PurposeThe purpose of this paper is to examine the practical issues, techniques and learning points associated with information security awareness and organizational change programmes.Design/methodology/approachThe paper is based on the findings and conclusions of research, observations and projects carried out in large organizations over the last two decades. It highlights failings and critical success factors in contemporary approaches to transform organizational culture. It draws on theory and research from the industrial safety field, and discusses its relevance in the information security field.FindingsThe paper identifies the primary reasons why many contemporary enterprise security awareness programmes are ineffective. It discusses the nature of the problem and solution space, identifying the practical issues and opportunities, and gives recommendations on how future programmes can be improved.Research limitations/implicationsThe paper identifies gaps in current research, including the need to confirm whether or not certain findings about incidents in safety field might be applicable to security incidents. It calls for a new approach to information security management that incorporates theory and techniques drawn from psychology and marketing.Practical implicationsThe paper is intended to educate students and researchers working in the information security field on issues and techniques associated with information security awareness and organizational change programmes. It also provides practical advice for business organizations on how to design and implement such programmes.Originality/valueThe paper takes a fresh approach to the subject, examining the relevance of theory and techniques adapted from other fields and drawing new conclusions about the requirements and approach for effective information security awareness and organizational change programmes.
Purpose – This paper aims to present the findings of a study examining fraud in the workplace setting, principally in the Australasian context. Although prior research into occupational fraud is conceptually rich, there is a lack of empirical evidence of this important but elusive problem. Design/methodology/approach – Based on investigative data from 14 participating firms, the paper provides insights into the gender breakdowns and stated motivations of offenders. The paper also provides evidence of the number of investigations, interviews and reports to law enforcement in these firms. Findings – The study finds that genders are evenly balanced for most firms, with females significantly outnumbering males in banking firms. Self-imposed financial hardship was the most popular motivator. Of the number of admissions to wrongdoing, only half were subsequently reported to law enforcement. Research limitations/implications – Particularly complex or advanced types of occupational fraud may go unreported or undetected: as a result, the figures presented in this study may be incomplete. Reported figures are based largely on historical data provided by respondents, and the authors are unable to report accurate details of the respondent firms. This makes it difficult to determine the frequency of offending against the background population. Practical implications – Investigators should continue to look for changes in the life circumstances of their staff. Such changes will give an indication of instances of staff living beyond their means and the sudden financial pressures that can compel occupational fraud. Instead of trying to supervise staff to an impractical degree, managers and proprietors would be well advised to be alert to the kind of pressures that their staff might experience. Social implications – Social control and detection measures are likely to be easier to implement and less invasive than technical controls. The study provides additional pressure to update traditional conceptualisations of the male white collar offender. While male offenders were responsible for larger losses per case, females were more numerous in the summary offence data. Originality/value – Gaining insights into the problem of employee fraud and white collar crime is difficult. The authors’ contribution in this paper is to provide empirical insights into the makeup of white collar offenders, including insights on gender.
Purpose The purpose of this paper is to present the findings from a literature review, which aimed to identify previous studies evaluating cryptolaundering from a systems thinking perspective. The aim of this paper is to first confirm that cryptolaundering systems can indeed be defined as complex socio-technical systems and second to present the findings from a systematic review of the literature to determine the extent to which previous research has adopted a systems thinking perspective. Design/methodology/approach The study involved a SLR of studies published in the peer-reviewed literature between 2009 and 2018. Rasmussen’s risk management framework (Rasmussen, 1997) was used to evaluate the extent to which a systems thinking perspective had been adopted. Findings The cryptolaundering process is considered to be a complex socio-technical system. The review demonstrates that no previous studies have defined cryptolaundering as a complex socio-technical system or used systems thinking framework approach to evaluate how criminals, regulatory bodies or law enforcement entities understand processes and assess risk within cryptolaundering systems. It is argued that using such an approach to the cryptolaundering process would likely improve assessing criminal risk analyses of cryptolaundering and assist law enforcement and regulatory bodies with understanding risk management during the laundering of cryptocurrencies. Originality/value Future assessments of cryptolaundering using socio-technical system analytical processes may afford law enforcement and regulatory bodies the opportunity to improve intervention techniques and identify gaps in regulations and enforcement.
This paper reports on a project concerned with developing a return on investment (ROI) performance metric for a law enforcement organisation. The paper's contributions are twofold. First, it addresses concerns in the literature about how different stakeholder interests are balanced in the development of performance measures. Second, it helps to remedy an oversight in the literature regarding the hybridisation of accounting and economic expertise, whereby cost benefit techniques and ROI combine to produce a metric of public sector achievements. By virtue of its law enforcement context the paper also discusses a further hybridisation where accounting, economics and criminology/law enforcement intersect.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.