Ellena Ike

DOI: https://doi.org/10.47941/ejikm.2063

2024-07-12

Abstract:Purpose: The general objective of the study was to analyze information security and knowledge management. Methodology: The study adopted a desktop research methodology. Desk research refers to secondary data or that which can be collected without fieldwork. Desk research is basically involved in collecting data from existing resources hence it is often considered a low cost technique as compared to field research, as the main cost is involved in executive’s time, telephone charges and directories. Thus, the study relied on already published studies, reports and statistics. This secondary data was easily accessed through the online journals and library. Findings: The findings reveal that there exists a contextual and methodological gap relating to information security and knowledge management. Preliminary empirical review revealed that integrating IS and KM was crucial for enhancing organizational performance, protecting intellectual assets, and fostering innovation. It emphasized the need for a holistic approach combining technological solutions, robust policies, and a culture of security awareness. The research found that this integration led to significant improvements in operational efficiency and innovation, with continuous evaluation and adaptation being essential. The study highlighted the importance of advanced security technologies, regular updates, and employee training to maintain effective IS and KM practices, ultimately ensuring the secure and effective utilization of knowledge assets for sustainable growth. Unique Contribution to Theory, Practice and Policy: The Socio-Technical Systems Theory, Knowledge-Based View of the Firm and Information Systems Success Model may be used to anchor future studies on information security and knowledge management. The study provided significant contributions to theory, practice, and policy by integrating various theoretical frameworks and emphasizing the need for a multi-layered approach to IS that includes advanced technology, strong policies, and employee training. It recommended the development of regulatory standards to enforce robust IS practices, the alignment of IS and KM with organizational strategies, and the implementation of continuous improvement programs. Additionally, it highlighted the importance of comprehensive training for employees and fostering a collaborative environment that balances security with innovation.

Eric W. T. Ngai,Chen Jin,Tong Liang

DOI: https://doi.org/10.1111/j.1467-9310.2008.00523.x

2008-01-01

Abstract:Much research has recognized that cross‐disciplinary knowledge inputs are necessary to successful product innovation, particularly in complex products and systems (CoPS) development. This paper focuses on developing an exploratory framework for studying how an inter‐organizational knowledge management (KM) approach affects the development of CoPS, and exploring how inter‐organizational collaboration affects KM within a CoPS context. Based on a review of the literature and in‐depth case studies, this paper puts forward some propositions and develops an integrated conceptual model showing the link between the dimensions of inter‐organizational KM and the performance of CoPS development. Finally, the implications of the proposed model for inter‐organizational KM in a CoPS environment are discussed.

Alireza Shojaifar,Samuel A. Fricker,Martin Gwerder

DOI: https://doi.org/10.48550/arXiv.2007.07602

2020-07-15

Computers and Society

Abstract:Cybersecurity is essential for the protection of companies against cyber threats. Traditionally, cybersecurity experts assess and improve a company's capabilities. However, many small and medium-sized businesses (SMBs) consider such services not to be affordable. We explore an alternative do-it-yourself (DIY) approach to bringing cybersecurity to SMBs. Our method and tool, CYSEC, implements the Self-Determination Theory (SDT) to guide and motivate SMBs to adopt good cybersecurity practices. CYSEC uses assessment questions and recommendations to communicate cybersecurity knowledge to the end-user SMBs and encourage self-motivated change. In this paper, the operationalisation of SDT in CYSEC is presented and the results of a multi-case study shown that offer insight into how SMBs adopted cybersecurity practices with CYSEC. Effective automated cybersecurity communication depended on the SMB's hands-on skills, tools adaptedness, and the users' willingness to documenting confidential information. The SMBs wanted to learn in simple, incremental steps, allowing them to understand what they do. An SMB's motivation to improve security depended on the fitness of assessment questions and recommendations with the SMB's business model and IT infrastructure. The results of this study indicate that automated counselling can help many SMBs in security adoption. The final publication is available at Springer via https://link.springer.com/chapter/10.1007%2F978-3-030-59291-2_8

Kai Liu,Fei Wang,Zhaoyun Ding,Sheng Liang,Zhengfei Yu,Yun Zhou

DOI: https://doi.org/10.3390/electronics11152287

IF: 2.9

2022-07-23

Electronics

Abstract:In today's dynamic complex cyber environments, Cyber Threat Intelligence (CTI) and the risk of cyberattacks are both increasing. This means that organizations need to have a strong understanding of both their internal CTI and their external CTI. The potential for cybersecurity knowledge graphs is evident in their ability to aggregate and represent knowledge about cyber threats, as well as their ability to manage and reason with that knowledge. While most existing research has focused on how to create a full knowledge graph, how to utilize the knowledge graph to tackle real-world industrial difficulties in cyberattack and defense situations is still unclear. In this article, we give a quick overview of the cybersecurity knowledge graph's core concepts, schema, and building methodologies. We also give a relevant dataset review and open-source frameworks on the information extraction and knowledge creation job to aid future studies on cybersecurity knowledge graphs. We perform a comparative assessment of the many works that expound on the recent advances in the application scenarios of cybersecurity knowledge graph in the majority of this paper. In addition, a new comprehensive classification system is developed to define the linked works from 9 core categories and 18 subcategories. Finally, based on the analyses of existing research issues, we have a detailed overview of various possible research directions.

engineering, electrical & electronic,computer science, information systems,physics, applied

PAN Xu-wei,GU Xin-jian,WANG Zheng-cheng,WANG Shi-xiong

DOI: https://doi.org/10.3969/j.issn.1006-5911.2007.05.023

2007-01-01

Abstract:To solve new problems and difficulties faced in the process of knowledge management implementation in enterprises,the method of Knowledge Management Integrating Context(KMIC) was proposed,which integrated context with knowledge and knowledge processes through contextualization.Key technologies,including the construction technology of knowledge integration context model,context identification acquisition technology and context integration knowledge search retrieval technology,were studied to realize the KMIC method.With the support of these methods and technologies,a context-aware KMIC system was constructed,and a case was given to illustrate the application of this system.

QR Xu,JJ Liu,J Chen

DOI: https://doi.org/10.1109/iemc.2002.1038525

2002-01-01

Abstract:In the knowledge economy the one sure source of lasting competitive advantage is knowledge. In the theoretical field, interest in knowledge management has grown dramatically. In the business community, organizations are coming to regard knowledge-based intangible assets such as technological know-how and innovation as their most valuable and strategic resource, and they are also increasingly realizing that they must effectively and efficiently manage and cultivate their knowledge and competencies to maintain sustainable competitive advantage. However, there is scarcity on knowledge strategy toward dynamically integrating technological innovation with knowledge management in academic and practical domain. Therefore, based on some theories such as technological innovation, strategic management, transaction cost economics, organizational learning and knowledge management, the framework of knowledge strategy and the model of knowledge-based communities of creation are put forward and analyzed empirically in this paper. Several important knowledge management practices to push technological innovation process are discussed.

Lata Nautiyal,Awais Rashid

2024-06-05

Abstract:A cyber security organisation needs to ensure that its workforce possesses the necessary knowledge to fulfil its cyber security business functions. Similarly, where an organisation chooses to delegate their cyber security tasks to a third party provider, they must ensure that the chosen entity possesses robust knowledge capabilities to effectively carry out the assigned tasks. Building a comprehensive cyber security knowledge profile is a distinct challenge; the field is ever evolving with a range of professional certifications, academic qualifications and on-the-job training. So far, there has been a lack of a well-defined methodology for systematically evaluating an organisation's cyber security knowledge, specifically derived from its workforce, against a standardised reference point. Prior research on knowledge profiling across various disciplines has predominantly utilised established frameworks such as SWEBOK. However, within the domain of cyber security, the absence of a standardised reference point is notable. In this paper, we advance a framework leveraging CyBOK, to construct an organisation's knowledge profile. The framework enables a user to identify areas of coverage and where gaps may lie, so that an organisation can consider targeted recruitment or training or, where such expertise may be outsourced, drawing in knowledge capability from third parties. In the latter case, the framework can also be used as a basis for assessing the knowledge capability of such a third party. We present the knowledge profiling framework, discussing three case studies in organisational teams underpinning its initial development, followed by its refinement through workshops with cyber security practitioners.

Cryptography and Security

Felix Meliksadek

DOI: https://doi.org/10.47941/ejikm.2059

2024-07-12

Abstract:Purpose: This study sought to examine knowledge management strategies in remote work environments. Methodology: The study adopted a desktop research methodology. Desk research refers to secondary data or that which can be collected without fieldwork. Desk research is basically involved in collecting data from existing resources hence it is often considered a low cost technique as compared to field research, as the main cost is involved in executive’s time, telephone charges and directories. Thus, the study relied on already published studies, reports and statistics. This secondary data was easily accessed through the online journals and library. Findings: The findings reveal that there exists a contextual and methodological gap relating to knowledge management strategies in remote work environments. Preliminary empirical review of revealed that effective Knowledge Management (KM) strategies in remote work environments required adapting traditional practices to leverage advanced technological tools, foster a culture of trust and collaboration, and provide continuous support and training for employees. It highlighted the pivotal role of technology in maintaining information flow and real-time collaboration, the importance of an organizational culture that encourages knowledge sharing, and the necessity of regular training and support to sustain KM practices. By integrating these elements, organizations could enhance efficiency, innovation, and employee satisfaction in remote work settings. Unique Contribution to Theory, Practice and Policy: The Social Exchange Theory, Nonaka’s Knowledge Creation Theory and Technology Acceptance Model (TAM) may be used to anchor future studies on knowledge management strategies in remote work environments. The study recommended enhancing technology integration with AI and ML, fostering a collaborative culture, providing continuous training, implementing structured knowledge-sharing practices, enhancing organizational support and resources, and developing flexible KM policies to address the challenges of remote work environments. It contributed to theory by integrating concepts from various KM theories, to practice by offering actionable recommendations for improving KM strategies, and to policy by highlighting the need for adaptable KM policies that balance data security with accessibility and promote continuous learning.Top of Form

Qian Yadong,Gu Xinjian,Wang Shengfa,Li Xiangshuo

DOI: https://doi.org/10.3321/j.issn:1000-680X.2006.06.022

2006-01-01

Abstract:The integration of knowledge with business is discussed and analyzed from the aspects of integrated model for knowledge management(KM),processing model for knowledge-intensive business,and integration of knowledge with business process in automotive enterprises.A case study on knowledge-integration-based process management system in a specific auto-parts manufacturing enterprise is illustrated.

Robert B. Ramirez,Tomohiko Yano,Masaki Shimaoka,Kenichi Magata

DOI: https://doi.org/10.48550/arXiv.2011.02661

2020-11-05

Abstract:Research ethics in Information and Communications Technology has seen a resurgence in popularity in recent years. Although a number of general ethics standards have been issued, cyber security specifically has yet to see one. Furthermore, such standards are often abstract, lacking in guidance on specific practices. In this paper we compare peer-reviewed ethical analyses of condemned research papers to analyses derived from a knowledge base (KB) of concrete cyber security research ethics best practices. The KB we employ was compiled in prior work from a large random survey of research papers. We demonstrate preliminary evidence that such a KB can be used to yield comparable or more extensive ethical analyses of published cyber security research than expert application of standards like the Menlo Report. We extend the ethical analyses of the reviewed manuscripts, and calculate measures of the efficiency with which the expert versus KB methods yield ethical insights.

Cryptography and Security

Mahdi Fahmideh,Jun Yan,Jun Shen,Aakash Ahmad,Davoud Mougouei,Anup Shrestha

DOI: https://doi.org/10.48550/arXiv.2202.07875

2022-02-16

Abstract:Migration legacy systems to cloud platforms is a knowledge intensive process. There is an ever increasing body of knowledge reporting empirical scenarios of successful and problematic cloud migration. Reusing this body of knowledge, dispersed and fragmented over the academic/multi-vocal literature, has practical values to mitigate costly risks and pitfalls in further projects of legacy to-cloud and cloud-to-cloud migration. In line with this, knowledge management systems/platforms pertinent to cloud migration are a prime prerequisite and a strategic imperative for an organization. We have conducted a qualitative exploratory study to understand the benefits and challenges of developing Knowledge Management Systems (KMS) for cloud migration in real trials. Whilst our prototype system demonstration supported the importance and bene-fits of developing Cloud Migration KMS (CM-KMS), our semi-structured industry interview study with 11 participants highlighted challenging impediments against developing this class of KMS. As a result, this study proposes nine significant challenges that cause the abandon of the design and maintenance of CM-KMS, including continuous changes and updates, integration of knowledge, knowledge granularity, preservation of context, automation, deconstruction of traditional knowledge, dependency on experts, hybrid knowledge of both vendor-specific and vendor-neutral cloud platforms, and parsimony. Our results inform cloud architects to pay attention to adopt CM-KMS for the legacy-to-cloud migration in their organizations.

Software Engineering

Atif Ahmad,Sean B. Maynard,Sameen Motahhir,Moneer Alshaikh

DOI: https://doi.org/10.48550/arXiv.2103.14838

2021-03-27

Cryptography and Security

Abstract:Case-based learning is a powerful pedagogical method of creating dialogue between theory and practice. CBL is particularly suited to executive learning as it instigates critical discussion and draws out relevant experiences. In this paper we used a real-world case to teach Information Security Management to students in Management Information Systems. The real-world case is described in a legal indictment, T-mobile USA Inc v Huawei Device USA Inc. and Huawei Technologies Co. LTD, alleging theft of intellectual property and breaches of contract concerning confidentiality and disclosure of sensitive information. The incident scenario is interesting as it relates to a business asset that has both digital and physical components that has been compromised through an unconventional cyber-physical attack facilitated by insiders. The scenario sparked an interesting debate among students about the scope and definition of security incidents, the role and structure of the security unit, the utility of compliance-based approaches to security, and the inadequate use of threat intelligence in modern security strategies.

Xin Jin,Song Chen,Jie Wang,Jinghua Xia

2013-01-01

Abstract:Knowledge Management (KM) has become widely employed as a new but promising management tool for optimizing business management and operations in China. In order for enterprises to develop a mature KM process capable of demonstrable benefits, they must assess their adoption of KM with regard to certain benchmarking practices. This paper, using a systematic approach, attempts to design and build a novel KM maturity (KMM) evaluation mechanism that combines and adapts existing models developed in the context of western management practices with new features from China's unique culture and social background. First, the key criteria are extracted via empirical analysis of the results of an extensive questionnaire, completed and returned by hundreds of Chinese enterprises in 2012. Next, based on a quantitative assessment of KMM, we further analyze the KM benchmarking practices in China. Finally, we demonstrate that KM practice in China is in a transitional stage from a content-oriented approach to a community-practice-oriented and employee-growth-oriented approach; we also observe that the Chinese enterprises with better management practices and more advanced information technology infrastructure are experimenting with integrated application-oriented KM approaches that can better foster technology and management innovations in enterprises.

Tom Butler,Ciara Heavin,Finbarr O’Donovan

DOI: https://doi.org/10.4018/joeuc.2007100101

2007-10-01

Journal of Organizational and End User Computing

Abstract:<p>The study’s objective is to arrive at a theoretical model and framework to guide research into the implementation of KMS, while also seeking to inform practice. In order to achieve this, the paper applies the critical success factors (CSF) method in a field study of successful KMS implementations across 12 large multinational organisations operating in a range of sectors. The paper first generates a ‘collective set’ of CSFs from extant research to construct an a priori model and framework: this is then empirically validated and extended using the field study findings to arrive at a ‘collective set’ of CSFs for all 12 organisations. These are then employed to refine and extend the theoretical model using insights from the literature on capability theory. It is hoped that the model and framework will aid theory building and future empirical research on this highly important and relevant topic.</p>

information science & library science,management,computer science, information systems

Soumya Rao,A. Satya Nandini,Minu Zachariah

DOI: https://doi.org/10.1080/14778238.2022.2053312

2022-03-30

Abstract:Active participation of Small and Medium Enterprises (SMEs) in the digital revolution is jeopardised due to low technology adoption and inept management of skills and innovation resources. Apparently, firms that contrive firm knowledge proficiently qualify to address the demands of a new environment. As SMEs contend with their know-how, it becomes essential to practice Knowledge Management (KM). However, to avoid implementation failure and ease prioritisation of resources, being aware of Critical Success Factors (CSFs) of KM is vital. As research on CSFs of KM in SMEs has been inherently insufficient and inconsistent with literature on Critical Failure Factors (CFFs) of KM, there was a need to revise discussion on and propose an enhanced set of four CSFs of KM for SMEs by adopting the "Theory Adaptation" research design by amalgamating CSFs and CFFs of KM. Later, a discussion on KM planning followed to facilitate application of the proposed CSFs.

information science & library science,management

Naresh Kshetri,Vasudha,Denisa Hoxha

2023-10-19

Abstract:Technology has advanced dramatically in the previous several years. There are also cyber assaults. Cyberattacks pose a possible danger to information security and the general public. Since data practice and internet consumption rates continue to upswing, cyber awareness has become progressively important. Furthermore, as businesses pace their digital transformation with mobile devices, cloud services, communal media, and Internet of Things services, cybersecurity has appeared as a critical issue in corporate risk management. This research focuses on the relations between cybersecurity awareness, cyber knowledge, computer ethics, cyber ethics, and cyber behavior, as well as protective tools, across university students in general. The findings express that while internet users are alert of cyber threats, they only take the most elementary and easy-to-implement precautions. Several knowledge and awareness have been proposed to knob the issue of cyber security. It also grants the principles of cybersecurity in terms of its structure, workforces, and evidence pertaining to the shield of personal information in the cyber world. The first step is for people to educate themselves about the negative aspects of the internet and to learn more about cyber threats so that they can notice when an attack is taking place. To validate the efficiency of the suggested analysis between CS and non-CS university students, case study along with several comparisons are provided.

Cryptography and Security

Ashraf Mady,Saurabh Gupta,Merrill Warkentin

DOI: https://doi.org/10.1111/isj.12424

IF: 7.767

2023-01-11

Information Systems Journal

Abstract:Organisations implement a variety of knowledge mechanisms such as information security education, training and awareness (SETA) programs and information security policies, to influence employees' secure behaviour. Despite increased efforts to provide information systems (IS) security knowledge to employees, data breaches and other security incidents resulting from insider behaviour continue. Recent IS security research, primarily grounded on assumptions of employees' rational assessment of numerous factors, has yielded inconsistent results. Challenging this paradigm, we model secure behaviour on security knowledge mechanisms, which focuses on the multidimensional nature of security knowledge breadth, depth and finesse to represent the full array of managerial levers. We further draw on construal level theory to conceptualise users' perceptual judgements of security messages. Two studies support our model, with the second building on the first. Study 1, an experiment with 312 participants, focused on validating the treatments. Study 2, a survey with 219 participants, validated the entire model. Results showed that our model has significantly more explanatory and predictive power than the orthodox paradigm. Our results have practical implications for optimising the organisation of knowledge mechanisms by emphasising the personal relevance of threats and defining the factors that lead to secure behaviour. We also contribute to the discourse on information security research and provide a template for integrating theories, thus opening new avenues for future research.

information science & library science

Mohammad Hossein Jarrahi,Rebecca Reynolds,Ali Eshraghi

DOI: https://doi.org/10.1108/ils-11-2019-0120

2020-11-30

Information and Learning Sciences

Abstract:Purpose Personal knowledge management (KM) lends new emphasis to ways through which individual knowledge workers engage with knowledge in organizational contexts. This paper aims to go beyond an organizational approach to KM to examine key personal KM and knowledge building (KB) practices among adult professionals. Design/methodology/approach This paper presents a summary of the findings from interviews with 58 consultants from 17 managing consulting firms. Participants were selected based on their knowledge-intensive roles and their willingness to share information about their knowledge practices. Data analysis was inductive and revealed multiple personal KM activities common among research participants, and the way these are supported by informal ties and various technologies. Findings This work highlights ways in which “shadow information technology” undergirds personal knowledge infrastructures and supports KM and KB practices in the context of management consulting firms. The results uncover how personal knowledge infrastructures emerge from personal KM and KB practices, and the role of informal social networks as well as social media in supporting personal KM and KB. Research limitations/implications This study contributes an overall conceptual model of factors that help knowledge workers build a personal knowledge infrastructure. By affording an understanding of socially embedded personal KM activities, this work helps organizations create a balance between KM strategies at the organizational level and personal knowledge goals of individual workers. Originality/value Much of the previous research on KM adopts organizational approaches to KM, accentuating how organizations can effectively capture, organize and distribute organizational knowledge (primarily through KM systems).

Wei-Tsong Wang,Su-Ying Wu

DOI: https://doi.org/10.1080/14778238.2020.1860665

2020-12-21

Abstract:COVID-19's rapid spread has caused a global pandemic. Consequently, it is imperative that healthcare organisations conduct crisis management (CM) to cope with this calamity. This study presents a set of operational guidelines for healthcare organisations to launch effective countermeasures against such crises by means of effective knowledge management (KM) practices. Additionally, information-technology (IT) applications can significantly improve organisations' CM and KM capabilities by enhancing organisational responsiveness and flexibility. This study thus aims to articulate how the use of innovative IT-enabled mechanisms (e.g., non-contact monitoring devices, intelligent robots, and telemedicine) can reduce the risk of exposure and leverage an artificial intelligence-based epidemic intelligence dashboard to support appropriate decision-making by taking the operation of healthcare organisations in Taiwan during COVID-19 crisis as an example. The research results demonstrate the effectiveness of the employment of IT-enabled KM practices in CM settings in terms of preventing or minimising undesirable crisis consequences.

information science & library science,management