Search results

The growing frequency of cybersecurity incidents commonly requires organizations to notify customers of ongoing events. However, the content contained within these notifications varies widely, including differences in the level of detail, apportioning of blame, compensation and corrective action. This study seeks to identify patterns contained within cybersecurity incident notifications by constructing a typology of organizational responses.

Based on a detailed review of 1,073 global cybersecurity incidents occurring during 2020, the authors obtained and qualitatively analyzed 451 customer notifications.

The results reveal three distinct organizational response types associated with the level of detail contained within the notification (full transparency, guarded and opacity), as well as three response types associated with the benefitting party (customer interest, balanced interest and company interest).

This work extends past classifications of cybersecurity incident notifications and provides a template of possible notification approaches that could be adopted by organizations.

Existing studies of information systems development (ISD) control commonly examine controller-centric considerations, such as the antecedents and performance impacts of control mode choices. In contrast, little is known about the controllee-centric factors that may influence the effectiveness of control activities. Drawing on institutional theory, the purpose of this paper is to introduce the concept of control legitimacy to the ISD literature – a concept that past organizational research has linked to outcomes such as employee commitment and performance. Specifically, the authors explore how different dimensions of control activities (mode, degree, style) relate to controllee perceptions of control legitimacy in terms of justice, autonomy, group identification, and competence development.

Interviews were conducted with 20 practitioners across three companies. A structured data coding approach was employed and analysis was conducted within and across each case study.

The authors find that the control degree and control style can help explain control legitimacy perceptions better than control modes alone. For example, the results suggest that formal controls enacted in a bilateral style correspond with higher perceptions of justice and autonomy, when compared to formal controls enacted in a unilateral style.

The study results imply that ISD managers should be increasingly mindful of enacting controls in a way that is perceived to be legitimate by subordinates, thereby potentially enhancing both staff well-being and ISD performance.

The purpose of this paper is to examine the antecedents and implications of aligning the organizational values embedded in a systems development approach (e.g. agile) with the organizational values of project team members.

A qualitative case study approach is used to examine systems development project teams at three organizations, each using a development approach that incorporates different organizational value dimensions. Interviews were conducted with developers, systems analysts, and managers regarding their systems development experiences. A structured coding of the interview transcripts was then completed to enable analysis of value dimensions.

By comparing the dominant values between the project teams and their development approach, varying degrees of alignment were identified. Where alignment is high, perceptions of the systems development process are associated with satisfaction and enthusiasm; where alignment is low, perceptions focus on frustration and discontent.

Based on the study's findings, four propositions pertaining to the antecedents and implications of IS values alignment are outlined for examination in future research.

The findings from this study can aid managers who are considering the use of a new systems development approach or evaluating the effectiveness of their current approach. By determining the degree of information systems (IS) values alignment, organizations may be able to customize their development approach to be more consistent with the team's values, in order to minimize negative development process perceptions and increase project performance.

This research extends past studies of organizational values and alignment by introducing the concept of IS values alignment.

A growing number of studies have investigated the effect of ethical leadership on behavioral outcome of employees. However, considering the important role of ethics in IS security, the security literature lacks a theoretical and empirical investigation of the relationship between ethical leadership and employees' security behavior, such as information security policy (ISP) violation. Drawing on social learning and social exchange theories, this paper empirically tests the impact of ethical leadership on employees' ISP violation intention through both information security climate (i.e. from a moral manager's perspective) and affective commitment (i.e. from a moral person's perspective).

The research was developed based on social learning theory and social exchange theory. To measure the variables in the model, the authors used and adapted measurement items from previous studies. The authors conducted a scenario-based survey with 339 valid responses to test and validate the research model.

Results indicated that information security climate fully mediates the relationship between ethical leadership and ISP violation intention. The authors also found that information security climate enhances the negative effect of affective commitment on ISP violation intention.

This research contributes to the literature of information security by introducing the role of ethical leadership and integrating two theories into our research model. This study also calls attention to how information security climate and affective commitment mediate the relationship between ethical leadership and employees' ISP violation intention. The theory-driven study provides important pragmatic guidance for enhancing the understanding of the importance of ethical leadership in information systems security research.

The purpose of this paper is to propose a theory of information security intelligence and examine the effects of managers’ information security intelligence (MISI) on employees’ procedural countermeasure awareness and information security policy (ISP) compliance intention.

A survey approach and structural equation modeling is utilized. Partial least squares (WarpPLS 6.0) and nonlinear algorithm are employed to analyze and examine the hypotheses. In total, 324 employees from companies in South Korea participated in the survey, which was conducted by a professional survey service company.

MISI positively affects employees’ awareness of information security procedural countermeasures; information security knowledge and problem-solving skills have positive effects on procedural countermeasures awareness; MISI increases employees’ compliance intention through procedural countermeasure awareness; and information security procedural countermeasures positively affect employees’ ISP compliance intention.

This study proposes a theory of information security intelligence and examines its impacts on employees’ compliance intentions. The study highlights the mediating role of information security procedural countermeasures between information security intelligence and employees’ compliance intentions.

Managers should improve and explicitly demonstrate information security knowledge and problem-solving skills to increase employees’ ISP compliance intention. To protect the organization’s intellectual capital, managers should champion the development and promotion of PCM, rather than leave these functions to the information security group.

This is the first empirical study to propose and validate MISI.

‘A University for a rainy day’. This might have been a fanciful description of the demand for higher education in an age of leisure, but it wasn't. It was the graphic way of describing what the construction industry could get for its industrial training levy.

THREE hundred years ago, on January 28th, 1613, the death occurred of Sir Thomas Bodley, whose name is immortalized in the library that he restored and which bears his name. Oxford's famous library, though originally founded by Humphrey, Duke of Gloucester, owes its establishment to Thomas Bodley, who was born at Exeter in 1545.

OF old the public library was wont to take its reputation from the character of the newsroom. That room, as everyone knows, attracts every element in the community and it may be it attracts especially the poorer elements;—even at times undesirable ones. These people in some towns, but perhaps not so often now‐a‐days, have been unwashen and often not very attractive in appearance. It was natural, things being as they are, that the room should give a certain tone to the institution, and indeed on occasion cause it to be avoided by those who thought themselves to be superior. The whole level of living has altered, and we think has been raised, since the War. There is poverty and depression in parts of the country, it is true; but there are relief measures now which did not exist before the War. Only those who remember the grinding poverty of the unemployed in the days, especially the winter days, before the War can realise what poverty really means at its worst. This democratic levelling up applies, of course, to the public library as much as to any institution. At present it may be said that the part of the library which is most apparent to the public and by which it is usually judged, is the lending or home‐reading department. It therefore needs no apology if from time to time we give special attention to this department. Even in the great cities, which have always concentrated their chief attention upon their reference library, to‐day there is an attempt to supply a lending library service of adequate character. We recall, for example, that the Leeds Public Library of old was first and foremost a reference library, with a lending library attached; to‐day the lending library is one of the busiest in the kingdom. A similar judgment can be passed upon Sheffield, where quite deliberately the city librarian would restrict the reference library to works that are of real reference character, and would develop more fully the lending library. In Manchester, too, the new “Reference Library”—properly the new Central Library—has a lending library which issues about 1,500 volumes daily. There must be all over the country many libraries issuing up to a thousand volumes each a day from their central lending departments. This being the case the department comes in for very careful scrutiny.

Twenty-first century education has been reconfigured to keep up with growing societal shifts in an effort to support a wide variety of learners. As changes occur, the workload for teachers continues to expand with little to no support and resources within classroom spaces to keep up with the current times. Post pandemic, the expectations and systems have shifted emphasizing the need for more programming around social emotional learning and systems to help mitigate the learning disruption. The insurmountable pressure placed on teachers has led to a robust and persistent departure of the profession causing the entire education system to rethink the policies, structures, and systems that influence teacher burnout.

IT is seldom that I can bring myself to write anything for publication, and as I had a longish article on “The education of librarians in Great Britain” printed as recently as 1964 in the Lucknow Librarian (which is edited by my friend Mr. R. P. Hingorani) I had not contemplated any further effort for some time to come. But as THE LIBRARY WORLD evidently wishes to cover all the British schools of librarianship it would be a pity for Brighton to be left out, even though, coming as it does towards the end of a gruelling series, I can see little prospect of this contribution being read. Perhaps, therefore, I need not apologise for the fact that, as my own life and fortunes have been (and still are) inextricably bound up with those of the Brighton school, any account which I write of the school is bound to be a very personal one.