• The Journal of Information Technology and Database
• /
• v.6 no.2
• /
• pp.1-18
• /
• 1999

The purpose of this study was to identify the effect of microcomputer networking on user perception of potential threats to security employing user attitudes as a moderating variable. A research model consisting of microcomputer networking as the independent variable, user perception of potential threats to security as the dependent variable, and user attitude toward security control as the moderating variable was developed through literature review. The results of this study provide an empirical evidence of the importance of environmental change(information systems networking) on user perception of potential threats to security. Further-more the result imply that in order to improve security performance through the reinforcement of user perception of threats to security in the organization, user attitudes should be made favorable.

• Journal of the Society of Disaster Information
• /
• v.5 no.2
• /
• pp.24-37
• /
• 2009

In the political and economic circles of our society, the security and secretary is always accompanying the society leaders, like shadows. The job of the security and secretary is a very difficult one that requires comprehensive and extensive capability and talent. From results of the prior studies, qualities of the security and secretary are divided into three groups. i.e. personal qualities, mental qualities and physical qualities. Each quality can be summarized as follows. Firstly, personal qualities mean honesty, responsibility, initiative, work ethic, sense of duty, modest attitude, kindness and loyalty. Secondly, mental qualities represent agility & composure, judgement, adaptability, memory, prediction, accuracy & reliability, observation and secret. Finally, physical qualities such as health, cleanliness, decent appearance, good feeling voice, physical strength and Martial arts for Protection. The security and secretary equipped with the above three requisites can be said to be the most ideal the security and secretary whom this age want and need.

• Journal of Navigation and Port Research
• /
• v.40 no.4
• /
• pp.213-222
• /
• 2016

Recently, as cases of organizations' information disclosure occur continuously, it is urgent to manage security of information and establish measures to enhance security of information by an organization itself. Especially, members of an organization should be prepared with measures for information security, and an organization should do its efforts to raise its members' awareness toward information security. I set a research model to verify what effects an organization's fulfillment of regulations to secure information brings to performance of information security and selected members from maritime and port organizations and financial and insurance institutes as sample. Results of the analysis to identify factors affecting information security performance among members of maritime and port organizations are as follows. Firstly, I found that the factors affecting information security awareness are information security attitude and information security standards. Secondly, the factor giving influence on information security policy of an organization was found to be information security standards. In contrast, information security punishments and information security training were verified not to give influence on compliance of information security policy. Thirdly, information security awareness was identified to give significant influence on compliance of information security policy, information security competence and information security behavior. Fourthly, compliance of information security policy was verified to be those factors that give influence on information security competence and information security behavior. Lastly, information security competence and information security behavior were found to be such factors that give influence on information security performance.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.167-176
• /
• 2021

This is the world of computer science and innovations. In this modern era, every day new apps, webs and software are being introduced. As well as new apps and software are being introduced, similarly threats and vulnerable security matters are also increasing. Web apps are software that can be used by customers for numerous useful tasks, and because of the developer experience of good programming standards, web applications that can be used by an attacker also have multiple sides. Web applications Security is expected to protect the content of critical web and to ensure secure data transmission. Application safety must therefore be enforced across all infrastructure, including the web application itself, that supports the web applications. Many organizations currently have a type of web application protection scheme or attempt to build/develop, but the bulk of these schemes are incapable of generating value consistently and effectively, and therefore do not improve developers' attitude in building/designing stable Web applications. This article aims to analyze the attacks on the website and address security scanners of web applications to help us resolve web application security challenges.

• Convergence Security Journal
• /
• v.17 no.5
• /
• pp.71-76
• /
• 2017

Today, it is an information society where a large number of users access and view important data in a large number of information assets as needed. In this complexity, techniques related Identify Management are being applied, in order to verify authorized user access to important information assets and manage of history. But, the ability access to sensitive information using account has the disadvantage of being able to open the way for information to the attacker when it is hijacked. Thus, in this paper, we propose a secure Identify Management System that can control the use of accounts based on the attitude of the account holder, but also enhances the security and does not hinder the convenience.

• Asia pacific journal of information systems
• /
• v.32 no.1
• /
• pp.32-50
• /
• 2022

Technology acceptance is one of the most popular research areas. Rapid developments in technology are making human life more comfortable. However, still most of the rural area has been deprived of benefits of technological advancement. Seventy percent population of India resides in rural area. Leveraging the improved penetration of the internet; mobile friendly population in rural India has been increasingly shopping online in the last few years. e-Governance is one of the important vehicles to provide efficient services to the citizens by Governments. One major obstacle is acceptance of e-Governance platforms by the citizens. Considering the increasing trend of using e-Commerce in rural area, this paper attempts to investigate moderating effect of online shopping experience on intention to use e-Governance portals. We surveyed 365 villagers across Maharashtra: one of the leading states in India. The result confirmed online shopping experience moderates the relationship between: 'perceived security & privacy' and 'attitude'; 'perceived security & privacy' and 'intention to use'; 'Perceived usefulness' and 'attitude'; and, 'attitude' and 'intention to use'. In this study definition of moderating variable 'experience' is unique and different than most of the popular studies. We defined experience as: 'prior use of any application of technology similar to the target application of technology'. Whereas prior studies considered experience as prior experience with target application of the technology.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1167-1188
• /
• 2017

The purpose of this study is to investigate the factors affecting cyber threat information provision in order to activate cyber threat information sharing in Korea. In particular, we looked at the intention to provide simple information and important information according to the importance of information. The research method was conducted on the information security practitioners' online survey in terms of users of information sharing system. And empirical analysis was conducted. As a result of the study, only the CEO's attitude influenced the intention to provide simple information. On the other hand, important information was influenced not only by the CEO's attitude but also by the information evaluation system, privatization, and mitigating legal penalties. The results of this study can identify the problems of the cyber threat information sharing system in Korea. And we can confirm the priority of improvement and the change of information providing intention before and after improvement of information sharing system.

• Journal of Digital Convergence
• /
• v.11 no.1
• /
• pp.27-38
• /
• 2013

There are two elements of security policy that can have a bearing on its effectiveness: content and form. While the content of the security policy has been investigated extensively in the most of the previous studies, there is very little literature on the form of the security policy. Since the form of the policy influences its success, it is important to understand how to articulate the form of a security policy. Thus, the aim of this study is to investigate the relationship between security form and policy compliance of employees. Research results find that dimensions of security form have effect on attitude towards security compliance, subjective norm, perceived behavioral control, and perceived response costs, and besides attitude towards security compliance and subjective norm have an effect on persistent security compliance intention. The conclusions and implications are discussed.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.10 no.4
• /
• pp.97-107
• /
• 2014

The development of ICT has led positive aspects such as popularization of Internet. It, on the other hand, is causing a negative aspect, Cyber Terror. Although the causes for recent and continuous increase of cyber security incidents are various such as lack of technical and institutional security measure, the main cause which threatens the cyber security is the users' lack of awareness and attitude. The purpose of this study is the positive analysis of how the personal and job characteristics influence the cyber security training participation rate and the response ability to cyber terror response training with a sample case of K-corporation employees. In this paper, the relationship among career, gender, department, whether he/she is a cyber security specialist, whether he/she is a regular employee), "ratio of cyber security training courses during recent three years", "ratio that he/she has opened the malicious email in cyber terror response training during recent three years", "response index of virus active-x installation (higher index means poorer response)" is closely examined. Moreover, based on the examination result, the practical and political implications regarding K-corporation's cyber security courses and cyber terror response training are studied.

• Asia pacific journal of information systems
• /
• v.18 no.4
• /
• pp.1-26
• /
• 2008

Rapid progress of information technology and widespread use of the personal computers have brought various conveniences in our life. But this also provoked a series of problems such as hacking, malicious programs, illegal exposure of personal information etc. Information security threats are becoming more and more serious due to enhanced connectivity of information systems. Nevertheless, users are not much aware of the severity of the problems. Using appropriate password is supposed to bring out security effects such as preventing misuses and banning illegal users. The purpose of this research is to empirically analyze a research model which includes a series of factors influencing the effectiveness of passwords. The research model incorporates the concept of risk based on information systems risk analysis framework as the core element affecting the selection of passwords by users. The perceived risk is a main factor that influences user's attitude on password security, security awareness, and intention of security behavior. To validate the research model this study relied on questionnaire survey targeted on evening class MBA students. The data was analyzed by AMOS 7.0 which is one of popular tools based on covariance-based structural equation modeling. According to the results of this study, while threat is not related to the risk, information assets and vulnerability are related to the user's awareness of risk. The relationships between the risk, users security awareness, password selection and security effectiveness are all significant. Password exposure may lead to intrusion by hackers, data exposure and destruction. The insignificant relationship between security threat and perceived risk can be explained by user's indetermination of risk exposed due to weak passwords. In other words, information systems users do not consider password exposure as a severe security threat as well as indirect loss caused by inappropriate password. Another plausible explanation is that severity of threat perceived by users may be influenced by individual difference of risk propensity. This study confirms that security vulnerability is positively related to security risk which in turn increases risk of information loss. As the security risk increases so does user's security awareness. Security policies also have positive impact on security awareness. Higher security awareness leads to selection of safer passwords. If users are aware of responsibility of security problems and how to respond to password exposure and to solve security problems of computers, users choose better passwords. All these antecedents influence the effectiveness of passwords. Several implications can be derived from this study. First, this study empirically investigated the effect of user's security awareness on security effectiveness from a point of view based on good password selection practice. Second, information security risk analysis framework is used as a core element of the research model in this study. Risk analysis framework has been used very widely in practice, but very few studies incorporated the framework in the research model and empirically investigated. Third, the research model proposed in this study also focuses on impact of security awareness of information systems users on effectiveness of password from cognitive aspect of information systems users.