Leadership of information security manager on the effectiveness of information systems security for secure sustainable computing

Sustainability (United States)

Volumn 8, Issue 7, 2016, Pages

  Choi, Myeonggil ^a  

^a Chung Ang University   (South Korea)

Author keywords

Enforcement of information security policy; Information security effectiveness; Information security manager; Relevance of information security policy; Sustainable computing; Transformational leadership

Indexed keywords

ALGORITHM; DATA ACQUISITION; INFORMATION SYSTEM; LEADERSHIP; POLICY IMPLEMENTATION; SECURITY; STAKEHOLDER; SUSTAINABLE DEVELOPMENT;

KOREA;

EID: 84982693888     PISSN: 19370695     EISSN: None     Source Type: Journal    
DOI: 10.3390/su8070638     Document Type: Article

References (81)

1. Irani, Z.; Love, P.E.; Montazemi, A. E-Government: Past, present and future. Eur. J. Inf. Syst. 2007, 16, 103-105.
2. Zheng, D.; Chen, J.; Huang, L.; Zhang, C. E-Government Adoption in Public Administration Organizations: Integrating Institutional Theory Perspective and Resource-Based View. Eur. J. Inf. Syst. 2013, 22, 221-234.
3. Harmon, R.R.; Auseklis, N. Sustainable IT Services: Assessing the Impact of Green Computing Practices. In Proceedings of the Portland International Conference on Management of Engineering & Technology, Portland, OR, USA, 2-6 August 2009.
4. Müller, G.; Sonehara, N.; Echizen, I.; Wohlgemuth, S. Sustainable Cloud Computing. Bus. Inf. Syst. Eng. 2011, 3, 129-131.
5. Clifford, A. Sustainable IT. Available online: http://it.toolbox.com/blogs/minimalit/sustainable-it-30157 (accessed on 9 June 2009).
6. Coursey, D.; Norris, D.F. Models of E-Government: Are They Correct? An Empirical Assessment. Public Adm. Rev. 2008, 68, 523-536.
7. Alge, B.J.; Ballinger, G.A.; Tangirala, S.; Oakley, J.L. Information Privacy in Organizations: Empowering Creative and Extrarole Performance. J. Appl. Psychol. 2006, 91, 221-232.
8. Stanton, J.M.; Stam, K.R.; Mastrangelo, P.; Jolton, J. Analysis of End User Security Behaviors. Comput. Secur. 2005, 24, 124-133.
9. Feng, N.;Wang, H.J.; Li, M.Q. A Security Risk Analysis Model for Information Systems: Causal Relationships of Risk Factors and Vulnerability Propagation Analysis. Inf. Sci. 2014, 256, 57-73.
10. Choi, M.; Lee, C.H. Information Security Management as a Bridge in Cloud Systems from Private to Public Organizations. Sustainability 2015, 7, 12032-12051.
11. Boss, S.R.; Kirsch, L.J.; Angermeier, I.; Shingler, R.A.; Boss, R.W. If Someone isWatching, I'll Do What I'm Asked: Mandatoriness, Control, and Information Security. Eur. J. Inf. Syst. 2009, 18, 151-164.
12. Hill, L.B.; Pemberton, J.M. Information Security: An Overview and Resource Guide for Information Managers. Rec. Manag. Q. 1995, 29, 14-24.
13. Burney, C. Roles and Responsibilities of the Information Systems Security Officer; Auerbach Publication, CRC Press LLC: New York, NY, USA, 2003.
14. Rohmeyer, P. An Evaluation of Information Security Management Effectiveness. Ph.D. Thesis, Stevens Institute of Technology, Hoboken, NJ, USA, September 2006.
15. Bulgurcu, B.; Cavusoglu, H.; Benbasat, I. Information Security Policy Compliance: An Empirical Study of Rationality Based Beliefs and Information Security Awareness. MIS Q. 2010, 34, 523-548.
16. Posey, C.; Roberts, T.L.; Lowry, P.B.; Bennett, R.J.; Courtney, J.F. Insiders' Protection of Organizational Information Assets: Development of a Systematics-Based Taxonomy and Theory of Diversity for Protection-Motivated Behaviors. MIS Q. 2013, 37, 1189-1210.
17. Wall, J.D.; Palvia, P.; Lowry, P.B. Control-Related Motivations and Information Security Policy Compliance: The Role of Autonomy and Efficacy. J. Inf. Priv. Secur. 2013, 9, 52-79.
18. Westphal, J.D.; Clement, M.B. Sociopolitical Dynamics in Relations between Top Managers and Security Analysts: Favor Rendering, Reciprocity, and Analyst Stock Recommendations. Acad. Manag. J. 2008, 51, 873-897.
19. Sun, P.L.; Ku, C.Y.; Shih, D.H. An Implementation Framework for E-Government 2.0. Telemat. Inform. 2015, 32, 504-520.
20. UNPOG. E-Government of Korea: Best Practices; Ministry of Public Administration and Security, National Information Society Agency: Seoul, Korea, 2009.
21. Ryu, S.H.; Jeong, D.R.; Jung, H.K.Ways to Establish Public Authorities Information Security Governance Utilizing E-Government Information Security Management System (G-ISMS). Korea Inst. Inf. Commun. Eng. 2013, 17, 769-774.
22. Dhillon, G.; Backhouse, J. Current Directions in IS Security Research: Towards Socio-Organizational Perspectives. Inf. Syst. J. 2001, 11, 127-153.
23. Hu, Q.; Dinev, T.; Hart, P.; Cooke, D. Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture. Decis. Sci. 2012, 43, 615-660.
24. Knapp, K.J.; Marshall, T.E.; Kelly Rainer, R.; Nelson Ford, F. Information Security: Management's Effect on Culture and Policy. Inf. Manag. Comput. Secur. 2006, 14, 24-36.
25. Eagly, A.H.; Wood, W.; Diekman, A.B. Social Role Theory of Sex Differences and Similarities: A Current Appraisal. In The Developmental Social Psychology of Gender; Eckes, T., Trautner, H.M., Eds.; Psychology Press: New York, NY, USA, 2000; Volume 5, pp. 123-174.
26. Long, C.L. A Socio-Technical Perspective on Information Security Knowledge and Attitudes. Ph.D. Thesis, The University of Texas at Austin, Austin, TX, USA, September 1999.
27. Kim, S.; Choi, M. Educational Requirement Analysis for Information Security Professionals in Korea. J. Inf. Syst. Educ. 2002, 13, 237-248.
28. Kim, H.; Han, Y.; Choi, M.; Kim, S. Curriculum Design and Evaluation for E-Commerce Security Education Using AHP. IEICE Trans. Inf. Syst. 2007, 90, 668-675.
29. Wylder, J. The Life Cycle of Security Managers; Auerbach Publication, CRC Press LLC: New York, NY, USA, 2001.
30. Luftman, J. Managing the Information Technology Resource: Leadership in the Information Age; Prentice Hall: Upper Saddle River, NJ, USA, 2003.
31. Chaudhry, P.E.; Chaudhry, S.S.; Reese, R.; Jones, D.S. Enterprise Information Systems Security: A Conceptual Framework; Møller, C., Chaudhry, S., Eds.; Springer: Berlin/Heidelberg, Germany, 2012.
32. Moulton, R.; Coles, R.S. Applying Information Security Governance. Comput. Secur. 2003, 22, 580-584.
33. Straub, D.W.; Nance,W.D. Discovering and Disciplining Computer Abuse in Organizations: A Field Study. MIS Q. 1990, 14, 45-60.
34. Straub, D.W. Effective IS security: An empirical study. Inf. Syst. Res. 1990, 1, 255-276.
35. Gopal, R.D.; Sanders, G.L. Preventive and Deterrent Controls for Software Piracy. J. Manag. Inf. Syst. 1997, 13, 29-47.
36. Peace, A.G.; Galletta, D.F.; Thong, J.Y. Software Piracy in the Workplace: A Model and Empirical Test. J. Manag. Inf. Syst. 2003, 20, 153-177.
37. Siponen, M.; Vance, A. Neutralization: New Insights into the Problem of Employee Information Systems Security Policy Violations. MIS Q. 2010, 34, 487-502.
38. Hu, Q.; Xu, Z.; Dinev, T.; Ling, H. Does Deterrence Work in Reducing Information Security Policy Abuse by Employees? Commun. ACM 2011, 54, 54-60.
39. Wiant, T.L. Information Security Policy's Impact on Reporting Security Incidents. Comput. Secur. 2005, 24, 448-459.
40. Parker, D.B. Computer Security Management; Reston Publication, Prentice-Hall: Reston, VA, USA, 1981.
41. Avolio, B.J.; Walumbwa, F.O.; Weber, T.J. Leadership: Current Theories, Research, and Future Directions. Annu. Rev. Psychol. 2009, 60, 421-449.
42. Yukl, G. Leadership in Organizations; Prentice-Hall: Upper Saddle River, NJ, USA, 2010.
43. Burns, J.M. Leadership; Harper & Row: New York, NY, USA, 1978.
44. Bass, B.M. Leadership and Performance beyond Expectations; Free Press: Collier Macmillan, NY, USA, 1985.
45. Avolio, B.J. Leadership Development in Balance: Made/Born; Psychology Press: Mahwah, NJ, USA, 2005.
46. Lowe, K.B.; Gardner, W.L. Ten Years of the Leadership Quarterly: Contributions and Challenges for the Future. Leadersh. Q. 2000, 11, 459-514.
47. Graen, G.B.; Uhl-Bien, M. Relationship-Based Approach to Leadership: Development of Leader-Member Exchange (LMX) Theory of Leadership over 25 Years: Applying a Multi-Level Multi-Domain Perspective. Leadersh. Q. 1995, 6, 219-247.
48. Avolio, B.J. Full Leadership Development: Building the Vital Forces in Organizations; Sage Publication: Thousand Oaks, CA, USA, 1999.
49. Judge, T.A.; Piccolo, R.F. Transformational and Transactional Leadership: A Meta-Analytic Test of Their Relative Validity. J. Appl. Psychol. 2004, 89, 755-768.
50. Walumbwa, F.O.; Avolio, B.J.; Gardner, W.L.; Wernsing, T.S.; Peterson, S.J. Authentic Leadership: Development and Analysis of a Multidimensional Theory-Based Measure. J. Manag. 2008, 34, 89-126.
51. Liao, H.; Chuang, A. Transforming Service Employees and Climate: A Multilevel, Multisource Examination of Transformational Leadership in Building Long-Term Service Relationships. J. Appl. Psychol. 2007, 92, 1006-1019.
52. Piccolo, R.F.; Colquitt, J.A. Transformational Leadership and Job Behaviors: The Mediating Role of Core Job Characteristics. Acad. Manag. J. 2006, 49, 327-340.
53. Wang, H.; Law, K.S.; Hackett, R.D.; Wang, D.; Chen, Z.X. Leader-Member Exchange as a Mediator of the Relationship between Transformational Leadership and Followers' Performance and Organizational Citizenship Behavior. Acad. Manag. J. 2005, 48, 420-432.
54. Bass, B.M.; Avolio, B.J.; Jung, D.I.; Berson, Y. Predicting Unit Performance by Assessing Transformational and Transactional Leadership. J. Appl. Psychol. 2003, 85, 207-218.
55. Schaubroeck, J.; Lam, S.S.; Cha, S.E. Embracing Transformational Leadership: Team Values and the Impact of Leader Behavior on Team Performance. J. Appl. Psychol. 2007, 92, 1020-1030.
56. Jansen, J.J.; Vera, D.; Crossan, M. Strategic Leadership for Exploration and Exploitation: The Moderating Role of Environmental Dynamism. Leadersh. Q. 2009, 20, 5-18.
57. Kahai, S.S.; Sosik, J.J.; Avolio, B.J. Effects of Leadership Style, Anonymity, and Rewards on Creativity-Relevant Processes and Outcomes in an Electronic Meeting System Context. Leadersh. Q. 2003, 14, 499-524.
58. Kark, R.; Shamir, B.; Chen, G. The Two Faces of Transformational Leadership: Empowerment and Dependency. J. Appl. Psychol. 2003, 88, 246-255.
59. Lord, R.G.; Brown, D.J. Leadership, Values, and Subordinate Self-Concepts. Leadersh. Q. 2001, 12, 133-152.
60. Lord, R.G.; Brown, D.J. Leadership Processes and Follower Self-Identity; Psychology Press: Mahwah, NJ, USA, 2004.
61. Avolio, B.J.; Bass, B.M.; Jung, D.I. Re-Examining the Components of Transformational and Transactional Leadership Using the Multifactor Leadership. J. Occup. Organ. Psychol. 1999, 72, 441-462.
62. Lowe, K.B.; Kroeck, K.G.; Sivasubramaniam, N. Effective Correlation of Transformational and Transactional Leadership: A Meta-Analytical Review. Leadersh. Q. 1996, 7, 385-425.
63. Kemp, M. Beyond Trust: Security Policies and Defence in Depth. Netw. Secur. 2005, 2005, 14-16.
64. Thomson, K.L.; von Solms, R. Towards an Information Security Competence Maturity Model. Comput. Fraud Secur. 2006, 2006, 11-15.
65. Knapp, K.J.; Marshall, T.E.; Rainer, R.K., Jr.; Ford, F.N. Information Security Effectiveness: Conceptualization and Validation of a Theory. Int. J. Inf. Secur. Priv. 2007, 1, 37-60.
66. Glaser, B.G.; Strauss, A.L. The Discovery of Grounded Research: Strategies for Qualitative Research; Aldine Transaction: New Brunswick, NJ, USA; London, UK, 1967.
67. Hone, K.; Eloff, J.H.P. Information Security Policy-What Do International Security Standards Say? Comput. Secur. 2002, 21, 402-409.
68. Karyda, M.; Kiountouzis, E.; Kokolakis, S. Information Systems Security Policies: A Contextual Perspective. Comput. Secur. 2005, 24, 246-260.
69. Hagen, J.M.; Albrechtsen, E.; Hovden, J. Implementation and Effectiveness of Organizational Information Security Measures. Inf. Manag. Secur. 2008, 16, 377-397.
70. Kankanhalli, A.; Teo, H.H.; Tan, B.C.; Wei, K.K. An Integrative Study of Information Systems Security Effectiveness. Int. J. Inf. Manag. 2003, 23, 139-154.
71. Straub, D.W. Coping with Systems Risk: Security Planning Models for Management Decision Making. MIS Q. 1998, 22, 441-469.
72. Viator, R.E. The Relevance of Transformational Leadership to Nontraditional Accounting Services: Information Systems Assurance and Business Consulting. J. Inf. Syst. 2001, 15, 99-125.
73. Podsakoff, P.M.; MacKenzie, S.B.; Moorman, R.H.; Fetter, R. Transformational Leader Behavior and Their Effects on Followers' Trust in Leader, Satisfaction, and Organizational Citizenship Behaviors. Leadersh. Q. 1990, 1, 107-142.
74. Ke, W.; Wei, K.K. Organizational Culture and Leadership in ERP Implementation. Decis. Support Syst. 2008, 45, 208-218.
75. Pavlou, P.A.; Fygenson, M. Understanding and Predicting Electronic Commerce Adoption: An Extension of the Theory of Planned Behavior. MIS Q. 2006, 30, 115-143.
76. Chin, W.W. Issues and Opinion on Structural Equation Modeling. MIS Q. 1998, 22, 7-16.
77. Baron, R.M.; Kenny, D.A. The Moderator-Mediator Variable Distinction in Social Psychological Research: Conceptual, Strategic, and Statistical Considerations. J. Personal. Soc. Psychol. 1986, 51, 1173-1182.
78. Ma, Q.; Johnston, A.C.; Pearson, J.M. Information Security Management Objectives and Practices: A Parsimonious Framework. Inf. Manag. Comput. Secur. 2008, 16, 251-270.
79. Von Solms, B.; von Solms, R. The 10 deadly sins of information security management. Comput. Secur. 2004, 23, 371-376.
80. Frumkin, P.; Galaskiewicz, J. Institutional Isomorphism and Public Sector Organizations. J. Public Adm. Res. Theory 2004, 14, 283-307.
81. Al-Mailam, F.F. Transactional versus Transformational Style of Leadership-Employee Perception of Leadership Efficacy in Public and Private Hospitals in Kuwait. Qual. Manag. Health Care 2004, 13, 278-284.