many studies have considered the perspectives of end users in developing countries’ banking industry, for which the challenges of competing globally are greater due to a lack of technical, human and financial resources. Therefore, this study examines how end users of local, regional, and international banks in St. Kitts (a Caribbean country)perceive information security. The study will provide financial institutions in developing countries with more efficient security measures that would facilitate their success in the global community.
Strategic Assessment Of Information Security Maturity, Arcot Desai Narasimhalu, Dayasindhu Nagarajan, Raghavan Subramanian
Strategic Assessment Of Information Security Maturity, Arcot Desai Narasimhalu, Dayasindhu Nagarajan, Raghavan Subramanian
Arcot Desai NARASIMHALU
CXOs are becoming increasingly interested in the information security maturity of their enterprises. This paper presents a CXO dashboard that will allow better management of the information security resources in an enterprise.
Infosemm: Infosys It Security Maturity Model: A Report, Arcot Desai Narasimhalu, N. Dayasindhu, Raghavan Subramanian
Infosemm: Infosys It Security Maturity Model: A Report, Arcot Desai Narasimhalu, N. Dayasindhu, Raghavan Subramanian
Arcot Desai NARASIMHALU
Businesses are faced with a continuing battle related to cyber security related issues ranging from cyber attacks all the way to cyber (information) war. These issues affect result in information, system, reputation, and revenue related risks. These risks arise because of vulnerabilities introduced in three major parts of the enterprise – infrastructure, intelligence and practices. This report provides a rating system for representing the security health of enterprises.
Economics Of Information Security Investment In The Case Of Simultaneous Attacks, C. Derrick Huang, Qing Hu, Ravi S. Behara
Economics Of Information Security Investment In The Case Of Simultaneous Attacks, C. Derrick Huang, Qing Hu, Ravi S. Behara
Qing Hu
With billions of dollars being spent on information security related products and services each year, the economics of information security investment has become an important area of research, with significant implications for management practices. Drawing on recent studies that examine optimal security investment levels under various attack scenarios, we propose an economic model that considers simultaneous attacks from multiple external agents with distinct characteristics, and derive optimal investments based on the principle of benefit maximization. The relationships among the major variables, such as systems vulnerability, security breach probability, potential loss of security breach, and security investment levels, are investigated via …
Economics Of Information Security Investment In The Case Of Simultaneous Attacks, C. Derrick Huang, Qing Hu, Ravi S. Behara
Economics Of Information Security Investment In The Case Of Simultaneous Attacks, C. Derrick Huang, Qing Hu, Ravi S. Behara
Qing Hu
With billions of dollars being spent on information security related products and services each year, the economics of information security investment has become an important area of research, with significant implications for management practices. Drawing on recent studies that examine optimal security investment levels under various attack scenarios, we propose an economic model that considers simultaneous attacks from multiple external agents with distinct characteristics, and derive optimal investments based on the principle of benefit maximization. The relationships among the major variables, such as systems vulnerability, security breach probability, potential loss of security breach, and security investment levels, are investigated via …
The Centrality Of Awareness In The Formation Of User Behavioral Intention Toward Preventive Technologies In The Context Of Voluntary Use, Tamara Dinev, Qing Hu
The Centrality Of Awareness In The Formation Of User Behavioral Intention Toward Preventive Technologies In The Context Of Voluntary Use, Tamara Dinev, Qing Hu
Qing Hu
Little is known about user behavior toward what we call preventive computer technologies that have become increasingly important in the networked economy and society to secure data and systems from viruses, unauthorized access, disruptions, spyware, and similar harmful technologies. We present the results of a study of user behavior toward preventive technologies based on the frameworks of theory of planned behavior in the context of anti-spyware technologies. We find that the user awareness of the issues and threats from harmful technologies is a strong predictor of user behavioral intention toward the use of preventive technologies. In the presence of awareness, …