Journal of Organizational Computing and Electronic Commerce最新文献

{"title":"A new direction to better understand post-adoption behavior: The theory of need for information systems","authors":"Jiming Wu","doi":"10.1080/10919392.2019.1554281","DOIUrl":"https://doi.org/10.1080/10919392.2019.1554281","url":null,"abstract":"ABSTRACT A comprehensive review of the information systems literature suggests that the traditional perception–intention–usage framework may be deficient in explaining post-adoption behaviors. As an effort to fill this gap, the current paper presents a new theory – the theory of need for information systems (TNIS) – and introduces two new constructs – need for technology and need for information. Drawing on the needs-based perspective on behaviors, TNIS conceptualizes these two need constructs as the key predictors of continuance intention and usage. The current paper also discusses useful insights, important implications, and an appropriate instrument for measuring the two new constructs. This study thus contributes to a novel framework to advance theoretical understanding of post-adoption behaviors and to direct future research toward new avenues.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"115 - 124"},"PeriodicalIF":2.9,"publicationDate":"2019-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1554281","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"59758983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A morphological review of enterprise social media literature","authors":"Suchitra Veeravalli, V. Vijayalakshmi","doi":"10.1080/10919392.2019.1583456","DOIUrl":"https://doi.org/10.1080/10919392.2019.1583456","url":null,"abstract":"ABSTRACT Introduction of Enterprise Social Media (ESM) in organizations is driven by a need to improve communication and knowledge sharing within the enterprise. Studies show that soon after ESM adoption, there is some initial enthusiasm and subsequently there is a perceptible drop in usage. A review of ESM literature in a morphological framework, with the aim of demystifying the troubling trend, is presented here. Morphological analysis of literature helps exhibit relevant work on ESM in a framework consisting of dimensions and options from which insights can be derived. The framework developed depicts ESM literature through seven dimensions – organizational level factors influencing ESM, unit of analysis, business objectives of ESM adoption, individual level factors influencing ESM, theoretical framework used, outcomes of adoption, and context of ESM implementation. For each of the dimensions, relevant options were explored and listed. Preliminary observation indicates that at an individual level, themes such as absorptive capacity and lurking behavior of individuals need to be studied in the context of ESM. At an organizational level, the impact of human resources (HR) policies on ESM adoption, uses of ESM for internal crowdsourcing need to be evaluated. Practitioners can use these findings to assess and design their ESM strategies and for academicians, the morphological framework reveals the state of current research in the field and identifies gaps for further research in specific areas of ESM.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"139 - 162"},"PeriodicalIF":2.9,"publicationDate":"2019-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1583456","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42474215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Should executives go to jail over cybersecurity breaches?","authors":"Dave Chatterjee","doi":"10.1080/10919392.2019.1568713","DOIUrl":"https://doi.org/10.1080/10919392.2019.1568713","url":null,"abstract":"ABSTRACT The Consumer Data Protection Act, a new bill introduced by Senator Ron Wyden, is proposing “jail time of up to 20 years for executives who knowingly sign off on incorrect or inaccurate annual certifications of their companies’ data-security practices.” The bill also recommends that companies be fined “up to 4 percent of their annual revenue.” While the critics consider the penalties too harsh and severe, the proposed legislation reflects two key realities – a) active involvement and commitment of senior management is essential to achieving a high level of cybersecurity preparedness; and b) legislation and fear of severe penalties (such as Sarbanes-Oxley Act of 2002 and European Union’s General Data Protection Regulation) is often necessary to motivate desired organizational behavior. In an increasingly digital ecosystem characterized by high levels of electronic connectivity, vulnerability to cyberattacks is growing. Organizations are in a perpetual state of breach with rapidly expanding attack surfaces and evolving threat vectors. Protecting confidential data and related digital assets is becoming critical to survival and success. Senior management must come to terms with this new business reality and give strategic priority to cybersecurity preparedness and investments. Research finds active involvement of top management in cyber risk mitigation initiatives to be a critical success factor and best practice. The onus is also on senior management to create a high-performance security culture founded on three key cornerstones – commitment, preparedness, and discipline. They also must lead the charge in establishing a cybersecurity governance structure characterized by joint ownership, responsibility, and accountability.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"1 - 3"},"PeriodicalIF":2.9,"publicationDate":"2019-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1568713","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47984318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cryptojacking injection: A paradigm shift to cryptocurrency-based web-centric internet attacks","authors":"Aaron Zimba, Zhaoshun Wang, Mwenge Mulenga","doi":"10.1080/10919392.2019.1552747","DOIUrl":"https://doi.org/10.1080/10919392.2019.1552747","url":null,"abstract":"ABSTRACT Crypto-mining attacks have emerged as a new generation of web-based attacks which have seen cybercriminals eschew the infamous crypto ransomware. The watering hole attack vector has by far been the most widely employed attack methodology but it faces the task of luring the victim to the infected web resources. However, cryptojacking injection presents a paradigm shift to web-based crypto-mining attacks in that it eliminates the need for a pivotal third-party such as the exploitable web server. Thus, instead of attacking credit card and other private information of e-commerce users, attackers seek to maliciously abuse a victim’s CPU to generate cryptocurrency. In this paper, we investigate and evaluate cryptojacking injection – a state-of-the-art web-centric attack vector in the crypto-mining attacks landscape. We formulate an attack model based on finite state machines which depicts the various breaches of confidentiality, integrity and availability in the web system as the attack progresses. We show how this new attack vector attacks some of the core components of e-commerce (URL, HTTP and HTML) to generate Monero crypto currency from benign web users. We evaluate our modeling approach with a series of experiments with two attack scenarios using different operating systems. Results show that the attack is indeed cross-platform and feasible on any operating system of a browser-capable device. We analyze the generated network traffic during the attack and draw features such as URLs and the parsed files, the associated cryptographic hashes, and the IP addresses of the crypto-mining domains. These, together with host-based features such as exhaustive CPU usage can be used as indicators of compromise and subsequently act as feed into intrusion detection systems.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"40 - 59"},"PeriodicalIF":2.9,"publicationDate":"2019-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1552747","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47307687","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Violators versus non-violators of information security measures in organizations—A study of distinguishing factors","authors":"H. Khan, Khalid A. Alshare","doi":"10.1080/10919392.2019.1552743","DOIUrl":"https://doi.org/10.1080/10919392.2019.1552743","url":null,"abstract":"ABSTRACT The present study analyzes the elements that differentiate violators from non-violators of information security measures. Various elements are derived from established theories and models such as general deterrence theory, theory of planned behavior, theory of reasoned action, protection motivation theory, and social cognitive theory. To examine these factors, the data are gathered through an online study conducted in a Midwestern University, USA. The data are collected using questionnaires, and after scrutiny, 195 questionnaires are selected for final analysis. This data are analyzed using second-level statistical techniques, such as chi-square analysis and ANOVA. Results reveal that violators and non-violators of information security measures differ significantly with respect to many factors. These factors include perceived privacy, subjective norms, perceived information security policy (ISP) scope, perceived severity of penalty, perceived celerity of penalty, management support, organizational security culture, and perceived organizational IT capability. The non-significant factors are trust and work load. Implications for practitioners and researchers are provided.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"23 - 4"},"PeriodicalIF":2.9,"publicationDate":"2019-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1552743","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43826929","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Spear phishing in a barrel: Insights from a targeted phishing campaign","authors":"A. Burns, M. E. Johnson, Deanna D. Caputo","doi":"10.1080/10919392.2019.1552745","DOIUrl":"https://doi.org/10.1080/10919392.2019.1552745","url":null,"abstract":"ABSTRACT Executives in many industries have fallen prey to socially engineered attacks known as spear phishing. Using highly targeted emails, social engineers trick victims into performing unintended actions by masquerading as legitimate actors. To shed light on effective spear phishing training, we conducted a multi-round experiment. Our results indicate that training users with individual loss messaging might increase the effectiveness of the training. Additionally, we found potential evidence that organizational training can lead to increased overall spear phishing awareness, even for those not directly trained. Despite these promising results, however, individuals’ susceptibility to highly targeted spear phishing attacks remains troubling for practitioners and researchers.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"29 1","pages":"24 - 39"},"PeriodicalIF":2.9,"publicationDate":"2019-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2019.1552745","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45248576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Profile of JOCEC contributors","authors":"C. Holsapple","doi":"10.1080/10919392.2018.1523353","DOIUrl":"https://doi.org/10.1080/10919392.2018.1523353","url":null,"abstract":"When considering where to submit an article for possible publication, one factor a researcher may want to assess is whether a candidate journal’s contributor profile is consistent with the kind of company his/her research deserves/aspires to keep. The following profile of contributors to the Journal of Organizational Computing and Electronic Commerce is suggestive of the stature of JOCEC as a venue for publishing research about topics related to e-commerce and organizational computing. Over the past dozen years, articles published in JOCEC have been authored by researchers at such U.S. universities as:","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"28 1","pages":"291 - 293"},"PeriodicalIF":2.9,"publicationDate":"2018-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2018.1523353","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45745873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Isn’t it about time to meet DORA?","authors":"C. Holsapple","doi":"10.1080/10919392.2018.1522774","DOIUrl":"https://doi.org/10.1080/10919392.2018.1522774","url":null,"abstract":"Given that DORA is rarely mentioned in scholarly journals devoted to the information systems (IS) field, it is likely safe to say that most contributors to, and users of, this and other IS journals are unfamiliar with DORA. Although the same holds for other functional areas of business, the situation is quite different in scientific and medical disciplines. Just maybe, these disciplines are onto something – something that could benefit ongoing development and recognition of IS as a discipline. So, what is DORA? Should we care? Why? The answers are important for shaping the development/future of IS as a scholarly discipline, encouraging/facilitating innovation in IS research, allowing/fostering research liberty for young IS scholars, and spurring a productive academic career that avoids disillusionment. Before addressing the questions, think about the state of approaches to evaluating researchers for merit, promotion, tenure, or funding purposes. Disregarding intrusions of organizational politics and personal relationships (which can be quite vexing to those on the short end of power), it seems typical to focus on where a researcher has published his or her work. It is most common for evaluation to focus on placement of articles in journals. This is usually the case for IS, other business disciplines, physical sciences, live sciences, and medical fields. Simply put, the value of a publication is considered to depend primarily on the journal in which it appears. In other words, the value of a gift is considered to depend on judgments about the wrapping that contains it, rather than the nature or utility of the gift itself (Zhang, Rousseau, and Sivertsen 2017). If it has a particular wrapping, then it must certainly be of the highest value. It follows that, if packaged in a different type of wrapping, that very same gift must be less valuable. Adopting such a method for evaluating a researcher’s work means that an article is judged to have less/more merit if it appears in one journal rather than another. Being in one journal versus another somehow diminishes/improves an article’s merit. The article is perceived as becoming imbued with a halo that a journal exudes, and that halo is seen as defining the article’s value. Adopting the halo method of research evaluation transforms the problem from one of assessing the merit of individual articles to the task of assessing the merit of individual journals (i.e., the strengths of their halos; the shininess/aesthetics/approval signaled by the wrapping papers). To support the efforts of evaluators, various approaches have been advanced/adopted for settling on the relative merits of journals in a field. Ultimately, it is the evaluator (or evaluator’s superiors) who selects what journal evaluation approach will be used in a halo exercise. Approaches range from largely subjective to largely objective. Comparative examples of various evaluation approaches can be found in a series of quizzes that are applied to th","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"28 1","pages":"287 - 290"},"PeriodicalIF":2.9,"publicationDate":"2018-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2018.1522774","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47279956","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"From traditional interorganisational systems to cloud-based solutions: The impact on supply chain flexibility","authors":"Evangelia Kopanaki, Panagiota Karvela, N. Georgopoulos","doi":"10.1080/10919392.2018.1517480","DOIUrl":"https://doi.org/10.1080/10919392.2018.1517480","url":null,"abstract":"ABSTRACT The fast changing business environment and the intensive market competition forces firms to adjust and remodel their business strategy continuously. As a solution, firms seek flexibility, not only internally but also at the level of their supply chain. To accomplish this, companies invest in information technology (IT), aiming to improve their business processes and collaboration with trading partners. As previous research supports, the use of IT combined with agile supply chain management improves business performance and offers sustainable competitive advantage. However, the extent to which IT enables and supports supply chain flexibility is still debatable and warrants investigation. Although contemporary Internet-based systems (web-based platforms and cloud-based solutions) seem to overcome the rigidity and inflexibility of traditional interorganisational systems (IOS), they are still associated with issues of interoperability and incompatibility. Although they facilitate supply chain collaboration, by providing access to all stakeholders and enabling information-sharing, they may often lead to closed networks of collaboration. To examine these issues, this paper primarily aims to clarify the notion of flexibility at the level of the supply chain. It also aims to contribute to the process by which organisations effectively evaluate and prioritise competing IT investments. Taking into consideration the multidimensional nature of flexibility, this paper proposes a conceptual framework of supply chain flexibility, distinguishing between the operational, structural, and strategic levels of flexibility. It then uses this framework to explain the impact of IT infrastructures (specifically comprising traditional IOS, web-based collaboration platforms and cloud-based solutions) on the various levels of flexibility. Based on previous research, it identifies specific IT characteristics and provides an approach through which practitioners and researchers can compare different technologies and analyse their benefits and limitations, in terms of supply chain flexibility.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"28 1","pages":"334 - 353"},"PeriodicalIF":2.9,"publicationDate":"2018-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2018.1517480","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48890778","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"EOV Editorial Board","authors":"","doi":"10.1080/10919392.2018.1530083","DOIUrl":"https://doi.org/10.1080/10919392.2018.1530083","url":null,"abstract":"","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"28 1","pages":"378 - 378"},"PeriodicalIF":2.9,"publicationDate":"2018-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2018.1530083","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41690713","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}