for Journals by Title or ISSN
for Articles by Keywords
help

Publisher: Emerald   (Total: 356 journals)

 A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  

        1 2 | Last   [Sort by number of followers]   [Restore default list]

Showing 1 - 200 of 356 Journals sorted alphabetically
A Life in the Day     Hybrid Journal   (Followers: 12)
Academia Revista Latinoamericana de Administración     Open Access   (Followers: 2, SJR: 0.178, CiteScore: 1)
Accounting Auditing & Accountability J.     Hybrid Journal   (Followers: 32, SJR: 1.71, CiteScore: 3)
Accounting Research J.     Hybrid Journal   (Followers: 25, SJR: 0.144, CiteScore: 0)
Accounting, Auditing and Accountability J.     Hybrid Journal   (Followers: 25, SJR: 2.187, CiteScore: 4)
Advances in Accounting Education     Hybrid Journal   (Followers: 17, SJR: 0.279, CiteScore: 0)
Advances in Appreciative Inquiry     Hybrid Journal   (Followers: 1, SJR: 0.451, CiteScore: 1)
Advances in Autism     Hybrid Journal   (Followers: 31, SJR: 0.222, CiteScore: 1)
Advances in Dual Diagnosis     Hybrid Journal   (Followers: 47, SJR: 0.21, CiteScore: 1)
Advances in Gender Research     Full-text available via subscription   (Followers: 5, SJR: 0.16, CiteScore: 0)
Advances in Intl. Marketing     Full-text available via subscription   (Followers: 6)
Advances in Mental Health and Intellectual Disabilities     Hybrid Journal   (Followers: 83, SJR: 0.296, CiteScore: 0)
Advances in Mental Health and Learning Disabilities     Hybrid Journal   (Followers: 30)
African J. of Economic and Management Studies     Hybrid Journal   (Followers: 10, SJR: 0.216, CiteScore: 1)
Agricultural Finance Review     Hybrid Journal   (SJR: 0.406, CiteScore: 1)
Aircraft Engineering and Aerospace Technology     Hybrid Journal   (Followers: 211, SJR: 0.354, CiteScore: 1)
American J. of Business     Hybrid Journal   (Followers: 18)
Annals in Social Responsibility     Full-text available via subscription  
Anti-Corrosion Methods and Materials     Hybrid Journal   (Followers: 11, SJR: 0.235, CiteScore: 1)
Arts and the Market     Hybrid Journal   (Followers: 9)
Asia Pacific J. of Innovation and Entrepreneurship     Open Access   (Followers: 1)
Asia Pacific J. of Marketing and Logistics     Hybrid Journal   (Followers: 8, SJR: 0.425, CiteScore: 1)
Asia-Pacific J. of Business Administration     Hybrid Journal   (Followers: 6, SJR: 0.234, CiteScore: 1)
Asian Association of Open Universities J.     Open Access   (Followers: 1)
Asian Education and Development Studies     Hybrid Journal   (Followers: 5, SJR: 0.233, CiteScore: 1)
Asian J. on Quality     Hybrid Journal   (Followers: 3)
Asian Review of Accounting     Hybrid Journal   (Followers: 2, SJR: 0.222, CiteScore: 1)
Aslib J. of Information Management     Hybrid Journal   (Followers: 30, SJR: 0.725, CiteScore: 2)
Aslib Proceedings     Hybrid Journal   (Followers: 309)
Assembly Automation     Hybrid Journal   (Followers: 2, SJR: 0.603, CiteScore: 2)
Baltic J. of Management     Hybrid Journal   (Followers: 3, SJR: 0.309, CiteScore: 1)
Benchmarking : An Intl. J.     Hybrid Journal   (Followers: 10, SJR: 0.559, CiteScore: 2)
British Food J.     Hybrid Journal   (Followers: 17, SJR: 0.5, CiteScore: 2)
Built Environment Project and Asset Management     Hybrid Journal   (Followers: 15, SJR: 0.46, CiteScore: 1)
Business Process Re-engineering & Management J.     Hybrid Journal   (Followers: 8)
Business Strategy Series     Hybrid Journal   (Followers: 6)
Career Development Intl.     Hybrid Journal   (Followers: 17, SJR: 0.527, CiteScore: 2)
China Agricultural Economic Review     Hybrid Journal   (Followers: 2, SJR: 0.31, CiteScore: 1)
China Finance Review Intl.     Hybrid Journal   (Followers: 5, SJR: 0.245, CiteScore: 0)
Chinese Management Studies     Hybrid Journal   (Followers: 4, SJR: 0.278, CiteScore: 1)
Circuit World     Hybrid Journal   (Followers: 16, SJR: 0.246, CiteScore: 1)
Collection and Curation     Hybrid Journal   (Followers: 11, SJR: 0.296, CiteScore: 1)
COMPEL: The Intl. J. for Computation and Mathematics in Electrical and Electronic Engineering     Hybrid Journal   (Followers: 3, SJR: 0.22, CiteScore: 1)
Competitiveness Review : An Intl. Business J. incorporating J. of Global Competitiveness     Hybrid Journal   (Followers: 5, SJR: 0.274, CiteScore: 1)
Construction Innovation: Information, Process, Management     Hybrid Journal   (Followers: 14, SJR: 0.731, CiteScore: 2)
Corporate Communications An Intl. J.     Hybrid Journal   (Followers: 7, SJR: 0.453, CiteScore: 1)
Corporate Governance Intl. J. of Business in Society     Hybrid Journal   (Followers: 6, SJR: 0.336, CiteScore: 1)
Critical Perspectives on Intl. Business     Hybrid Journal   (SJR: 0.378, CiteScore: 1)
Cross Cultural & Strategic Management     Hybrid Journal   (Followers: 8, SJR: 0.504, CiteScore: 2)
Data Technologies and Applications     Hybrid Journal   (Followers: 323, SJR: 0.355, CiteScore: 1)
Development and Learning in Organizations     Hybrid Journal   (Followers: 8, SJR: 0.138, CiteScore: 0)
Digital Library Perspectives     Hybrid Journal   (Followers: 28, SJR: 0.341, CiteScore: 1)
Direct Marketing An Intl. J.     Hybrid Journal   (Followers: 6)
Disaster Prevention and Management     Hybrid Journal   (Followers: 21, SJR: 0.47, CiteScore: 1)
Drugs and Alcohol Today     Hybrid Journal   (Followers: 143, SJR: 0.245, CiteScore: 1)
Education + Training     Hybrid Journal   (Followers: 23)
Education, Business and Society : Contemporary Middle Eastern Issues     Hybrid Journal   (Followers: 1, SJR: 1.707, CiteScore: 3)
Emerald Emerging Markets Case Studies     Hybrid Journal   (Followers: 1)
Employee Relations     Hybrid Journal   (Followers: 8, SJR: 0.551, CiteScore: 2)
Engineering Computations     Hybrid Journal   (Followers: 3, SJR: 0.444, CiteScore: 1)
Engineering, Construction and Architectural Management     Hybrid Journal   (Followers: 10, SJR: 0.653, CiteScore: 2)
English Teaching: Practice & Critique     Hybrid Journal   (SJR: 0.417, CiteScore: 1)
Equal Opportunities Intl.     Hybrid Journal   (Followers: 3)
Equality, Diversity and Inclusion : An Intl. J.     Hybrid Journal   (Followers: 16, SJR: 0.5, CiteScore: 1)
EuroMed J. of Business     Hybrid Journal   (Followers: 1, SJR: 0.26, CiteScore: 1)
European Business Review     Hybrid Journal   (Followers: 9, SJR: 0.585, CiteScore: 3)
European J. of Innovation Management     Hybrid Journal   (Followers: 25, SJR: 0.454, CiteScore: 2)
European J. of Management and Business Economics     Open Access   (Followers: 1, SJR: 0.239, CiteScore: 1)
European J. of Marketing     Hybrid Journal   (Followers: 21, SJR: 0.971, CiteScore: 2)
European J. of Training and Development     Hybrid Journal   (Followers: 13, SJR: 0.477, CiteScore: 1)
Evidence-based HRM     Hybrid Journal   (Followers: 5, SJR: 0.537, CiteScore: 1)
Facilities     Hybrid Journal   (Followers: 3, SJR: 0.503, CiteScore: 2)
Foresight     Hybrid Journal   (Followers: 7, SJR: 0.34, CiteScore: 1)
Gender in Management : An Intl. J.     Hybrid Journal   (Followers: 20, SJR: 0.412, CiteScore: 1)
Global Knowledge, Memory and Communication     Hybrid Journal   (Followers: 976, SJR: 0.261, CiteScore: 1)
Grey Systems : Theory and Application     Hybrid Journal   (Followers: 1)
Health Education     Hybrid Journal   (Followers: 2, SJR: 0.421, CiteScore: 1)
Higher Education Evaluation and Development     Open Access  
Higher Education, Skills and Work-based Learning     Hybrid Journal   (Followers: 46, SJR: 0.426, CiteScore: 1)
History of Education Review     Hybrid Journal   (Followers: 12, SJR: 0.26, CiteScore: 0)
Housing, Care and Support     Hybrid Journal   (Followers: 8, SJR: 0.171, CiteScore: 0)
Human Resource Management Intl. Digest     Hybrid Journal   (Followers: 18, SJR: 0.129, CiteScore: 0)
IMP J.     Hybrid Journal  
Indian Growth and Development Review     Hybrid Journal   (SJR: 0.174, CiteScore: 0)
Industrial and Commercial Training     Hybrid Journal   (Followers: 5, SJR: 0.301, CiteScore: 1)
Industrial Lubrication and Tribology     Hybrid Journal   (Followers: 7, SJR: 0.334, CiteScore: 1)
Industrial Management & Data Systems     Hybrid Journal   (Followers: 7, SJR: 0.904, CiteScore: 3)
Industrial Robot An Intl. J.     Hybrid Journal   (Followers: 2, SJR: 0.318, CiteScore: 1)
Info     Hybrid Journal   (Followers: 1)
Information and Computer Security     Hybrid Journal   (Followers: 22, SJR: 0.307, CiteScore: 1)
Information Technology & People     Hybrid Journal   (Followers: 45, SJR: 0.671, CiteScore: 2)
Innovation & Management Review     Open Access  
Interactive Technology and Smart Education     Hybrid Journal   (Followers: 12, SJR: 0.191, CiteScore: 1)
Interlending & Document Supply     Hybrid Journal   (Followers: 61)
Internet Research     Hybrid Journal   (Followers: 37, SJR: 1.645, CiteScore: 5)
Intl. J. for Lesson and Learning Studies     Hybrid Journal   (Followers: 4, SJR: 0.324, CiteScore: 1)
Intl. J. for Researcher Development     Hybrid Journal   (Followers: 10)
Intl. J. of Accounting and Information Management     Hybrid Journal   (Followers: 9, SJR: 0.275, CiteScore: 1)
Intl. J. of Bank Marketing     Hybrid Journal   (Followers: 9, SJR: 0.654, CiteScore: 3)
Intl. J. of Climate Change Strategies and Management     Hybrid Journal   (Followers: 17, SJR: 0.353, CiteScore: 1)
Intl. J. of Clothing Science and Technology     Hybrid Journal   (Followers: 8, SJR: 0.318, CiteScore: 1)
Intl. J. of Commerce and Management     Hybrid Journal   (Followers: 1)
Intl. J. of Conflict Management     Hybrid Journal   (Followers: 15, SJR: 0.362, CiteScore: 1)
Intl. J. of Contemporary Hospitality Management     Hybrid Journal   (Followers: 14, SJR: 1.452, CiteScore: 4)
Intl. J. of Culture Tourism and Hospitality Research     Hybrid Journal   (Followers: 20, SJR: 0.339, CiteScore: 1)
Intl. J. of Development Issues     Hybrid Journal   (Followers: 9, SJR: 0.139, CiteScore: 0)
Intl. J. of Disaster Resilience in the Built Environment     Hybrid Journal   (Followers: 6, SJR: 0.387, CiteScore: 1)
Intl. J. of Educational Management     Hybrid Journal   (Followers: 5, SJR: 0.559, CiteScore: 1)
Intl. J. of Emergency Services     Hybrid Journal   (Followers: 9, SJR: 0.201, CiteScore: 1)
Intl. J. of Emerging Markets     Hybrid Journal   (Followers: 3, SJR: 0.474, CiteScore: 2)
Intl. J. of Energy Sector Management     Hybrid Journal   (Followers: 2, SJR: 0.349, CiteScore: 1)
Intl. J. of Entrepreneurial Behaviour & Research     Hybrid Journal   (Followers: 5, SJR: 0.629, CiteScore: 2)
Intl. J. of Ethics and Systems     Hybrid Journal   (Followers: 3, SJR: 0.333, CiteScore: 1)
Intl. J. of Event and Festival Management     Hybrid Journal   (Followers: 7, SJR: 0.388, CiteScore: 1)
Intl. J. of Gender and Entrepreneurship     Hybrid Journal   (Followers: 6, SJR: 0.445, CiteScore: 1)
Intl. J. of Health Care Quality Assurance     Hybrid Journal   (Followers: 12, SJR: 0.358, CiteScore: 1)
Intl. J. of Health Governance     Hybrid Journal   (Followers: 26, SJR: 0.247, CiteScore: 1)
Intl. J. of Housing Markets and Analysis     Hybrid Journal   (Followers: 9, SJR: 0.211, CiteScore: 1)
Intl. J. of Human Rights in Healthcare     Hybrid Journal   (Followers: 6, SJR: 0.205, CiteScore: 0)
Intl. J. of Information and Learning Technology     Hybrid Journal   (Followers: 8, SJR: 0.226, CiteScore: 1)
Intl. J. of Innovation Science     Hybrid Journal   (Followers: 11, SJR: 0.197, CiteScore: 1)
Intl. J. of Intelligent Computing and Cybernetics     Hybrid Journal   (Followers: 3, SJR: 0.214, CiteScore: 1)
Intl. J. of Intelligent Unmanned Systems     Hybrid Journal   (Followers: 4)
Intl. J. of Islamic and Middle Eastern Finance and Management     Hybrid Journal   (Followers: 9, SJR: 0.375, CiteScore: 1)
Intl. J. of Law and Management     Hybrid Journal   (Followers: 2, SJR: 0.217, CiteScore: 1)
Intl. J. of Leadership in Public Services     Hybrid Journal   (Followers: 27)
Intl. J. of Lean Six Sigma     Hybrid Journal   (Followers: 8, SJR: 0.802, CiteScore: 3)
Intl. J. of Logistics Management     Hybrid Journal   (Followers: 10, SJR: 0.71, CiteScore: 2)
Intl. J. of Managerial Finance     Hybrid Journal   (Followers: 5, SJR: 0.203, CiteScore: 1)
Intl. J. of Managing Projects in Business     Hybrid Journal   (Followers: 2, SJR: 0.36, CiteScore: 2)
Intl. J. of Manpower     Hybrid Journal   (Followers: 2, SJR: 0.365, CiteScore: 1)
Intl. J. of Mentoring and Coaching in Education     Hybrid Journal   (Followers: 27, SJR: 0.426, CiteScore: 1)
Intl. J. of Migration, Health and Social Care     Hybrid Journal   (Followers: 12, SJR: 0.307, CiteScore: 1)
Intl. J. of Numerical Methods for Heat & Fluid Flow     Hybrid Journal   (Followers: 11, SJR: 0.697, CiteScore: 3)
Intl. J. of Operations & Production Management     Hybrid Journal   (Followers: 19, SJR: 2.052, CiteScore: 4)
Intl. J. of Organization Theory and Behavior     Hybrid Journal  
Intl. J. of Organizational Analysis     Hybrid Journal   (Followers: 3, SJR: 0.268, CiteScore: 1)
Intl. J. of Pervasive Computing and Communications     Hybrid Journal   (Followers: 3, SJR: 0.138, CiteScore: 1)
Intl. J. of Pharmaceutical and Healthcare Marketing     Hybrid Journal   (Followers: 4, SJR: 0.25, CiteScore: 1)
Intl. J. of Physical Distribution & Logistics Management     Hybrid Journal   (Followers: 11, SJR: 1.821, CiteScore: 4)
Intl. J. of Prisoner Health     Hybrid Journal   (Followers: 8, SJR: 0.303, CiteScore: 1)
Intl. J. of Productivity and Performance Management     Hybrid Journal   (Followers: 8, SJR: 0.578, CiteScore: 2)
Intl. J. of Public Sector Management     Hybrid Journal   (Followers: 32, SJR: 0.438, CiteScore: 1)
Intl. J. of Quality & Reliability Management     Hybrid Journal   (Followers: 8, SJR: 0.492, CiteScore: 2)
Intl. J. of Quality and Service Sciences     Hybrid Journal   (Followers: 2, SJR: 0.309, CiteScore: 1)
Intl. J. of Retail & Distribution Management     Hybrid Journal   (Followers: 6, SJR: 0.742, CiteScore: 3)
Intl. J. of Service Industry Management     Hybrid Journal   (Followers: 3)
Intl. J. of Social Economics     Hybrid Journal   (Followers: 5, SJR: 0.225, CiteScore: 1)
Intl. J. of Sociology and Social Policy     Hybrid Journal   (Followers: 53, SJR: 0.3, CiteScore: 1)
Intl. J. of Sports Marketing and Sponsorship     Hybrid Journal   (Followers: 1, SJR: 0.269, CiteScore: 1)
Intl. J. of Structural Integrity     Hybrid Journal   (Followers: 2, SJR: 0.228, CiteScore: 0)
Intl. J. of Sustainability in Higher Education     Hybrid Journal   (Followers: 14, SJR: 0.502, CiteScore: 2)
Intl. J. of Tourism Cities     Hybrid Journal   (Followers: 2, SJR: 0.502, CiteScore: 0)
Intl. J. of Web Information Systems     Hybrid Journal   (Followers: 4, SJR: 0.186, CiteScore: 1)
Intl. J. of Wine Business Research     Hybrid Journal   (Followers: 8, SJR: 0.562, CiteScore: 2)
Intl. J. of Workplace Health Management     Hybrid Journal   (Followers: 10, SJR: 0.303, CiteScore: 1)
Intl. Marketing Review     Hybrid Journal   (Followers: 15, SJR: 0.895, CiteScore: 3)
Irish J. of Occupational Therapy     Open Access   (Followers: 7)
ISRA Intl. J. of Islamic Finance     Open Access  
J. for Multicultural Education     Hybrid Journal   (Followers: 1, SJR: 0.237, CiteScore: 1)
J. of Accounting & Organizational Change     Hybrid Journal   (Followers: 6, SJR: 0.301, CiteScore: 1)
J. of Accounting in Emerging Economies     Hybrid Journal   (Followers: 9)
J. of Adult Protection, The     Hybrid Journal   (Followers: 15, SJR: 0.314, CiteScore: 1)
J. of Advances in Management Research     Hybrid Journal   (Followers: 2)
J. of Aggression, Conflict and Peace Research     Hybrid Journal   (Followers: 45, SJR: 0.222, CiteScore: 1)
J. of Agribusiness in Developing and Emerging Economies     Hybrid Journal   (SJR: 0.108, CiteScore: 0)
J. of Applied Accounting Research     Hybrid Journal   (Followers: 17, SJR: 0.227, CiteScore: 1)
J. of Applied Research in Higher Education     Hybrid Journal   (Followers: 49, SJR: 0.2, CiteScore: 0)
J. of Asia Business Studies     Hybrid Journal   (Followers: 2, SJR: 0.245, CiteScore: 1)
J. of Assistive Technologies     Hybrid Journal   (Followers: 19)
J. of Business & Industrial Marketing     Hybrid Journal   (Followers: 10, SJR: 0.652, CiteScore: 2)
J. of Business Strategy     Hybrid Journal   (Followers: 12, SJR: 0.333, CiteScore: 1)
J. of Capital Markets Studies     Open Access  
J. of Centrum Cathedra     Open Access  
J. of Children's Services     Hybrid Journal   (Followers: 5, SJR: 0.243, CiteScore: 1)
J. of Chinese Economic and Foreign Trade Studies     Hybrid Journal   (Followers: 1, SJR: 0.2, CiteScore: 0)
J. of Chinese Entrepreneurship     Hybrid Journal   (Followers: 4)
J. of Chinese Human Resource Management     Hybrid Journal   (Followers: 6, SJR: 0.173, CiteScore: 1)
J. of Communication Management     Hybrid Journal   (Followers: 6, SJR: 0.625, CiteScore: 1)
J. of Consumer Marketing     Hybrid Journal   (Followers: 19, SJR: 0.664, CiteScore: 2)
J. of Corporate Real Estate     Hybrid Journal   (Followers: 3, SJR: 0.368, CiteScore: 1)
J. of Criminal Psychology     Hybrid Journal   (Followers: 135, SJR: 0.268, CiteScore: 1)
J. of Criminological Research, Policy and Practice     Hybrid Journal   (Followers: 48, SJR: 0.254, CiteScore: 1)
J. of Cultural Heritage Management and Sustainable Development     Hybrid Journal   (Followers: 10, SJR: 0.257, CiteScore: 1)
J. of Defense Analytics and Logistics     Open Access  
J. of Documentation     Hybrid Journal   (Followers: 187, SJR: 0.613, CiteScore: 1)
J. of Economic and Administrative Sciences     Hybrid Journal   (Followers: 2)
J. of Economic Studies     Hybrid Journal   (Followers: 5, SJR: 0.733, CiteScore: 1)
J. of Economics, Finance and Administrative Science     Open Access   (Followers: 1, SJR: 0.217, CiteScore: 1)
J. of Educational Administration     Hybrid Journal   (Followers: 6, SJR: 1.252, CiteScore: 2)
J. of Enabling Technologies     Hybrid Journal   (Followers: 11, SJR: 0.369, CiteScore: 1)
J. of Engineering, Design and Technology     Hybrid Journal   (Followers: 16, SJR: 0.212, CiteScore: 1)
J. of Enterprise Information Management     Hybrid Journal   (Followers: 4, SJR: 0.827, CiteScore: 4)
J. of Enterprising Communities People and Places in the Global Economy     Hybrid Journal   (Followers: 1, SJR: 0.281, CiteScore: 1)
J. of Entrepreneurship and Public Policy     Hybrid Journal   (Followers: 8, SJR: 0.262, CiteScore: 1)
J. of European Industrial Training     Hybrid Journal   (Followers: 2)
J. of European Real Estate Research     Hybrid Journal   (Followers: 3, SJR: 0.268, CiteScore: 1)
J. of Facilities Management     Hybrid Journal   (Followers: 5, SJR: 0.33, CiteScore: 1)
J. of Family Business Management     Hybrid Journal   (Followers: 7)
J. of Fashion Marketing and Management     Hybrid Journal   (Followers: 12, SJR: 0.608, CiteScore: 2)

        1 2 | Last   [Sort by number of followers]   [Restore default list]

Journal Cover
Information and Computer Security
Journal Prestige (SJR): 0.307
Citation Impact (citeScore): 1
Number of Followers: 22  
 
  Hybrid Journal Hybrid journal (It can contain Open Access articles)
ISSN (Print) 0968-5227 - ISSN (Online) 2056-4961
Published by Emerald Homepage  [356 journals]
  • Actionable threat intelligence for digital forensics readiness
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing. Design/methodology/approach This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities. Findings While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain. Originality/value The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:22:57Z
      DOI: 10.1108/ICS-09-2018-0110
       
  • Socio-technical systems cybersecurity framework
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose This paper aims to identify and appropriately respond to any socio-technical gaps within organisational information and cybersecurity practices. This culminates in the equal emphasis of both the social, technical and environmental factors affecting security practices. Design/methodology/approach The socio-technical systems theory was used to develop a conceptual process model for analysing organisational practices in terms of their social, technical and environmental influence. The conceptual process model was then applied to specifically analyse some selected information and cybersecurity frameworks. The outcome of this exercise culminated in the design of a socio-technical systems cybersecurity framework that can be applied to any new or existing information and cybersecurity solutions in the organisation. A framework parameter to help continuously monitor the mutual alignment of the social, technical and environmental dimensions of the socio-technical systems cybersecurity framework was also introduced. Findings The results indicate a positive application of the socio-technical systems theory to the information and cybersecurity domain. In particular, the application of the conceptual process model is able to successfully categorise the selected information and cybersecurity practices into either social, technical or environmental practices. However, the validation of the socio-technical systems cybersecurity framework requires time and continuous monitoring in a real-life environment. Practical implications This research is beneficial to chief security officers, risk managers, information technology managers, security professionals and academics. They will gain more knowledge and understanding about the need to highlight the equal importance of both the social, technical and environmental dimensions of information and cybersecurity. Further, the less emphasised dimension is posited to open an equal but mutual security vulnerability gap as the more emphasised dimension. Both dimensions must, therefore, equally and jointly be emphasised for optimal security performance in the organisation. Originality/value The application of socio-technical systems theory to the information and cybersecurity domain has not received much attention. In this regard, the research adds value to the information and cybersecurity studies where too much emphasis is placed on security software and hardware capabilities.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:21:58Z
      DOI: 10.1108/ICS-03-2018-0031
       
  • Effect of long-term orientation on voluntary security actions
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose This paper aims to examine the impact an individual’s long-term orientation (a cultural dimension) has on their attitude, behavioral intention and actual voluntary security actions taken in the context of the dangers related to poor account access management. Design/methodology/approach The paper relied upon survey data and actual usage information from a culturally diverse sample of 227 individuals who were introduced to the specific security problem and the accepted solution of using a password manager application. Findings The paper provides empirical evidence that the effect of positive attitudes increased when individuals were more long-term oriented, but the effect was reversed for average/negative attitudes toward the voluntary security behavior. Furthermore, participants with high long-term orientation and strong positive attitudes toward the security action actually adopted password manager applications 57 per cent more than the average adoption rate across the sample. Research limitations/implications Due to the research approach (survey data), security context and sample population, the research results may lack generalizability. Practical implications The findings suggest that security awareness messaging and training should account for differences in long-term orientation of the target audience and integrate the distinctly different types of messages that have been shown to improve an individual’s participation in voluntary security actions. Originality/value The paper addresses previous research calls for examining possible cultural differences that impact security behaviors and is the only study that has focused on the impact of long-term orientation, specifically on voluntary security actions.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:20:56Z
      DOI: 10.1108/ICS-07-2018-0086
       
  • Mitigating cyber attacks through the measurement of non-IT
           professionals’ cybersecurity skills
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose Users’ mistakes due to poor cybersecurity skills result in up to 95 per cent of cyber threats to organizations. Threats to organizational information systems continue to result in substantial financial and intellectual property losses. This paper aims to design, develop and empirically test a set of scenarios-based hands-on tasks to measure the cybersecurity skills of non-information technology (IT) professionals. Design/methodology/approach This study was classified as developmental in nature and used a sequential qualitative and quantitative method to validate the reliability of the Cybersecurity Skills Index (CSI) as a prototype-benchmarking tool. Next, the prototype was used to empirically test the demonstrated observable hands-on skills level of 173 non-IT professionals. Findings The importance of skills and hands-on assessment appears applicable to cybersecurity skills of non-IT professionals. Therefore, by using an expert-validated set of cybersecurity skills and scenario-driven tasks, this study established and validated a set of hands-on tasks that measure observable cybersecurity skills of non-IT professionals without bias or the high-stakes risk to IT. Research limitations/implications Data collection was limited to the southeastern USA and while the sample size of 173 non-IT professionals is valid, further studies are required to increase validation of the results and generalizability. Originality/value The validated and reliable CSI operationalized as a tool that measures the cybersecurity skills of non-IT professionals. This benchmarking tool could assist organizations with mitigating threats due to vulnerabilities and breaches caused by employees due to poor cybersecurity skills.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:19:56Z
      DOI: 10.1108/ICS-11-2016-0088
       
  • Customer data security and theft: a Malaysian organization’s
           experience
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose This study aims to identify weaknesses in current internal control systems in protecting customer data and the drivers that motivate employees to steal customer data and the impact of customer data theft on the organization. Design/methodology/approach A case study approach was taken to investigate and analyze internal control system weaknesses. One organization that involved investor and treasury services was selected as a case study in this research. A mixed method of data collection, specifically survey questionnaires and observations, was used. Findings This study revealed that employees are aware of the policy to protect customer data in their organization. Ironically, customer data theft still occurred despite the company having an internal control system. The main concern was the attitude of the employees to adhere to the policies in place, which becomes the major cause of internal control violation. Employees tend to ignore policies and standard operating procedures, providing opportunities for data theft and fraud to occur, although they realize this will result in a severe impact on the reputation of a company. Research limitations/implications The results provide further confirmation of the fraud triangle theory, i.e. opportunity on the possible causes of the data theft and fraud, supporting prior empirical research and surveys conducted by researchers and global professional firms on fraud. This study, however, was conducted on only one organization with limited participation from employees because of the sensitivity of the nature of the topic. Practical implications This study provided recommendations that can be a reference for companies and regulatory bodies in preventing customer data theft cases, such as regular training and awareness campaigns to the staff, stringent recruitment policies, close monitoring on the accessibility of customer data and continuous use of advanced technology to prevent a data breach. Originality/value This study is original, as it focuses on an organization that operates in the financial services industry, which is one of the most attacked sectors for data theft and cybercrime activity globally. Furthermore, this kind of research is rare in fraud literature, particularly in developing markets such as Malaysia. The findings of this study are inferred from the direct observation of the organizational and employee work environments, activities and behaviors, which are private and confidential and difficult to access by researchers for publication in academic journals.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:16:16Z
      DOI: 10.1108/ICS-04-2018-0043
       
  • Forensic analysis of Google Allo messenger on Android platform
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose The purpose of this paper is to conduct a forensic analysis of Google Allo messenger on an Android-based mobile phone. The focus was on the analysis of the data stored by this application in the internal memory of the mobile device, with minimal use of third-party applications. The findings were compared with the already existing works on this topic. Android is the most popular operating system for mobile devices, and these devices often contain a massive amount of personal information about the user such as photos and contact details. Analysis of these applications is required in case of a forensic investigation and makes the process easier for forensic analysts. Design/methodology/approach Logical acquisition of the data stored by these applications was performed. A locked Android device was used for this purpose. Some scripts are presented to help in data acquisition using Android Debug Bridge (ADB). Manual forensic analysis of the device image was performed to see whether the activities carried out on these applications are stored in the internal memory of the device. A comparative analysis of an existing mobile forensic tool was also performed to show the effectiveness of the methodology adopted. Findings Forensic artifacts were recovered from Allo application. Multimedia content such as images were also retrieved from the internal memory. Research limitations/implications As this study was conducted for forensic analysis, it assumed that the mobile device used already has USB debugging enabled on it, although this might not be the applicable in some of the cases. This work provides an optimal approach to acquiring artifacts with minimal use of third-party applications. Practical implications Most of the mobile devices contain messaging application such as Allo installed. A large amount of personal information can be obtained from the forensic analysis of these applications, which can be useful in any criminal investigation. Originality/value This is the first study which focuses on the Google Allo application. The proposed methodology was able to extract almost as much as the data obtained using earlier approaches, but with minimal third-party application usage.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:14:56Z
      DOI: 10.1108/ICS-03-2017-0011
       
  • Mitigating e-services avoidance: the role of government cybersecurity
           preparedness
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose The purpose of this study is to understand why individuals choose to avoid using e-services due to security concerns and perceived risk when these factors are affected by the perceived degree of government cybersecurity preparedness against cyberattacks. Design/methodology/approach The authors adopt the information systems success model to predict the role of government security preparedness efforts in influencing the determinants of e-services avoidance. The conceptual model includes four variables: security concerns, perceived risk of cyberattacks, perceived government cybersecurity preparedness and e-services avoidance. Data from 774 participants were used to analyze our conceptual model. Findings First, the findings show that security concerns regarding personal information safety and perceived risk of cyberattacks are barriers to e-services use, with the former having a stronger effect. Second, the findings showed that perceived government cybersecurity preparedness significantly reduces security concerns and perceived risk of cyberattacks. Third, the post hoc group analysis between individuals with a bachelor’s degree or higher versus those without a bachelor’s degree showed that the effect of both security concerns and perceived risk of cyberattacks on e-services avoidance was greater for individuals without a bachelor’s degree. The same relationship between perceived risk of cyberattacks and e-services avoidance was not supported for individuals with a bachelor’s degree or higher. Originality/value Extant privacy research fails to adequately examine the role of institutional factors, such as government efforts, and how these mitigate or amplify cybersecurity concerns and risks related to e-services. This research takes the first step toward addressing this limitation by examining the influence of government cybersecurity preparedness efforts on the determinants of e-services avoidance.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:14:16Z
      DOI: 10.1108/ICS-02-2018-0024
       
  • A framework for reporting and dealing with end-user security policy
           compliance
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose It is widely acknowledged that non-compliance of employees with information security polices is one of the major challenges facing organisations. This paper aims to propose a model that is intended to provide a comprehensive framework for raising the level of compliance amongst end-users, with the aim of monitoring, measuring and responding to users’ behaviour with an information security policy. Design/methodology/approach The proposed model is based on two main concepts: a taxonomy of the response strategy to non-compliant behaviour and a compliance points system. The response taxonomy comprises two categories: awareness raising and enforcement of the security policy. The compliance points system is used to reward compliant behaviour and penalise non-compliant behaviour. Findings A prototype system has been developed to simulate the proposed model and work as a real system that responds to the behaviour of users (reflecting both violations and compliance behaviour). In addition, the model has been evaluated by interviewing experts from academic and industry. They considered the proposed model to offers a novel approach for managing end users’ behaviour with the information security policies. Research limitations/implications Psychological factors were out of the research scope at this stage. The proposed model may have some psychological impacts upon users; therefore, this issue needs to be considered by studying the potential impacts and the best solutions. Originality/value Users being compliant with the information security policies of their organisation is the key to strengthen information security. Therefore, when employees have a good level of compliance with security policies, this positively affects the overall security of an organisation.
      Citation: Information and Computer Security
      PubDate: 2019-02-11T02:13:16Z
      DOI: 10.1108/ICS-12-2017-0097
       
  • A review of security assessment methodologies in industrial control
           systems
    • Abstract: Information and Computer Security, Ahead of Print.
      Purpose The common implementation practices of modern industrial control systems (ICS) has left a window wide open to various security vulnerabilities. As the cyber-threat landscape continues to evolve, the ICS and their underlying architecture must be protected to withstand cyber-attacks. This study aims to review several ICS security assessment methodologies to identify an appropriate vulnerability assessment method for the ICS systems that examine both critical physical and cyber systems so as to protect the national critical infrastructure. Design/methodology/approach This paper reviews several ICS security assessment methodologies and explores whether the existing methodologies are indeed sufficient to meet the cyber security assessment exercise required to validate the security of electrical power control systems. Findings The study showed that most of the examined methodologies seem to concentrate on vulnerability identification and prioritisation techniques, whilst other security techniques received noticeably less attention. The study also showed that the least attention is devoted to patch management process due to the critical nature of the SCADA system. Additionally, this review portrayed that only two security assessment methodologies exhibited absolute fulfilment of all NERC-CIP security requirements, whilst the others only partially fulfilled the essential requirements. Originality/value This paper presents a review and a comparative analysis of several standard SCADA security assessment methodologies and guidelines published by internationally recognised bodies. In addition, it explores the adequacy of the existing methodologies in meeting cyber security assessment practices required for electrical power networks.
      Citation: Information and Computer Security
      PubDate: 2019-02-07T03:07:40Z
      DOI: 10.1108/ICS-04-2018-0048
       
  • Assessing the information quality of phishing-related content on financial
           institutions’ websites
    • Pages: 514 - 532
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 514-532, November 2018.
      Purpose Phishing attacks exploit social vulnerabilities and remain a global concern. Financial institutions often use their websites as part of their online awareness and education efforts. This paper aims to explore the effectiveness of phishing-related information made available by financial institutions to raise awareness and educate customers. Design/methodology/approach In this mixed methods research, a survey of online consumers was first performed and analysed. Second, the information available on the websites of major financial institutions was analysed. Using the construct of information quality (IQ), content analysis was performed to determine whether the phishing-related information meets the IQ criteria. Findings The survey confirmed that consumers are indeed targeted by phishers. It established that they turn to their financial institutions, more often than any other source, for anti-phishing information. When analysing the IQ of phishing-related information, significant deficiencies as well as different levels of performance between the financial institutions, emerged. In general, the worst performing IQ criteria was information being current and fit for purpose. Research limitations/implications As the research is conducted within South Africa, the results cannot be generalised. The ethical clearance did not allow for identification of the different financial institutions and thus comparing consumers’ perceptions with the observed IQ from the content analysis to determine correlation. Practical implications Protecting consumers against phishing attacks remains critical, and this paper confirms that users turn to their financial institutions for information. Yet, the phishing-related information made available on the websites of financial institutions has severe deficiencies. Practitioners should use IQ to determine the appropriateness of phishing-related information and focus on improving customer awareness and education. Originality/value Researchers often highlight the importance of awareness and education programmes in protecting consumers, but rarely investigate if consumers access publicly available information and express an opinion on the quality of this information. Although the results should not generalised, the recommendations, if necessary through similar analysis, has an impact beyond the geographical constraints of the study.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:13Z
      DOI: 10.1108/ICS-09-2017-0067
       
  • Work-related groups and information security policy compliance
    • Pages: 533 - 550
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 533-550, November 2018.
      Purpose It is widely acknowledged that norms and culture influence decisions related to information security. The purpose of this paper is to investigate how work-related groups influence information security policy compliance intentions and to what extent this influence is captured by the Theory of Planned Behavior, an established model over individual decision-making. Design/methodology/approach A multilevel model is used to test the influence of work-related groups using a cluster sample of responses from 2,291 employees from 203 worksites, 119 organizations, 6 industries and 38 professions. Findings The results suggest that work-related groups influence individuals’ decision-making in the manner in which contemporary theories of information security culture posit. However, the influence is weak to modest and overshadowed by individual perceptions that are straightforward to measure. Research limitations/implications This paper is limited to one national culture and four types of work-related groups. However, the results suggest that the Theory of Planned Behavior captures most of the influence that work-related groups have on decision-making. Future research on security culture and similar phenomena should take this into account. Practical implications Information security perceptions in work-related groups are diverse and information security decisions appear to be based on individual perceptions and priorities rather than groupthink or peer-pressure. Security management interventions may be more effective if they target individuals rather than groups. Originality/value This paper tests some of the basic ideas related to information security culture and its influence on individuals’ decision-making.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:22Z
      DOI: 10.1108/ICS-08-2017-0054
       
  • Ontology-based information security compliance determination and control
           selection on the example of ISO 27002
    • Pages: 551 - 567
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 551-567, November 2018.
      Purpose The purpose of this paper is to provide a method to formalize information security control descriptions and a decision support system increasing the automation level and, therefore, the cost efficiency of the information security compliance checking process. The authors advanced the state-of-the-art by developing and applying the method to ISO 27002 information security controls and by developing a semantic decision support system. Design/methodology/approach The research has been conducted under design science principles. The formalized information security controls were used in a compliance/risk management decision support system which has been evaluated with experts and end-users in real-world environments. Findings There are different ways of obtaining compliance to information security standards. For example, by implementing countermeasures of different quality depending on the protection needs of the organization. The authors developed decision support mechanisms which use the formal control descriptions as input to support the decision-maker at identifying the most appropriate countermeasure strategy based on cost and risk reduction potential. Originality/value Formalizing and mapping the ISO 27002 controls to the security ontology enabled the authors to automatically determine the compliance status and organization-wide risk-level based on the formal control descriptions and the modelled environment, including organizational structures, IT infrastructure, available countermeasures, etc. Furthermore, it allowed them to automatically determine which countermeasures are missing to ensure compliance and to decrease the risk to an acceptable level.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:33Z
      DOI: 10.1108/ICS-02-2018-0020
       
  • Information security practice in Saudi Arabia: case study on Saudi
           organizations
    • Pages: 568 - 583
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 568-583, November 2018.
      Purpose Information security of an organization is influenced by the deployed policy and procedures. Information security policy reflects the organization’s attitude to the protection of its information assets. The purpose of this paper is to investigate the status of the information security policy at a subset of Saudi’s organizations by understanding the perceptions of their information technology’s employees. Design/methodology/approach A descriptive and statistical approach has been used to describe the collected data and characteristics of the IT employees and managers to understand the information security policy at the surveyed organizations. The author believes that understanding the IT employees’ views gives a better understanding of the organization’s status of information security policy. Findings It has been found that most of the surveyed organizations have established information security policy and deployed fair technology; however, many of such policies are not enforced and publicized effectively and efficiently which degraded the deployed technology for such protection. In addition, the clarity and the comprehensibility of such policies are questionable as indicated by most of the IT employees’ responses. A comparison with similar studies at Middle Eastern and European countries has shown similar findings and shares the same concerns. Originality/value The findings of this research suggest that the Saudi Communications and Information Technology Commission should develop a national framework for information security to guide the governmental and non-governmental organizations as well as the information security practitioners on the good information security practices in terms of policy and procedures to help the organizations to avoid any vulnerability that may lead to violations on the security of their information.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:06Z
      DOI: 10.1108/ICS-01-2018-0006
       
  • An approach to information security culture change combining ADKAR and the
           ISCA questionnaire to aid transition to the desired culture
    • Pages: 584 - 612
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 584-612, November 2018.
      Purpose Employee behaviour is a continuous concern owing to the number of information security incidents resulting from employee behaviour. The purpose of this paper is to propose an approach to information security culture change management (ISCCM) that integrates existing change management approaches, such as the ADKAR model of Prosci, and the Information Security Culture Assessment (ISCA) diagnostic instrument (questionnaire), to aid in addressing the risk of employee behaviour that could compromise information security. Design/methodology/approach The ISCCM approach is constructed based on literature and the inclusion of the ISCA diagnostic instrument. The ISCA diagnostic instrument statements are also presented in this paper. The ISCCM approach using ISCA is illustrated using data from an empirical study. Findings The ISCCM approach was found to be useful in defining change management interventions for organisations using the data of the ISCA survey. Employees’ perception and acceptance of change to ensure information security and the effectiveness of the information security training initiatives improved significantly from the as-is survey to the follow-up survey. Research limitations/implications The research illustrates the ISCCM approach and shows how it should be combined with the ISCA diagnostic instrument. Future research will focus on including a qualitative assessment of information security culture to complement the empirical data. Practical implications Organisations do not have to rely on or adapt organisational development approaches to change their information security culture – they can use the proposed ISCCM approach, which has been customised from information security and change management approaches, together with the presented ISCA questionnaire, to address information security culture change purposefully. Originality/value The proposed ISCCM approach can be applied to complement existing information security management approaches through a holistic and structured approach that combines the ADKAR model, Prosci’s approach of change management and the ISCA diagnostic instrument. It will enable organisations to focus on transitioning to a positive or desired information security culture that mitigates the risk of the human element in the protection of information.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:01Z
      DOI: 10.1108/ICS-08-2017-0056
       
  • MMSPhiD: a phoneme based phishing verification model for persons with
           visual impairments
    • Pages: 613 - 636
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 613-636, November 2018.
      Purpose This paper aims to propose a model entitled MMSPhiD (multidimensional similarity metrics model for screen reader user to phishing detection) that amalgamates multiple approaches to detect phishing URLs. Design/methodology/approach The model consists of three major components: machine learning-based approach, typosquatting-based approach and phoneme-based approach. The major objectives of the proposed model are detecting phishing URL, typosquatting and phoneme-based domain and suggesting the legitimate domain which is targeted by attackers. Findings The result of the experiment shows that the MMSPhiD model can successfully detect phishing with 99.03 per cent accuracy. In addition, this paper has analyzed 20 leading domains from Alexa and identified 1,861 registered typosquatting and 543 phoneme-based domains. Research limitations/implications The proposed model has used machine learning with the list-based approach. Building and maintaining the list shall be a limitation. Practical implication The results of the experiments demonstrate that the model achieved higher performance due to the incorporation of multi-dimensional filters. Social implications In addition, this paper has incorporated the accessibility needs of persons with visual impairments and provides an accessible anti-phishing approach. Originality/value This paper assists persons with visual impairments on detection phoneme-based phishing domains.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:10Z
      DOI: 10.1108/ICS-12-2017-0091
       
  • Impact of cyberattacks on stock performance: a comparative study
    • Pages: 637 - 652
      Abstract: Information and Computer Security, Volume 26, Issue 5, Page 637-652, November 2018.
      Purpose The study uses cyberattacks announcements on 96 firms that are listed on S&P 500 over the period from January 03, 2013, to December 29, 2017. Design/methodology/approach The empirical analysis was performed in two ways: cross-section and industry level. The authors use statistical tests that account for the effects of cross-section correlation in returns, returns series correlation, volatility changes and skewness in the returns. Findings These imply that studying the cumulative effects of cyberattacks on prices of listed firms without grouping them into the various sectors may be non-informative; financial sector firms tend to react cumulatively to cyberattacks over a three-day period than other sectors; and technology firms tend to be less reactive to the announcement of a data breach. Such firms may possibly have the necessary tools and techniques to address large-scale cyberattacks. Research limitations/implications For cross-section analysis, the outcome shows that the market does not significantly react to cyberattacks for all the event windows, except [−30, 30], while for the sector-level analysis, the analysis offers two main results. Practical implications First, while there is a firm reaction to cyberattacks for long event window for retail sector, there is no evidence of a cumulative firm reaction to cyberattacks for both short and long event windows for the industrial, information technology and health sectors. Second, the firms in the financial sector, there is a strong evidence of cumulative reaction to cyberattacks for [−1, 1] for the financial industry, and the reactions disappear for relatively longer event windows. Social implications These imply that studying the cumulative effects of cyberattacks on prices of listed firms without grouping them into the various sectors may be non-informative, the financial sector firms tend to react cumulatively to cyberattacks over a three-day period than other sectors, technology firms tend to be less reactive to the announcement of a data breach, possibly such firms may have the necessary tools and techniques to address large-scale cyberattacks. Originality/value The work provides new insights into the effect of cyber security on stock prices.
      Citation: Information and Computer Security
      PubDate: 2018-11-22T02:50:28Z
      DOI: 10.1108/ICS-05-2018-0060
       
 
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
Fax: +00 44 (0)131 4513327
 
Home (Search)
Subjects A-Z
Publishers A-Z
Customise
APIs
Your IP address: 34.228.115.216
 
About JournalTOCs
API
Help
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-