Article

The interrelationship and effect of culture and risk communication in setting internet banking security goals

Authors:

Ioannis V. Koskosas,

Ray J. PaulAuthors Info & Claims

ICEC '04: Proceedings of the 6th international conference on Electronic commerce

Pages 341 - 350

https://doi.org/10.1145/1052220.1052264

Published: 25 March 2004 Publication History

Abstract

The aim of this research is to investigate information systems security in the context of internet banking. In doing so, it adopts a socio-organizational approach to the subject matter by investigating the interrelationship between culture and risk communication within information technology groups and their possible effect on the level of security goal setting. The research explores and describes different socio-organizational perspectives and seeks to demonstrate the importance of culture and risk communication in setting efficiently internet banking goals within the broader context of information systems security management. To this end, it gives also an overview of different goal setting procedures within the IT departments of three financial institutions.

References

[1]

Andersen, K. V. (1998) EDI and Data Networking in the Public Sector: Governmental Action, Diffusion, and Impacts, Kluwer Academic Publishers, Boston.

Digital Library

[2]

Backhouse, J. and Dhillon, G. (1996) Structures of Responsibility and Security of Information Systems, European Journal of Information Systems, 5(1), pp. 2--9.

[3]

Bandura, A. (1997) Self-efficacy: The Exercise of Control, New York, W. H. Freeman Publishing.

[4]

Benbasat, I., Goldstein, D. K., and Mead, M. (1987) The Case Research Strategy in Studies of Information Systems, MIS Quarterly, 11(3), pp. 369--386.

Digital Library

[5]

Burnham, B. (1996) The Internet's Impact on Retail Banking, Booz-Allen Hamilton Third Quarter, (http://www.strategy-business.com/briefs/96301).

[6]

Burt, R. S., Gabbay, S. M., Holt, G., Moran, P. (1994) Contingent Organization as a Network Theory: The Culture-Performance Contingency Function, Acta Sociologica, 37(4), pp. 345--370.

[7]

Cavaye, A. L. (1996) Case Study Research: A Multi-Faceted Research Approach for IS, Information Systems Journal, 6(3), pp. 227--242.

[8]

Cremer, J. (1993) Corporate Culture and Shared Knowledge, Industrial and Corporate Change, 2(3), pp. 351--386.

[9]

Deal, T. E. and Kennedy, A. A. (1982) Corporate Cultures, Reading, MA: Addison- Wesley.

[10]

Denison, D. R. (1990) Corporate Culture and Organizational Effectiveness, New York, Wiley.

[11]

Denzin, N. K. (1989) The Research Act, Third Edition, Prentice-Hall, Eaglewood Cliffs, New Jersey, USA.

[12]

Denzin, N. and Lincoln, Y. (1998) Major Paradigms and Perspectives, In: Strategies of Qualitative Inquiry, N. Y. K. Denzin and Y. S. Lincoln, (eds.) Sage Publication, Thousand Oaks.

[13]

DeVito, J. A. (1988) Human Communication, 4th edition, New York: Harper & Row, Inc.

[14]

Eisenhardt, K. M. (1989) Building Theories from Case Study Research, Academy of Management Review, 14(4), pp. 532--550.

[15]

Forcht, K. and Wex, R. (1996) Doing Business on the Internet: Marketing and Security Aspects, Information Management and Computer Security, 4(4), pp. 3--9.

[16]

Flick, U. (1992) Triangulation Revisited: Strategy of Validation or Alternative? Journal for the Theory of Social Behaviour, 22, pp. 175--198.

[17]

Gore, A. (1999) Putting People First in the Information Age, In: Masters of the Wired World, A. Lee, eds., Financial Times Pitman Publishing, London, pp. 31--36.

[18]

Groth, E. (1991) Communicating with Consumers About Food Safety and Risk Issues, Food Technology, 45(5), pp. 248--253.

[19]

Herriot, R. E., and Firestone, W. A. (1983). Multisite Qualitative Policy Research: Optimizing Description and Generalizability, Educational Researcher, 12(3), pp. 14--19.

[20]

Jaeger, C. C., Renn, O., Rosa, E. A., and Webler, T. (2001) Risk, Uncertainty and Rational Action, First Published 2001, Earthscan Publications Ltd., London.

[21]

Janesick, V. (2000) The Choreography of Qualitative Research Design. In: Denzin, N. K. and Lincoln, Y. S. (eds.) Handbook of Qualitative Research. Thousand Oaks, CA: Sage.

[22]

Kosiur, D. (1997) Understanding Electronic Commerce, Microsoft press, Redmond, Wash.

Digital Library

[23]

Kotter, J. R. and Heskett, J. L. (1992) Corporate Culture and Performance, New York: Free Press.

[24]

Krimsky, S. and Plough, A. (1988) Environmental Hazards: Communicating Risks as a Social Process, Dover, MA: Auburn House Publishing.

[25]

Lagoutte, V. (1996) The Direct Banking Challenge, Unpublished Honours Thesis, Middlesex University.

[26]

Locke, E. A. and Latham, G. P. (1990) A Theory of Goal Setting and Task Performance, Englewood Cliffs, NJ: Prentice-Hall.

[27]

March, J. G. (1991) Exploration and Exploitation in Organizational Learning, Organization Science, 2(1), pp. 71--87.

Digital Library

[28]

Markus, M. L. (1989) Case Selection in a Disconfirmatory Case Study, In: The Information Systems Research Challenge, Harvard Business School Research Colloquium, Boston: Harvard Business School, pp. 20--26.

[29]

Miles, M. B. and Huberman, A. M. (1994) Qualitative Data Analysis: An Expanded Sourcebook, Sage publications, Newbury Park, CA.

[30]

Mitchell, T. R., Kenneth, R. T. and George-Falvy, J. (2000) Goal Setting: Theory and Practice, In: Industrial and Organizational Psychology: linking theory with practice, Editors: C. L. Cooper and E. A. Locke, Blackwell Publishers Ltd, First Published 2000.

[31]

National Research Council (1989) Improving Risk Communication, Report of the Committee on Risk Perception and Communication, Commission on Behavioural and Social Sciences and Education, National Research Council. Washington, D.C.: National Academy Press.

[32]

Otway, H. and Wynne, B. (1989) Risk communication: Paradigm and Paradox, Risk Analysis, 9(2), pp. 141--145.

[33]

O' Reilly, C. A. and Chatman, J. A. (1996) Culture as a Social Control: Corporations, Culture and Commitment, In: Research in Organizational Behaviour, B. M. Staw and L. L. Cummings (eds.), 18, pp. 157--200, Geenwich, CT: JAI Press.

[34]

Orlikowski, W. and Baroudi, J. J. (1991) Studying Information Technology in Organizations: Research Approaches and Assumptions, Information Systems Research, 2(1), pp. 1--28.

Digital Library

[35]

Sandman, P. (1987) Risk Communication: Facing Public Outrage, EPA Journal, 13(9), pp. 21--22.

[36]

Schein, E. H. (1992) Organizational Culture and Leadership, 2nd Edition, San Francisco: Jossey-Bass.

[37]

Seijts, G. H. and Latham, G. P. (2000) The Construct of Goal Commitment: Measurement and Relationships with Task Performance, In: Problems and Solutions in Human Assessment: Honoring Douglas N. Jackson at seventy, R. Goffin and E. Helmes (eds.), (pp. 315--332), Dordrecht, The Netherlands: Kluwer Academic Publishers.

[38]

Siponen, M. T. (2000) A Conceptual Foundation for Organizational Information Security Awareness, Information Management and Computer Security, 8(1), pp. 31--41.

[39]

Slovic, P. (1990) The Legitimacy of Public Perceptions of Risk, Journal of Pesticide Reform, 10(1), pp. 13--15.

[40]

Sorensen, J. B. (2002) The Strength of Corporate Culture and Reliability of Firm Performance, Administrative Science Quarterly, 47(1), pp. 70--96.

[41]

Straub, D. W., and Welke, R. J. (1998) Coping with Systems Risks: Security Planning Models for Management Decision Making, MIS Quarterly, 22(4), pp. 441--469.

Digital Library

[42]

Tan, M. and Teo, T. S. H. (2000) Factors Influencing the Adoption of Internet Banking, Journal of the Association for Information Systems, 1(5), July.

Digital Library

[43]

Ternullo, G. (1997) Banking on the Internet: New Technologies, New Opportunities and New Risks, Boston Regional Outlook, Second Quarter, (http://www.fdic.gov/index.html).

[44]

Trice, H. M. and Beyer, J. M. (1993) The Cultures of Work Organizations, Englewood Cliffs, NJ: Prentice Hall.

[45]

Tushman, M. L., and O' Reilly, C. A. III (1997) Winning through Innovation, Boston: Harvard School Press.

[46]

U.S. Department of Commerce (1999) The Emerging Digital Economy II, (http://www.ecommerce.gov/ede/).

[47]

Walsham, G. (1995) Interpretive Case Studies in IS Research: Nature and Method, European Journal of Information Systems, 4(2), pp. 74--81.

[48]

Wegge, J. (2000) Participation in Group Goal Setting: Some Novel Findings and a Comprehensive Model as a New Ending Ton at Old Story, Applied Psychology: in International Review, 49(3), pp. 498--516.

[49]

Weick, K. E. (1985) The Significance of Corporate Culture. In: Organizational Cultures, P. J. Frost, L. F. Moore, M. R. Louis, C. C. Lundberg, and J. Martin (eds.), pp. 381--389, Beverly Hills, CA: Sage.

[50]

Yin, R. K. (1984) Case Study Research, Design and Methods, Sage Publications, Newbury Park, CA.

Cited By

Al-Darwish AChoe P(2019)A Framework of Information Security Integrated with Human FactorsHCI for Cybersecurity, Privacy and Trust10.1007/978-3-030-22351-9_15(217-229)Online publication date: 12-Jun-2019
https://doi.org/10.1007/978-3-030-22351-9_15
Ahmad ALim JMaynard SChang S(2015)Information Security CultureInternational Journal of Cyber Warfare and Terrorism10.4018/IJCWT.20150401035:2(31-52)Online publication date: 1-Apr-2015
https://dl.acm.org/doi/10.4018/IJCWT.2015040103
Musa NClift B(2013)A model of component interaction between Formal, Technical and Informal components within IS/IT security governance8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)10.1109/ICITST.2013.6750242(454-462)Online publication date: Dec-2013
https://doi.org/10.1109/ICITST.2013.6750242
Show More Cited By

Recommendations

A cross-cultural investigation into customer satisfaction with internet banking security
SAICSIT '05: Proceedings of the 2005 annual research conference of the South African institute of computer scientists and information technologists on IT research in developing countries

Consumer Internet banking has been fairly successful in South Africa, with all major retail banks providing this service to customers. Approximately one million Internet users make use of this channel, with the profile tending to be those with higher ...
Internet banking – a layered approach to security
CIT'04: Proceedings of the 7th international conference on Intelligent Information Technology

The advent and popularity of the Internet presented the banking industry with both a challenge and an opportunity to utilise this medium. Although internet banking offered customers the comfort of accessing their accounts from any place, there has been ...
The social dimensions of the security of internet banking

This paper examines the users' perspective on the security of Internet banking in Australia within the social context. This user-centered design approach supplements the technological and industrial approaches to security. The user-centered research on ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICEC '04: Proceedings of the 6th international conference on Electronic commerce

March 2004

684 pages

ISBN:1581139306

DOI:10.1145/1052220

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ICEC: International Center for Electronic Commerce

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 March 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Acceptance Rates

Overall Acceptance Rate 150 of 244 submissions, 61%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
2,726
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Al-Darwish AChoe P(2019)A Framework of Information Security Integrated with Human FactorsHCI for Cybersecurity, Privacy and Trust10.1007/978-3-030-22351-9_15(217-229)Online publication date: 12-Jun-2019
https://doi.org/10.1007/978-3-030-22351-9_15
Ahmad ALim JMaynard SChang S(2015)Information Security CultureInternational Journal of Cyber Warfare and Terrorism10.4018/IJCWT.20150401035:2(31-52)Online publication date: 1-Apr-2015
https://dl.acm.org/doi/10.4018/IJCWT.2015040103
Musa NClift B(2013)A model of component interaction between Formal, Technical and Informal components within IS/IT security governance8th International Conference for Internet Technology and Secured Transactions (ICITST-2013)10.1109/ICITST.2013.6750242(454-462)Online publication date: Dec-2013
https://doi.org/10.1109/ICITST.2013.6750242
Degenhardt WWiele J(2010)Social Engineering hits Social CommerceISSE 2009 Securing Electronic Business Processes10.1007/978-3-8348-9363-5_16(169-176)Online publication date: 2010
https://doi.org/10.1007/978-3-8348-9363-5_16
Werlinger RHawkey KBeznosov K(2009)An integrated view of human, organizational, and technological challenges of IT security managementInformation Management & Computer Security10.1108/0968522091094472217:1(4-19)Online publication date: 20-Mar-2009
https://doi.org/10.1108/09685220910944722
Werlinger RHawkey KBotta DBeznosov K(2009)Security practitioners in contextInternational Journal of Human-Computer Studies10.1016/j.ijhcs.2009.03.00267:7(584-606)Online publication date: 1-Jul-2009
https://dl.acm.org/doi/10.1016/j.ijhcs.2009.03.002
Mouratidis HJahankhani HNkhoma M(2008)Management versus security specialists: an empirical study on security related perceptionsInformation Management & Computer Security10.1108/0968522081087964516:2(187-205)Online publication date: 6-Jun-2008
https://doi.org/10.1108/09685220810879645

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten