| Session | ||
W - Cybersecurity
| ||
| Presentations | ||
Cybersecurity compliance behavior: exploring the influences of individual differences University of Illinois Springfield, United States of America For several years, studies of organizations’ cybersecurity attack experiences showed that insiders are the weakest link in the cybersecurity management chain. It has never been more vital to do research on human-centric interventions. Several studies have previously investigated the importance of gender, age, education, decision-making style, and so on. This study aims to explore the role of individual differences in explaining cybersecurity behaviors in the workplace. It will study this concept from different angles and see how individual differences may change the known relationships among cybersecurity literature constructs. The findings will extend the current literature and have practical implications for managers by having a better understanding of the moderation role of individual differences in security-related behaviors and decision-making. Disclosure timing regarding data breaches University of Illinois Springfield - Springfield, IL, United States of America The U.S. Securities and Exchange Commission (SEC) dictates the disclosure of cybersecurity incidents by publicly traded companies in the United States. The SEC’s current, comprehensive guidance states that public companies should inform investors about material cybersecurity risks and incidents in a timely fashion but does not go into further detail about what “timely” is exactly. Many legislators and data experts call for federal regulation of data breach disclosure that will dictate how soon a breach must be reported after discovery. This paper aims to present suggestions to help these parties analyze how effective federal guidance is at driving reporting and how the current state legislature affects organizations’ reports to the SEC. Furthermore, this research aims to fill the literature gap regarding research on the relationship between the timing of a breach disclosure and its materiality. The main results show that, first, disclosure timeliness has improved. Still, the SEC’s guidance and action are not significant influences on this improvement, and second, the materiality of the breach is not significantly correlated with the timing of its disclosure. Strengthening cyber-mindfulness for an effective cybersecurity culture 1University of Illinois Springfield, United States of America; 2Naval Postgraduate School, United States of America; 3University of Dayton, United States of America This study provides insights into emerging cyber threats by highlighting the increasing sophistication of cyberattacks, particularly those leveraging AI technologies. We propose a proactive cybersecurity framework based on design thinking principles to offer a realistic approach to mitigating and containing threats. Our proposed model combines the human factor and technology to foster uncertainty foresight and strategic decision-making. The framework emphasizes cyber-mindfulness and human-centric approaches to enhance cyber resilience and mitigate the impact of evolving threats. By placing the human factor at the center of cybersecurity strategies, our model advocates for training, awareness programs, and a collective approach to cybersecurity within organizations, highlighting that cybersecurity is not just a technical issue but also a behavioral and organizational challenge. This study underscores the critical need for organizations to adapt their security strategies to counter increasingly sophisticated cyberthreats. It emphasizes the importance of integrating human factors and innovative approaches to reinforce cybersecurity defenses. | ||