• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.2
• /
• pp.355-370
• /
• 2022

This research investigates the impacts of information security (IS) culture and management leadership styles on employee's security behaviors (IS policies compliance, IS participation) in financial institutions. This study use the survey data collected from 236 employees of financial institutions. This research shows that IS culture has a positive effect on both behavioral intentions to comply with IS policies and the intentions to actively participate in information security activities. Transactional leadership has a positive impact on the IS policies compliance intentions and to participate in information security activities. In contrast, transformational leadership has a positive impact on the intentions to participate in information security activities, but not on the IS policies compliance intentions.

• Journal of Digital Convergence
• /
• v.19 no.8
• /
• pp.49-57
• /
• 2021

This paper aims to confirm the effect of self-control and organization-control on information security attitude. The research method is composed of a cross-design of locus of control and tightness culture. The measurement variables used in the assessment are information security actual attitude, compliace behavioral attitude, and information security efficacy. As a result, the locus of control had a significant effect on information security actual attitude, information security efficacy, information security efficacy, and it was found that influence of the internal-based condition was greater than the external-based condition. The tightness culture had a significant effect on compliace behavioral attitude, information security efficacy, and it was found that influence of the tight culture-based condition was greater than the loose culture-based condition. In addition, the discussion contatins the implications of information security direction that reflect these research results.

• Information Systems Review
• /
• v.18 no.1
• /
• pp.1-23
• /
• 2016

This study proposes an alternative to minimize insider-caused security threats that are relatively difficult to control and cause high uncertainty in information security management. Therefore, we investigate the relationship between organizational effort and the security understanding of employees to eventually enhance security compliance intention among employees. We develop a research model and formulate hypotheses on the basis of past findings. Accomplished questionnaires are collected from 526 employees working in organizations where information security policy is being implemented. In addition, we prove the hypotheses using a structural model. After reviewing the structural model, the security knowledge of employees and information security culture are determined to positively influence the security compliance intention of employees. Moreover, top management support, security policy, security visibility, and security education programs are proven to be antecedent factors in establishing a security culture in organizations. The findings of this study could guide organizations in formulating information security strategies to enhance the security compliance intention of employees.

• International Journal of Computer Science & Network Security
• /
• v.21 no.6
• /
• pp.312-318
• /
• 2021

Lack of knowledge and digital skills is a threat to the information security of the state and society, so the formation and development of organizational culture of information security is extremely important to manage this threat. The purpose of the article is to assess the state of information security of the state and society. The research methodology is based on a quantitative statistical analysis of the information security culture according to the EU-27 2019. The theoretical basis of the study is the theory of defense motivation (PMT), which involves predicting the individual negative consequences of certain events and the desire to minimize them, which determines the motive for protection. The results show the passive behavior of EU citizens in ensuring information security, which is confirmed by the low level of participation in trainings for the development of digital skills and mastery of basic or above basic overall digital skills 56% of the EU population with a deviation of 16%. High risks to information security in the context of damage to information assets, including software and databases, have been identified. Passive behavior of the population also involves the use of standard identification procedures when using the Internet (login, password, SMS). At the same time, 69% of EU citizens are aware of methods of tracking Internet activity and access control capabilities (denial of permission to use personal data, access to geographical location, profile or content on social networking sites or shared online storage, site security checks). Phishing and illegal acquisition of personal data are the biggest threats to EU citizens. It have been identified problems related to information security: restrictions on the purchase of products, Internet banking, provision of personal information, communication, etc. The practical value of this research is the possibility of applying the results in the development of programs of education, training and public awareness of security issues.

• Journal of Digital Convergence
• /
• v.19 no.2
• /
• pp.105-115
• /
• 2021

The purpose of this study is to present the effect of differences in individual coping and organizational homogeneity culture on information security compliance from an exploratory perspective. The study divided groups into individual coping (task-oriented, emotion-oriented) and organizational homogeneity culture (homogeneity, heterogeneity), confirms the difference in information security for each group through cross-design and presents a multiple mediation model between information security factors. As a result of the study, in the coping dimension, the average of the security compliance factors was higher in the emotion-oriented than the task-oriented, and in the homogeneity culture dimension, the average of the security compliance factors was higher in the homogeneity than the heterogeneity. Additionally, social influence and involvement had a multiple mediation effect on the relationship between information security awareness and compliance intention. The implications of this study were to confirm the difference in the effect of individual decision-making styles on security compliance according to the organizational culture differences. The results suggest the necessity of applying a customized information security compliance model for each organization and individual characteristics.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.47-51
• /
• 2021

The article analyzes and studies that pedagogical design of the educational process using information and communication technologies in educational institutions of higher education based on the development of a model and methodology personalization of training will improve the quality of the educational process at the university and solve the identified contradiction. A qualitative analysis of foreign countries in the possibility of using information and communication technologies in educational institutions of higher education is carried out.

• Asia pacific journal of information systems
• /
• v.21 no.3
• /
• pp.51-69
• /
• 2011

Security has been considered one of the most critical issues for managing IT resources in many organizations. Despite a growing interest and extensive research on security at various levels, little research has focused on the comparison of security knowledge levels between different cultures. The current study investigates and compares the security knowledge level between Korea and the U.S. Based on the literature review of spyware, Hofstede's cultural dimensions, and security knowledge, this study identifies three constructs (i.e., security familiarity, spyware awareness, and spyware knowledge) to examine the difference of security knowledge levels between Korea and the U.S. Six hundred ninety-six respondents from Korea and the U.S. participated in the survey, and an in-depth analysis based on analysis of covariance (ANCOVA) was carried out. The results show that the levels of security familiarity, spyware awareness, and spyware knowledge are significantly lower in Korea than in the U.S., as expected. These findings present a significant association between national culture and security knowledge, and the degree of individualism (or collectivism) plays an especially critical role in the perception of security. A number of implications for academia and practitioners emerge. Limitations and future research directions are discussed in the conclusion.

• International Journal of Computer Science & Network Security
• /
• v.21 no.4
• /
• pp.140-144
• /
• 2021

The article considers aspects of improving the quality of training of specialists based on the use of modern information and communication technologies in the educational process; the use of teaching methods and, as a result, an increase in the creative and intellectual components of educational activities; integration of various types of educational activities (educational, research, etc.); adaptation of information technology training to individual the characteristics of the student; ensuring continuity and consistency in learning; development of information technologies for distance learning; improving the software and methodological support of educational process.

• International Journal of Computer Science & Network Security
• /
• v.21 no.5
• /
• pp.222-230
• /
• 2021

The article reviews the issue of formation of information culture of social work bachelors in the process of their professional training. The main internal / external factors that determine the need for the information culture formation of social workers-to-be have been identified. To determine the levels of information culture formed in bachelors of social work criteria and their indicators have been substantiated. The model of information culture formation in BSW has been developed and implemented in Ukrainian universities under the following pedagogic conditions: organized informational environment; interconnection between general and professionally-directed courses; curriculum includes course directed on IC formation. The model contained interconnected components: aim - to achieve higher level of information culture formed; specific principles; content, interactive methods and forms of organization of educational process, methods of control and correction; components of information culture. The implemented mastered learning procedure has contributed to the leveling up of information culture formed in social work bachelors.

• International Journal of Advanced Culture Technology
• /
• v.3 no.2
• /
• pp.77-86
• /
• 2015

In this paper there is an overview of some standards and security models which are implemented in such an IP-based and heterogeneous networks and we also present some security models in an open environment and finally we obtain that as a result of the nature of 4G networks there are still more security holes and open issues for expert to notice. Our survey shows that a number of new security threats to cause unexpected service interruption and disclosure of information will be possible in 4G due mainly to the fact that 4G is an IP-based, heterogeneous network. Other than that, it tells about the security issues and vulnerabilities present in the above 4G standards are discussed. Finally, we point to potential areas for future vulnerabilities and evaluate areas in 4G security which warrant attention and future work by the research and advanced technology industry.