Improving Corporate Information Security through Policy, Monitoring and Tools

Improving Corporate Information Security through Policy, Monitoring and Tools

Cluster :

 eBusiness

 

Session Information

 : Tuesday Oct 16, 08:00 - 09:30

 

Title: 

Improving Corporate Information Security through Policy, Monitoring and Tools

Chair: 

Sam Ransbotham,Boston College, 140 Commonwealth Ave, Chestnut Hill MA 02467, United States of America, sam.ransbotham@bc.edu

 

Abstract Details

 

Title: 

Is Corporate Social Responsibility Good for IS Security?

 

Presenting Author: 

John D'Arcy,University of Delaware, Newark DE, United States of America, jdarcy@udel.edu

 

Abstract: 

Using a combined dataset of security breaches (2005-2010) and ratings on over 30 different dimensions of corporate social responsibility (CSR), we explore the relationship between CSR and IS security breaches. Drawing on signaling theory, we hypothesize that internal breaches are less likely as CSR practices increase. However, we also predict a positive relationship between CSR and external breaches. Contingency factors that influence these relationships will be discussed.

 

 

Title: 

How Does Continuous Auditing and Monitoring Impact Employees’ Intentions to Commit Fraud?

 

Presenting Author: 

France Bélanger,Professor, Virginia Tech, 3007 Pamplin Hall, Blacksburg VA 24061, United States of America, belanger@vt.edu

 

Co-Author: 

Kathy Enget,PhD Candidate, Virginia Tech, 3007 Pamplin Hall, Blacksburg VA 24061, United States of America, kenget@vt.edu

 

Abstract: 

Employee fraud has a potentially broad impact. Continuous auditing and monitoring (CA/CM) can be a valuable tool in this situation. This research explores CA/CM impacts on the fraud triangle via interviews and then with a vignette-based survey. The proposed vignettes focus on a manager needing to meet sales targets. With CA/CM, we expect to find lower intentions to commit fraud, lower perceived opportunities, no change in perceived pressures, and no change or lower ability to justify fraud.

 

 

Title: 

Impact of Anti-phishing Tool Performance on Attack Success Rates

 

Presenting Author: 

Ahmed Abbasi,University of Virginia, Rouss and Robertson Halls, Charlottesville VA, United States of America, abbasi@comm.virginia.edu

 

Co-Author: 

Yan Chen,University of Wisconsin-Milwaukee, 3202 N. Maryland Ave., Milwaukee WI, United States of America, yanchen@uwm.edu

 

 

Mariam Zahedi,University of Wisconsin-Milwaukee, 3202 N. Maryland Ave., Milwaukee WI, United States of America, zahedi@uwm.edu

 

Abstract: 

Phishing website-based attacks continue to present significant problems for individual and enterprise-level security. While the performance of anti-phishing tools has improved, it remains unclear how effective such tools really are at protecting users. In this study, an experiment involving over 900 participants was used to evaluate the impact of anti-phishing tool performance on users’ ability to avoid different types of phishing threats.