Insider abuse has always been a significant threat to information security management in organization. In order to address this issue, in this research we propose whistleblowing as another complementary measure to other existent approaches to strengthen the internal information security management. In particular, we focus on an investigation of employee intention to whistle-blow information sec...

This paper presents an ongoing case study into stakeholder perceptions regarding information security management systems in emergent organisations operating in Western Australia. It takes a socio-political perspective on the problem of how to manage simultaneously virtual collaboration and information security management. A literature review introduces the context and history of the research. I...

abstract the aim of the present research was to study the objective dimensions of security and the role of sport organizations in providing and developing security from the viewpoint of foreign sport tourists. the research was a descriptive survey. the statistical population (equal to the sample) consisted of foreign sport tourists participating in fajr international sport event (n=394). a rese...

Today business environment is highly dependent on complex technologies, and information is considered an important asset. Organizations are therefore required to protect their information infrastructure and follow an inclusive risk management approach. One way to achieve this is by aligning the information security investment decisions with respect to organizational strategy. A large number of ...

The prevalent approach to analysis of information security is typically event-centric and ad-hoc based primarily on risk management principles. However, we believe that scholars and practitioners in the information security field can benefit significantly from the experiences and principles of quality management, where process orientation dominates and continuous improvement is the essence. Thi...

This paper presents the findings of an empirical study of certification auditors’ and information security consultants’ experiences and insights concerning the implementation and certification of information security management systems. Using an action research strategy and a grounded theory research method, the study describes these particular experiences and insights primarily in terms of cri...

Knowledge Management (KM) has been recognized as a critical management strategy in generating competitive advantage for the organization. In order to protect organizational knowledge stored in or transferred through company’s Knowledge Management Systems (KMS), information security controls have to be incorporated into these systems. However, overly strict controls may adversely impact the perc...

Network security and identity management are top concerns for service providers. Detailed traffic monitoring and analysis are typically required to identify and isolate malicious users. Such process can take hours (if not days) especially during heavy traffic loads and substantial level of attacks. As a result, the network may crash even before the analysis is completed. Thus, it may be importa...

The large and open networks of Universities are particularly vulnerable because they often have multiple overlapping public and private networks. The staff, faculty members or students with infected devices might connect with the Universities networks. Many labs also have devices into their networks that were never intended to be there, which opens up new avenues of attack. This paper analyzed ...