a r t i c l e i n f o Keywords: Principal agent theory Information security End-user security behaviors Security policy compliance Secure management of information systems is crucially important in information intensive organizations. Although most organizations have long been using security technologies, it is well known that technology tools alone are not sufficient. Thus, the area of end-use...

Security research continues to provide a plethora of new protocols and mechanisms; these solutions patch either existing vulnerabilities found in practical systems or solve hypothetical security problems in the sense that the problem is often conceived at the same time when the first solution is proposed. Yet only a very small fraction of this research is relevant to ordinary users in the sense...

The focus of this research is to develop a sophistication index for evaluating security breaches due to cyber-attacks. Although reports about cyber-attacks elucidate the sophistication involved in a given security or data breach, it is difficult to compare the sophistication of breaches across multiple attacks. Once we have an attack sophistication index, incidents can be compared and consequen...

This paper describes an experiment to investigate user perceptions of the usability and security of single-factor and two-factor authentication methods in automated telephone banking. In a controlled experiment with 62 banking customers a knowledge-based, single-factor authentication procedure, based on those commonly used in the financial services industry, was compared with a two-factor appro...

Purpose – In methods and manuals, the product of an information security incident’s probability and severity is seen as a risk to manage. The purpose of the test described in this paper is to investigate if information security risk is perceived in this way, if decision-making style influences the perceived relationship between the three variables and if the level of information security expert...

There is conflicting evidence as to the current level of awareness and impact of Web Assurance Seal Services (WASSs). This study examines the effects of an educational intervention designed to increase consumer's knowledge, of security and privacy aspect of business-to-consumer (B2C) e-commerce websites and assurance seal services. The study further explores the relationships among consumers' p...

Big Data Solutions (BDS) refers to innovative solutions designed to perform searching, mining and analysis of high volume of data. While BDS is being actively adopted by pioneering and leading organizations due to its prospective benefits, many organizations are still divided on the need to adopt it. Security issues related to big data’s characteristics are among the hindering factors cited by ...