This study involved an evaluation of the subjective perspectives held by a panel of 12 informaton security subject matter experts to determine the knowledge, skills, and abilities of information security undergraduates in meeting the needs of the information security business community. Knowledge, skills, and abilities deemed important in…

Despite advancements in pedagogy and technology, students often yearn for more applied opportunities in information security education. Further, small businesses are likely to have inadequate information security postures due to limited budgets and expertise. To address both issues, an advanced course in ethical hacking was developed which allows…

The study of employees' intention to comply with information security policies in higher education is limited. This research thus embarks on an empirical analysis of the factors predicting employees' intention to comply or the lack thereof with respect to their institutions' policies. The theoretical frameworks utilized by the study's model for…

Cybersecurity threats confront the United States on a daily basis, making them one of the major national security challenges. One approach to meeting these challenges is to improve user cybersecurity behavior. End user security behavior hinges on end user acceptance and use of the protective information technologies such as anti-virus and…

Research has shown that links exist between human capital factors (i.e., employee education, training, certification, and work experience) and organizational outcomes such as job performance, competitive advantage, and operational effectiveness. Few studies have examined the role of human capital in the field of information security despite these…

To improve the practical effect of an information system security course for students majoring in information security, a teaching method based on the theory of inventive problem solving (TIPS) that combines case-based teaching and project practice was introduced in the class. Adopting innovative thinking methods, we instructed students on the…

Information Security has been a challenge since humans began keeping information. With the advent of computerized data and computer networks, that challenge has increased dramatically. Not only are more breaches occurring, but public knowledge about those breaches is now commonplace adding to virtual hysteria concerning data and information…

Business leaders in Nigeria are concerned about the high rates of business failure and economic loss from security incidents and may not understand strategies for reducing the effects of information security threats on business performance. Guided by general systems theory and transformational leadership theory, the focus of this exploratory…

Today's organizations rely heavily on information technology to conduct their daily activities. Therefore, their information security systems are an area of heightened security concern. As a result, organizations implement information security programs to address and mitigate that concern. However, even with the emphasis on information security,…

This qualitative, evaluative case study details the conceptual framing, development, delivery, and assessment of a privacy literacy workshop called Digital Shred. The workshop is a multi-institutional effort offered initially in-person in fall 2019 and adapted to virtual delivery in fall 2020. The conceptual framework underlying the workshop…

Information Security issues are one of the top concerns of CEOs. Accordingly, information systems education and research have addressed security issues. One of the main areas of research is the behavioral issues in Information Security, primarily focusing on users' compliance to information security policies. We contribute to this literature by…

Information systems of today face more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users' disinclination to follow appropriate security measures. A well-secured system maintains integrity, confidentiality, and availability, while providing appropriate and consistent…

Despite organizations increasingly seeking talent to identify data to make better business decisions, many assignments provide the data for the students. This article encourages curriculum to introduce data and information request dimensions, identify data sources, write data and information requests, and reflect on data request examples. We…

Information security is a concern for managers implementing protection measures. Implementing information security measures requires communicating both the reason and remediation for the protection measure. Examining how an anti-spyware security communication affects an individual's intention to implement a protection measure could help improve…

Information security practitioners and researchers who possess sufficient depth of conceptual understanding to reconstitute systems after attacks or adapt information security concepts to novel situations are in short supply. Education of new information security professionals with sufficient conceptual depth is one method by which this shortage…