Strategies to Minimize the Effects of Information Security Threats on Business Performance

Okoye, Stella Ifeyinwa

01 January 2017

Business leaders in Nigeria are concerned about the high rates of business failure and economic loss from security incidents and may not understand strategies for reducing the effects of information security threats on business performance. Guided by general systems theory and transformational leadership theory, the focus of this exploratory multiple case study was to explore the strategies small and medium-sized enterprise (SME) leaders use to minimize the effects of information security threats on business performance. Semistructured interviews were conducted with 5 SME leaders who worked in SME firms that support oil and gas industry sector in Port Harcourt, Nigeria, had a minimum of 2 years experience in a leadership role, and had demonstrable strategies for minimizing the effects of information security threats in a SME. The thematic analysis of the interview transcripts revealed 10 strategies for reducing the effects of information security threats: network security, physical security, strong password policy, antivirus protection and software update, information security policy, security education training and awareness, network security monitoring and audit, intrusion detection, data backup, and people management. The findings may contribute to social change by providing SME leaders with more insight about strategies to minimize the effects of information security threats on business performance. The improved business performance can increase the flow of funds into the local economy and allow community leaders to provide social services to residents.

Business performance

Cybersecurity

General system theory

Information security threats

Small and medium-sized enterprise

Transformational leadership theory

Databases and Information Systems

Information security and hybrid work : A case study of shifts in perceived information security when working hybridly

Nordmark, John, Källebo Rebermark, Oskar

January 2023

Hybrid work is already a big part of many organizations' structure. This phenomenon presents many new ways of how work is performed and carries new challenges with it. Parallel to that, the importance of working IT securely and coping with IT threats is significant in all fields of work. In this case study, we interview employees at a Swedish IT consultancy company, about their perceptions of hybrid work and their perceived ability to keep information secure in a hybrid work setting. Six employees from the company were selected for interviews. These interviews were then analyzed from the theoretical framework of Protection Motivation Theory which presents ways to explain how individuals are motivated to mediate threats alongside the ISO standard which is used to explain coping behaviors. This study concludes that the employees’ perception regarding the ability to keep information secure while working hybridly is diverse. Furthermore, the office has an important role in perceived security. The final finding reveals that current information security guidelines in ISO need to be updated or expanded to better guide organizations implementing remote work.

Remote work

hybrid work

information security

information security threats

Protection Motivation Theory

Information Systems, Social aspects