This article contends that there are two increasingly important phenomena for organisations: the existence of virtual teams and the realisation that information needs to be protected more... Show More

This article contends that there are two increasingly important phenomena for organisations: the existence of virtual teams and the realisation that information needs to be protected more effectively. On-line communication methods expose organisations to issues regarding security of their ICT infrastructure, systems and data. At the same time, making possible virtual teams able to be unconstrained in purpose, time or location. While security measures are built into the teams' communication channels and processes, the perceptions, practices and organizational background of team members are equally important to the security of information being exchanged. A socio-technical approach is called for when investigating different perceptions of information security by individual team members, how they negotiate a common understanding for the team and what complexities and practices are introduced in multi-organisation teams. The article sets out issues which may need to be considered and proposes a course of research to increase understanding of the situation.

This article discusses the design and specifications of a Socio-Technical Security Information and Event Management System (ST-SIEM). This newly-developed artifact addresses an important limitation... Show More

This article discusses the design and specifications of a Socio-Technical Security Information and Event Management System (ST-SIEM). This newly-developed artifact addresses an important limitation identified in today incident response practice—the lack of sufficient context in actionable security information disseminated to constituent organizations. ST-SIEM tackles this limitation by considering the socio-technical aspect of information systems security. This concept is achieved by correlating the technical metrics of security warnings (which are generic in nature, and the sources of which are sometimes unknown) with predefined social security metrics (used for modeling the security culture of constituent organizations). ST-SIEM, accordingly, adapts the risk factor of the triggered security warning based on each constituent organization security culture. Moreover, the artifact features several socio-technical taxonomies with an impact factor to support organizations in classifying, reporting, and escalating actionable security information. The overall project uses design science research as a framework to develop the artifact.

As modern organisations are using strategic information systems as their competitive advantage, the management of information security (IS) is regarded as a top priority. However, technical measures... Show More

As modern organisations are using strategic information systems as their competitive advantage, the management of information security (IS) is regarded as a top priority. However, technical measures are no longer sufficient for protecting IS, and the prevalence of centralised IS controls and top-down approach in IS management are challenged by the dynamic socio-organisational environment. In this article, a canonical action research (CAR) project discusses the use of social network analysis (SNA) methods to design and implement a cascading IS training/diffusion, which leveraged the social dynamics in the workplace to enhance the IS-related interactions between the employees in a large construction organisation in Southeast Asia. Through the enhanced IS interactions, which involved the employees' provisions of IS resources and IS influence, results indicated an improvement in the employees' attitudes towards IS. The research outcomes advocated the effective use of SNA methods, in combination with the CAR approach, which included the network metrics and means to select the suitable champions for the diffusion of IS, as well as to measure the diffusion effectiveness. Future directions to develop new IS-related network theories and apply SNA methods to study other IS concepts are also discussed.

In this article, an IT risk management (ITRM) framework for small and medium enterprises (SMEs) is designed and evaluated. The framework's objective is to provide an uncomplicated and accessible... Show More

In this article, an IT risk management (ITRM) framework for small and medium enterprises (SMEs) is designed and evaluated. The framework's objective is to provide an uncomplicated and accessible ITRM approach primarily aimed at SMEs without a dedicated ITRM. The framework combines essential elements from three leading (IT) risk management frameworks: COBIT 5 for Risk, ISO/IEC 27005:2011 and M_o_R. The framework was developed by employing a design science research methodology for social artefacts and evaluated in two healthcare SMEs. The ITRM framework itself was assessed as comprehensible and potentially useful. Simultaneously, over-arching IT governance issues prevented the immediate framework implementation in the two cases. IT management researchers can draw on this article's findings to better understand the role of the social context in SMEs to achieve an effective practical impact. Practitioners in SMEs can draw on the current state of the framework for an initial ITRM implementation or to increase their current ITRM approaches' maturity.

In this article, a DFR framework is proposed focusing on the prioritization, triaging and selection of Indicators of Compromise (IoC) to be used when investigating of security incidents. A core... Show More

In this article, a DFR framework is proposed focusing on the prioritization, triaging and selection of Indicators of Compromise (IoC) to be used when investigating of security incidents. A core component of the framework is the contextualization of the IoCs to the underlying organization, which can be achieved with the use of clustering and classification algorithms and a local IoC database.

This article presents six ways to use work system concepts for describing, analyzing, or evaluating IS security at the system rather than enterprise level. As a whole, this theory-based view delves... Show More

This article presents six ways to use work system concepts for describing, analyzing, or evaluating IS security at the system rather than enterprise level. As a whole, this theory-based view delves into topics that typical technology or process-focused cybersecurity approaches may overlook. This article introduces work system theory and then summarizes six lenses that each imply broadly applicable questions and issues for describing, analyzing, or evaluating IS security situations, tools, or systems.