Visible to the public Biblio

Filters: Keyword is General Deterrence Theory  [Clear All Filters]
2020-01-21
Iriqat, Yousef Mohammad, Ahlan, Abd Rahman, Molok, Nurul Nuha Abdul.  2019.  Information Security Policy Perceived Compliance Among Staff in Palestine Universities: An Empirical Pilot Study. 2019 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). :580–585.

In today's interconnected world, universities recognize the importance of protecting their information assets from internal and external threats. Being the possible insider threats to Information Security, employees are often coined as the weakest link. Both employees and organizations should be aware of this raising challenge. Understanding staff perception of compliance behaviour is critical for universities wanting to leverage their staff capabilities to mitigate Information Security risks. Therefore, this research seeks to get insights into staff perception based on factors adopted from several theories by using proposed constructs i.e. "perceived" practices/policies and "perceived" intention to comply. Drawing from the General Deterrence Theory, Protection Motivation Theory, Theory of Planned Behaviour and Information Reinforcement, within the context of Palestine universities, this paper integrates staff awareness of Information Security Policies (ISP) countermeasures as antecedents to ``perceived'' influencing factors (perceived sanctions, perceived rewards, perceived coping appraisal, and perceived information reinforcement). The empirical study is designed to follow a quantitative research approaches, use survey as a data collection method and questionnaires as the research instruments. Partial least squares structural equation modelling is used to inspect the reliability and validity of the measurement model and hypotheses testing for the structural model. The research covers ISP awareness among staff and seeks to assert that information security is the responsibility of all academic and administrative staff from all departments. Overall, our pilot study findings seem promising, and we found strong support for our theoretical model.

2017-12-28
Noureddine, M. A., Marturano, A., Keefe, K., Bashir, M., Sanders, W. H..  2017.  Accounting for the Human User in Predictive Security Models. 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC). :329–338.

Given the growing sophistication of cyber attacks, designing a perfectly secure system is not generally possible. Quantitative security metrics are thus needed to measure and compare the relative security of proposed security designs and policies. Since the investigation of security breaches has shown a strong impact of human errors, ignoring the human user in computing these metrics can lead to misleading results. Despite this, and although security researchers have long observed the impact of human behavior on system security, few improvements have been made in designing systems that are resilient to the uncertainties in how humans interact with a cyber system. In this work, we develop an approach for including models of user behavior, emanating from the fields of social sciences and psychology, in the modeling of systems intended to be secure. We then illustrate how one of these models, namely general deterrence theory, can be used to study the effectiveness of the password security requirements policy and the frequency of security audits in a typical organization. Finally, we discuss the many challenges that arise when adopting such a modeling approach, and then present our recommendations for future work.

2017-05-19
Carter, Lemuria, McBride, Maranda.  2016.  Texting While Driving Among Teens: Exploring User Perceptions to Identify Policy Recommendations. Proceedings of the 17th International Digital Government Research Conference on Digital Government Research. :375–378.

Texting while driving has emerged as a significant threat to citizen safety. In this study, we utilize general deterrence theory (GDT), protection motivation theory and personality traits to evaluate texting while driving (TWD) compliance intentions among teenage drivers. This paper presents the results of our pilot study. We administered an online survey to 105 teenage and young adult drivers. The potential implications for research and practice and policy are discussed.

Arage, Tilahun Muluneh, Tesema, Tibebe Beshah.  2016.  An Integrated Approach to Information Systems Security Policy Violation: The Case of Ethiopia. Proceedings of the 10th International Conference on Informatics and Systems. :228–232.

In today's world, the security of companies' data is given a very big emphasis than ever. Despite huge investments made by companies to keep their systems safe, there are many information systems security breaches that infiltrate companies' systems and consequently affect their economic capacity, reputation, and customers' confidence. The literature suggests that almost all investments in information systems security have been focused only on technological solutions. However, having this partial view on the complex information systems security problem is found to be insufficient and hence there is an increasing call for researchers to include social factors into the solution space. One of such social factor is culture. Thus, in this research we studied how national culture influence employees' intention to violate or comply their company ISS policy. We construct and test an empirical model by using a survey data obtained from employees who are working in Ethiopia.