Now showing 1 - 8 of 8
  • Publication
    Warning! A Comprehensive Model of the Effects of Digital Information Security Warning Messages
    (IFIP, 2015-10-02) ;
    Barlow, Jordan
    ;
    Ormond, Dustin
    Despite existing countermeasures to combat malicious actions, users are the last line of defense to protect personal and organizational assets. Given that users often ignore warning messages that motivate compliant behavior, the issue of protecting personal and organizational assets is exacerbated. Messages that are largely ignored cannot have any impact on attitudes, motivation, or behavior. Therefore, crafting messages that increase attention and comprehension regarding specific threats and ways to cope with these threats is vital. This research combines the communication-human information processing (C-HIP) model with protection motivation theory (PMT) to assess how warning message content affects adherence especially when users pay attention to the content of the warning message. In essence, this study considers a holistic view of examining the channel (warning message), attention, comprehension and their influence on attitudes and beliefs, motivation, and behavior. Additionally, we propose including alternative courses of action in digital warning messages to increase secure attitudes, beliefs, and behavior. We test this holistic model through a series of field and lab experiments to evaluate message comprehension, attitudes, and beliefs and capture actual attention and secure behavior. [http://ifip.byu.edu/ifip2015.html Paper download]
  • Publication
    Identification and Importance of the Technological Risks of Open Source Software in the Enterprise Adoption Context
    (Universität Osnabrück, 2015-03-05) ;
    Open source software (OSS) has reshaped and remodeled various layers of the organizational ecosystem, becoming an important strategic asset for enterprises. Still, many enterprises are reluctant to adopt OSS. Knowledge about technological risks and their importance for IT executives is still under researched. We aim to identify the technological risks and their importance for OSS adoption during the risk identification phase in the enterprise context. We conducted an extensive literature review, identifying 34 risk factors from 88 papers, followed by an online survey of 115 IT executives to study the risk factors' importance. Our results will be very valuable for practitioners to use when evaluating, assessing and calculating the risks related to OSS product adoption. Also, researchers can use it as a base for future studies to expand current theoretical understanding of the OSS phenomenon related to IT risk management.
  • Publication
    Atos: Towards Zero Email Company
    (The Case Centre (UK), 2015) ;
    In 2011, the CEO of Atos, Thierry Breton, announced an unprecedented move for Atos. The global information services giant become a 'zero' email company with the objective of eradicating internal e-mail use and replacing it with blueKiwi - enterprise social network software. This case serves to teach the challenges and key lessons behind the social collaboration transformation in a large organisation where 76,000 employees switched to a new mode of collaboration. The approach of how to become a 'zero' email company is detailed, highlighting the importance of the first-order and second-order change. The case helps to understand what it takes to shift organisational culture and employee mindset, as well as what challenges and barriers need to be overcome to make such an important step on a large organisational scale.
  • Publication
    Taxonomy of technological risks of open source software in the enterprise adoption context
    (Emerald, 2015-10-15) ; ;
    Silic, Dario
    Purpose - The purpose of this paper is to identify the technological risks in the context of open source software (OSS) and suggest an integrative OSS risk taxonomy. Design/methodology/approach - The authors conducted an extensive literature review followed by expert interviews and applied the method for taxonomy development. Findings - This research has identified an integrative OSS risk taxonomy composed of 8 categories with 51 risk items. Originality/value - This taxonomy is a very useful tool for practitioners during the decision-making process when evaluating, assessing and calculating risks related to OSS adoption. Moreover, researchers can use it as a starting point for future studies to better understand the OSS phenomenon.
    Type:
    Journal:
    Volume:
    Issue:
    Scopus© Citations 12
  • Publication
    Email: from hero to zero - the beginning of the end?
    (Palgrave Macmillan, 2015-11-01) ; ;
    Silic, Dario
    In 2011, the CEO of Atos, Thierry Breton, announced an unprecedented move for the company. The global information services giant would become a ‘zero’ email company with the objective of eradicating internal email use and replacing it with blueKiwi – enterprise social network software. This case serves to teach the challenges and key lessons behind the social collaboration transformation in a large organization where 76,000 employees switched to a new mode of collaboration. The approach of how to become a zero email company is detailed, highlighting the importance of the first-order and second-order change. The case helps to understand what it takes to shift organizational culture and employee mindset, as well as what challenges and barriers need to be overcome to make such an important step on a large organizational scale.
    Type:
    Journal:
    Volume:
    Issue:
    Scopus© Citations 2
  • Publication
    The dark side of social networking sites : Understanding phishing risks
    (Elsevier, 2016-07-01) ;
    LinkedIn, with over 1.5 million Groups, has become a popular place for business employees to create private groups to exchange information and communicate. Recent research on social networking sites (SNSs) has widely explored the phenomenon and its positive effects on firms. However, social networking's negative effects on information security were not adequately addressed. Supported by the credibility, persuasion and motivation theories, we conducted 1) a field experiment, demonstrating how sensitive organizational data can be exploited, followed by 2) a qualitative study of employees engaged in SNSs activities; and 3) interviews with Chief Information Security Officers (CISOs). Our research has resulted in four main findings: 1) employees are easily deceived and susceptible to victimization on SNSs where contextual elements provide psychological triggers to attackers; 2) organizations lack mechanisms to control SNS online security threats, 3) companies need to strengthen their information security policies related to SNSs, where stronger employee identification and authentication is needed, and 4) SNSs have become important security holes where, with the use of social engineering techniques, malicious attacks are easily facilitated.
    Scopus© Citations 43
  • Publication
    Atos - Towards Zero Email Company
    (Association for Information Systems, 2015-05-28) ; ;
    Silic, Dario
    In 2011, the CEO of Atos, Thierry Breton, announced an unprecedented move for Atos. The global information services giant become a "zero" email company with the objective of eradicating internal e-mail use and replacing it with blueKiwi - enterprise social network software. This case serves to teach the challenges and key lessons behind the social collaboration transformation in a large organisation where 76,000 employees switched to a new mode of collaboration. The approach of how to become a "zero" email company is detailed, highlighting the importance of the first-order and second-order change. The case helps to understand what it takes to shift organisational culture and employee mindset, as well as what challenges and barriers need to be overcome to make such an important step on a large organisational scale.
  • Publication
    The Influence of Risk Factors in Decision-Making Process for Open Source Software Adoption
    (World Scientific Publishing, 2016-01) ;
    "Nobody ever got fired for buying IBM," was a widely used cliché in the 1970s in the corporate IT (information technology) world. Since then, the traditional process of purchasing software has dramatically changed, challenged by the advent of open source software (OSS). Since its inception in the 1980s, OSS has matured, grown, and become one of the important driving forces of the enterprise ecosystem. However, it has also brought important IT security risks that are impacting the OSS IT adoption decision-making process. The recent Heartbleed bug demonstrated the grandeur of the issue. While much of the noise relates to the amplification of perceived risks by the popular mass media coverage, the effect is that many enterprises, mainly for risk reasons, have still chosen not to adopt OSS. We investigated "how do information security related characteristics of OSS affect the risk perception and adoption decision of OSS" by conducting an online survey of 188 IT decision-makers. The proposed Open Source Risk Adoption Model offers novel insights on the importance of the perceived risk antecedents. Our research brings new theoretical contributions, such as understanding the perceived IT security risk (PISR) relationship with adoption intention (AI) in the OSS context, for researchers and important insights for IT information professionals. We have found that IT security risk has a significant role in OSS adoption intention. Our results offer possible future research directions and extend existing theoretical understanding of OSS adoption.
    Type:
    Journal:
    Volume:
    Issue:
    Scopus© Citations 15