A compliance framework for IT governance adoption and use by state-owned entities in South Africa
- Authors: Nxozi, Monelo
- Date: 2023-03-31
- Subjects: Uncatalogued
- Language: English
- Type: Academic theses , Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/419244 , vital:71628
- Description: Embargoed. Possible release date in early 2025. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2023
- Full Text:
- Date Issued: 2023-03-31
- Authors: Nxozi, Monelo
- Date: 2023-03-31
- Subjects: Uncatalogued
- Language: English
- Type: Academic theses , Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/419244 , vital:71628
- Description: Embargoed. Possible release date in early 2025. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2023
- Full Text:
- Date Issued: 2023-03-31
A framework for guiding the interdisciplinary design of mHealth intervention apps for physical activity behaviour change
- Authors: Thomson, Callie Deborah
- Date: 2022-04-06
- Subjects: Wireless communication systems in medical care , Exercise Health aspects , Behavior modification , Mobile apps , Medical care Technological innovations , Medical informatics , Health promotion Technological innovations , Application software Development , Design Science Research (DSR)
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/232193 , vital:49970 , DOI http://doi.org/10.21504/10962/232193
- Description: The global pandemic of noncommunicable diseases and its associated premature mortality rates and socioeconomic burden have led to increasingly intensified efforts towards designing and delivering health promotion interventions aimed at addressing the leading modifiable health risk behaviours, such as physical inactivity. Developing physical activity behaviour change interventions that target individuals at the dual intra-interpersonal socioecological levels of health promotion has become a key objective worldwide. Digital and mobile technology is revolutionising the ways in which health behaviour change interventions are delivered to individuals across the world, with mobile health applications (mHealth apps) increasingly recognised as a powerful means of promoting physical activity behaviour change. However, with the growth and opportunities of mHealth apps, come several design challenges. Key design challenges concern the integration of theory, the incorporation of evidence-based behaviour change techniques, the application of persuasive systems design principles, and the importance of multi- and interdisciplinary collaborative design, development and evaluation approaches. These key challenges influence the output product design and effectiveness of mHealth physical activity behaviour change intervention apps. There exists a paucity of approaches for guiding and supporting the multi- and interdisciplinary collaborative design, development and evaluation of mHealth physical activity behaviour change intervention apps. To address this gap, this research study proposes an Interdisciplinary mHealth App Design Framework, framed by a novel boundary object view. This view considers the diverse communities of practice, boundary objects and supporting artefacts, process activities, and knowledge sharing practices necessary and relevant to the design of effective mHealth physical activity behaviour change intervention apps. The framework’s development is guided by a Design Science Research (DSR) approach. Its core components are based on the findings of a critical theoretical analysis of twenty existing multi- and interdisciplinary digital health development approaches. Once developed, the framework is evaluated using a qualitative DSR linguistic interpretivist approach, with semi-structured interviews as the research instrument. The thematic analysis findings from interviews with thirty-one international academic researchers and industry practitioners informs the iterative modification and revision of an enhanced Interdisciplinary mHealth App Design Framework, constituting the main DSR artefact contribution of the research study. In addition, four theoretical contributions are made to the mHealth intervention app design body of knowledge, and a practical contribution is made through the provision of guideline recommendations for academics and industry practitioners. Methodological contributions are also made in terms of applying DSR, adopting a hybrid cognitive reasoning strategy, and employing a qualitative linguistic interpretivist approach to evaluation within a DSR project. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2022
- Full Text:
- Date Issued: 2022-04-06
- Authors: Thomson, Callie Deborah
- Date: 2022-04-06
- Subjects: Wireless communication systems in medical care , Exercise Health aspects , Behavior modification , Mobile apps , Medical care Technological innovations , Medical informatics , Health promotion Technological innovations , Application software Development , Design Science Research (DSR)
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/232193 , vital:49970 , DOI http://doi.org/10.21504/10962/232193
- Description: The global pandemic of noncommunicable diseases and its associated premature mortality rates and socioeconomic burden have led to increasingly intensified efforts towards designing and delivering health promotion interventions aimed at addressing the leading modifiable health risk behaviours, such as physical inactivity. Developing physical activity behaviour change interventions that target individuals at the dual intra-interpersonal socioecological levels of health promotion has become a key objective worldwide. Digital and mobile technology is revolutionising the ways in which health behaviour change interventions are delivered to individuals across the world, with mobile health applications (mHealth apps) increasingly recognised as a powerful means of promoting physical activity behaviour change. However, with the growth and opportunities of mHealth apps, come several design challenges. Key design challenges concern the integration of theory, the incorporation of evidence-based behaviour change techniques, the application of persuasive systems design principles, and the importance of multi- and interdisciplinary collaborative design, development and evaluation approaches. These key challenges influence the output product design and effectiveness of mHealth physical activity behaviour change intervention apps. There exists a paucity of approaches for guiding and supporting the multi- and interdisciplinary collaborative design, development and evaluation of mHealth physical activity behaviour change intervention apps. To address this gap, this research study proposes an Interdisciplinary mHealth App Design Framework, framed by a novel boundary object view. This view considers the diverse communities of practice, boundary objects and supporting artefacts, process activities, and knowledge sharing practices necessary and relevant to the design of effective mHealth physical activity behaviour change intervention apps. The framework’s development is guided by a Design Science Research (DSR) approach. Its core components are based on the findings of a critical theoretical analysis of twenty existing multi- and interdisciplinary digital health development approaches. Once developed, the framework is evaluated using a qualitative DSR linguistic interpretivist approach, with semi-structured interviews as the research instrument. The thematic analysis findings from interviews with thirty-one international academic researchers and industry practitioners informs the iterative modification and revision of an enhanced Interdisciplinary mHealth App Design Framework, constituting the main DSR artefact contribution of the research study. In addition, four theoretical contributions are made to the mHealth intervention app design body of knowledge, and a practical contribution is made through the provision of guideline recommendations for academics and industry practitioners. Methodological contributions are also made in terms of applying DSR, adopting a hybrid cognitive reasoning strategy, and employing a qualitative linguistic interpretivist approach to evaluation within a DSR project. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2022
- Full Text:
- Date Issued: 2022-04-06
A systems thinking approach to e-government strategy formulation for water service delivery in South African local municipalities
- Authors: Osah, Umeoniso Joshua
- Date: 2017
- Subjects: Internet in public administration South Africa , Electronic government information South Africa , Communication in public administration South Africa , Municipal services South Africa , Municipal services Information technology , System theory
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/64471 , vital:28547 , DOI 10.21504/10962/64471
- Description: E-Government deployments by stakeholders within the South African water service sector, provide certain benefits for the sector. While deemed beneficial and of considerable value, e-Government deployments and implementations in the water sector of local governments of South Africa have not always been successful. One important reason for e-Government failures, among several others, is the lack of coherent strategies, informed by key representing stakeholder views, to guide implementation and deployment of e-Government tools. Without strategies, it is highly likely that ICT integration will be conducted haphazardly. As a point of note, more than the deliverable (strategy document) that represents the output of the strategy development process, it serves more purpose to understand the process that results in the strategy. Importantly, understanding the process helps to account for the formed relationships between the various stakeholders that need to buy into the strategy. The research study develops an e-Government strategy formulation framework based on a systems thinking approach, intended to support the strategy formulation process of e-Government strategies – to underpin the effective integration, deployment and sustained use of ICT solutions for water service delivery at the local government level. A systems thinking approach is considered due to its emphasis on the strategy being informed by a holistic assessment. Where there is some knowledge about the processes by which a strategy is formulated – over time ideas may be derived on the types of processes that may produce efficient e-Government strategies. The research is conducted using the Design Science research paradigm. The Design Science paradigm is comprised of two processes – build and evaluate (Hevner et al., 2004). The build process, as related to this research concentrates on the progression through which the theoretical e-Government strategy formulation framework is derived. Weick’s (1989) theorizing approach is ascribed, supporting the design of the theoretical framework. In applying Weick’s theorizing approach, firstly, the lack of knowledge on how e-Government strategies should be formulated in South African local municipalities – is explicated in an intelligible manner. Once the problem is properly articulated, a trial and error selection process is undertaken of existing approaches on strategy formulation – thought to possess the potential to contribute to the development of an e-Government strategy formulation framework, suited to local governments in South Africa. With good reason, 10 (ten) strategy approaches are selected from, e-Government programmes in developed countries, Non-Governmental organizational strategy approaches, and business related strategy formulation approaches. Lastly, as all possible approaches that may contribute to the framework development process cannot be selected, criteria is specified to limit the number of possible selections. Furthermore, in deriving the framework, foundations for systematically dealing with unstructured problems, such as, strategy formulation are consulted. This foundation along with the research goals, informs the development of a template used to comparatively analyse the 10 selected approaches on strategy formulation. This analysis aids in revealing the components of an e-Government strategy formulation process. With the developed framework, the evaluation process of the design science research commences, seeking to determine the utility of the framework (suitability and shortcomings). The framework is applied to the procedural formulation of a strategy for a tentative e-Government project called MobiSAM, which aims to enhance citizen engagement with local government through the use of mobile phones. The strategy formulation application process in the project environment and local government reveals lessons that inform revisions to the framework. The e-Government strategy formulation framework, therefore represents a fundamental tool for e-Government strategy development in local municipalities, and may be customized to fit the requirements of varying local municipalities. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2017
- Full Text:
- Date Issued: 2017
- Authors: Osah, Umeoniso Joshua
- Date: 2017
- Subjects: Internet in public administration South Africa , Electronic government information South Africa , Communication in public administration South Africa , Municipal services South Africa , Municipal services Information technology , System theory
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/64471 , vital:28547 , DOI 10.21504/10962/64471
- Description: E-Government deployments by stakeholders within the South African water service sector, provide certain benefits for the sector. While deemed beneficial and of considerable value, e-Government deployments and implementations in the water sector of local governments of South Africa have not always been successful. One important reason for e-Government failures, among several others, is the lack of coherent strategies, informed by key representing stakeholder views, to guide implementation and deployment of e-Government tools. Without strategies, it is highly likely that ICT integration will be conducted haphazardly. As a point of note, more than the deliverable (strategy document) that represents the output of the strategy development process, it serves more purpose to understand the process that results in the strategy. Importantly, understanding the process helps to account for the formed relationships between the various stakeholders that need to buy into the strategy. The research study develops an e-Government strategy formulation framework based on a systems thinking approach, intended to support the strategy formulation process of e-Government strategies – to underpin the effective integration, deployment and sustained use of ICT solutions for water service delivery at the local government level. A systems thinking approach is considered due to its emphasis on the strategy being informed by a holistic assessment. Where there is some knowledge about the processes by which a strategy is formulated – over time ideas may be derived on the types of processes that may produce efficient e-Government strategies. The research is conducted using the Design Science research paradigm. The Design Science paradigm is comprised of two processes – build and evaluate (Hevner et al., 2004). The build process, as related to this research concentrates on the progression through which the theoretical e-Government strategy formulation framework is derived. Weick’s (1989) theorizing approach is ascribed, supporting the design of the theoretical framework. In applying Weick’s theorizing approach, firstly, the lack of knowledge on how e-Government strategies should be formulated in South African local municipalities – is explicated in an intelligible manner. Once the problem is properly articulated, a trial and error selection process is undertaken of existing approaches on strategy formulation – thought to possess the potential to contribute to the development of an e-Government strategy formulation framework, suited to local governments in South Africa. With good reason, 10 (ten) strategy approaches are selected from, e-Government programmes in developed countries, Non-Governmental organizational strategy approaches, and business related strategy formulation approaches. Lastly, as all possible approaches that may contribute to the framework development process cannot be selected, criteria is specified to limit the number of possible selections. Furthermore, in deriving the framework, foundations for systematically dealing with unstructured problems, such as, strategy formulation are consulted. This foundation along with the research goals, informs the development of a template used to comparatively analyse the 10 selected approaches on strategy formulation. This analysis aids in revealing the components of an e-Government strategy formulation process. With the developed framework, the evaluation process of the design science research commences, seeking to determine the utility of the framework (suitability and shortcomings). The framework is applied to the procedural formulation of a strategy for a tentative e-Government project called MobiSAM, which aims to enhance citizen engagement with local government through the use of mobile phones. The strategy formulation application process in the project environment and local government reveals lessons that inform revisions to the framework. The e-Government strategy formulation framework, therefore represents a fundamental tool for e-Government strategy development in local municipalities, and may be customized to fit the requirements of varying local municipalities. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2017
- Full Text:
- Date Issued: 2017
A personality-based behavioural model: Susceptibility to phishing on social networking sites
- Authors: Frauenstein, Edwin Donald
- Date: 2021-10-29
- Subjects: Phishing , Social networks , Personality , Self-presentation in mass media , Internet fraud , Internet users Habits and behavior , Big Five model , Human information processing , Heuristic-Systematic Model (HSM)
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/190306 , vital:44982 , 10.21504/10962/190306
- Description: The worldwide popularity of social networking sites (SNSs) and the technical features they offer users have created many opportunities for malicious individuals to exploit the behavioral tendencies of their users via social engineering tactics. The self-representation and social interactions on SNSs encourage users to reveal their personalities in a way which characterises their behaviour. Frequent engagement on SNSs may also reinforce the performance of certain activities, such as sharing and clicking on links, at a “habitual” level on these sites. Subsequently, this may also influence users to overlook phishing posts and messages on SNSs and thus not apply sufficient cognitive effort in their decision-making. As users do not expect phishing threats on these sites, they may become accustomed to behaving in this manner which may consequently put them at risk of such attacks. Using an online survey, primary data was collected from 215 final-year undergraduate students. Employing structural equation modelling techniques, the associations between the Big Five personality traits, habits and information processing were examined with the aim to identify users susceptible to phishing on SNSs. Moreover, other behavioural factors such as social norms, computer self-efficacy and perceived risk were examined in terms of their influence on phishing susceptibility. The results of the analysis revealed the following key findings: 1) users with the personality traits of extraversion, agreeableness and neuroticism are more likely to perform habitual behaviour, while conscientious users are least likely; 2) users who perform certain behaviours out of habit are directly susceptible to phishing attacks; 3) users who behave out of habit are likely to apply a heuristic mode of processing and are therefore more susceptible to phishing attacks on SNSs than those who apply systematic processing; 4) users with higher computer self-efficacy are less susceptible to phishing; and 5) users who are influenced by social norms are at greater risk of phishing. This study makes a contribution to scholarship and to practice, as it is the first empirical study to investigate, in one comprehensive model, the relationship between personality traits, habit and their effect on information processing which may influence susceptibility to phishing on SNSs. The findings of this study may assist organisations in the customisation of an individual anti-phishing training programme to target specific dispositional factors in vulnerable users. By using a similar instrument to the one used in this study, pre-assessments could determine and classify certain risk profiles that make users vulnerable to phishing attacks. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2021
- Full Text:
- Date Issued: 2021-10-29
- Authors: Frauenstein, Edwin Donald
- Date: 2021-10-29
- Subjects: Phishing , Social networks , Personality , Self-presentation in mass media , Internet fraud , Internet users Habits and behavior , Big Five model , Human information processing , Heuristic-Systematic Model (HSM)
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/190306 , vital:44982 , 10.21504/10962/190306
- Description: The worldwide popularity of social networking sites (SNSs) and the technical features they offer users have created many opportunities for malicious individuals to exploit the behavioral tendencies of their users via social engineering tactics. The self-representation and social interactions on SNSs encourage users to reveal their personalities in a way which characterises their behaviour. Frequent engagement on SNSs may also reinforce the performance of certain activities, such as sharing and clicking on links, at a “habitual” level on these sites. Subsequently, this may also influence users to overlook phishing posts and messages on SNSs and thus not apply sufficient cognitive effort in their decision-making. As users do not expect phishing threats on these sites, they may become accustomed to behaving in this manner which may consequently put them at risk of such attacks. Using an online survey, primary data was collected from 215 final-year undergraduate students. Employing structural equation modelling techniques, the associations between the Big Five personality traits, habits and information processing were examined with the aim to identify users susceptible to phishing on SNSs. Moreover, other behavioural factors such as social norms, computer self-efficacy and perceived risk were examined in terms of their influence on phishing susceptibility. The results of the analysis revealed the following key findings: 1) users with the personality traits of extraversion, agreeableness and neuroticism are more likely to perform habitual behaviour, while conscientious users are least likely; 2) users who perform certain behaviours out of habit are directly susceptible to phishing attacks; 3) users who behave out of habit are likely to apply a heuristic mode of processing and are therefore more susceptible to phishing attacks on SNSs than those who apply systematic processing; 4) users with higher computer self-efficacy are less susceptible to phishing; and 5) users who are influenced by social norms are at greater risk of phishing. This study makes a contribution to scholarship and to practice, as it is the first empirical study to investigate, in one comprehensive model, the relationship between personality traits, habit and their effect on information processing which may influence susceptibility to phishing on SNSs. The findings of this study may assist organisations in the customisation of an individual anti-phishing training programme to target specific dispositional factors in vulnerable users. By using a similar instrument to the one used in this study, pre-assessments could determine and classify certain risk profiles that make users vulnerable to phishing attacks. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2021
- Full Text:
- Date Issued: 2021-10-29
Outcome and impact assessment in the comprehensive evaluation of rural ICT projects in developing countries
- Mtkoko, Hafeni Tulimewawa Wilhelmina Lyatenda
- Authors: Mtkoko, Hafeni Tulimewawa Wilhelmina Lyatenda
- Date: 2017
- Subjects: Uncatalogued
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/64483 , vital:28548 , DOI 10.21504/10962/64483
- Description: Despite existing literature that indicates that Information and communication technologies (ICTs) act as tools for social change and development, there is still limited empirical evidence that demonstrates this. An outcome and impact assessment based on a comprehensive (holistic) evaluation is deemed appropriate at a time when many ICT4D programmes fail to effectively demonstrate their impact towards rural development. A comprehensive evaluation is one that incorporates the evaluation of the need, design, implementation, outcome and impact, efficiency, and scalability of a programme. These stages make up the different domains of an evaluation lifecycle. The following study aims to develop an outcome and impact assessment framework for ICT4D programmes. It forms part of continuous research associated with the development of a rural ICT Comprehensive Evaluation framework. A theoretical approach, using Design Science and Weick’s theorizing process, was applied to investigate the development of a framework (design artefact) for outcome and impact assessment of ICT4D programmes. The theorizing process analysed existing outcome and impact assessment frameworks from social programmes, information systems/technology programmes, and ICT4D programmes. The output of the theorizing process proposes five critical themes of outcome and impact assessment of rural ICT4D programmes that should be assessed. These themes include: Strategic Value, Most Significant Change, Empowerment, Livelihoods, and Sustainability. To assess its utility, the framework was implemented in the Siyakhula Living Lab and Information and Communication Technology for Rural Education (ICT4RED) projects in South Africa. Through the application of the framework in real life ICT4D contexts, the lessons learned contributed to its revision and enhancement. The proposed framework aims to guide evaluators through the assessment of outcomes and impacts in ICT4D programmes. It provides a foundation and justification for the selected outcome and impact assessment themes that contribute to a comprehensive evaluation. An outcome and impact assessment that is informed by: baseline; needs assessment; programme theory assessment; and process assessment data, provides ICT4D evaluators and project stakeholders with meaningful outcome and impact feedback. Having such an approach to outcome and impact assessment ensures that the evaluation process is seen more holistically as part of the ICT4D project as a whole. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2017
- Full Text:
- Date Issued: 2017
- Authors: Mtkoko, Hafeni Tulimewawa Wilhelmina Lyatenda
- Date: 2017
- Subjects: Uncatalogued
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/64483 , vital:28548 , DOI 10.21504/10962/64483
- Description: Despite existing literature that indicates that Information and communication technologies (ICTs) act as tools for social change and development, there is still limited empirical evidence that demonstrates this. An outcome and impact assessment based on a comprehensive (holistic) evaluation is deemed appropriate at a time when many ICT4D programmes fail to effectively demonstrate their impact towards rural development. A comprehensive evaluation is one that incorporates the evaluation of the need, design, implementation, outcome and impact, efficiency, and scalability of a programme. These stages make up the different domains of an evaluation lifecycle. The following study aims to develop an outcome and impact assessment framework for ICT4D programmes. It forms part of continuous research associated with the development of a rural ICT Comprehensive Evaluation framework. A theoretical approach, using Design Science and Weick’s theorizing process, was applied to investigate the development of a framework (design artefact) for outcome and impact assessment of ICT4D programmes. The theorizing process analysed existing outcome and impact assessment frameworks from social programmes, information systems/technology programmes, and ICT4D programmes. The output of the theorizing process proposes five critical themes of outcome and impact assessment of rural ICT4D programmes that should be assessed. These themes include: Strategic Value, Most Significant Change, Empowerment, Livelihoods, and Sustainability. To assess its utility, the framework was implemented in the Siyakhula Living Lab and Information and Communication Technology for Rural Education (ICT4RED) projects in South Africa. Through the application of the framework in real life ICT4D contexts, the lessons learned contributed to its revision and enhancement. The proposed framework aims to guide evaluators through the assessment of outcomes and impacts in ICT4D programmes. It provides a foundation and justification for the selected outcome and impact assessment themes that contribute to a comprehensive evaluation. An outcome and impact assessment that is informed by: baseline; needs assessment; programme theory assessment; and process assessment data, provides ICT4D evaluators and project stakeholders with meaningful outcome and impact feedback. Having such an approach to outcome and impact assessment ensures that the evaluation process is seen more holistically as part of the ICT4D project as a whole. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2017
- Full Text:
- Date Issued: 2017
The role of optimism bias in susceptibility to phishing attacks in a financial services organisation
- Authors: Owen, Morné
- Date: 2023-03-31
- Subjects: Mixed methods research , Phishing , Optimism bias , Information security , Information storage and retrieval systems Financial services industry , Risk perception
- Language: English
- Type: Academic theses , Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/419257 , vital:71629 , DOI 10.21504/10962/419257
- Description: Researchers looking for ways to change the insecure behaviour that results in successful phishing have considered multiple possible reasons for such behaviour. Therefore, the purpose of this study is to understand the role of optimism bias (OB – defined as a cognitive bias), which characterises overly optimistic or unrealistic individuals, in order to ensure secure behaviour. Research is considered that has focused on issues such as personality traits, trust, attitude and information security awareness training (ISAT). We used a mixed methods design to investigate OB behaviour, building on a recontextualised version of the theory of planned behaviour to evaluate the influence that OB has on phishing susceptibility. To model the data, an analysis was performed on 226 survey responses (systematic random sampling method) from the employees of a financial services organisation using partial least squares (PLS) path modelling. To evaluate OB behaviour, we conducted an experiment consisting of three ISAT sessions and three simulated phishing attacks. After each phishing experiment, we conducted interviews to gain a better understanding of why people succumbed to the attacks. It was subsequently found that overly optimistic individuals are inclined to behave insecurely, while factors such as attitude and trust significantly influence the intention to behave securely. Our contribution to practice is to enhance the effectiveness of ISAT by identifying and addressing the OB weakness to deliver a more successful training outcome. Our contribution to theory enriches the Information Systems literature by evaluating the effect of a cognitive bias on phishing susceptibility and, through research, offering a contextual explanation of the resultant behaviour. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2023 , Navorsers op soek na ‘n antwoord om onveilige gedrag te verander wat lei na uitvissing het verskeie moontlike redes oorweeg vir sulke gedrag. Daarom is die doel van hierdie verhandeling om die rol van optimistiese vooroordeel (OB - gedefinieer as 'n kognitiewe vooroordeel) te verstaan, wat te optimistiese of onrealistiese individue kenmerk om veilige gedrag te verseker. Navorsing was oorweeg wat gefokus het op kwessies soos persoonlikheidseienskappe, vertroue, gesindheid en inligtingsekuriteitsbewustheidsopleiding (ISAT). Die navorser het gemengde metodes gebruik om OB-gedrag te ondersoek. Daar was voortgebou op 'n gerekontekstualiseerde weergawe van die theory of planned behaviour om die invloed wat OB op uitvissing-vatbaarheid het, te evalueer. Om die data te modelleer, is 'n analise gedoen waar 226 opname antwoorde verkry is van 'n finansiële dienste organisasie en is partial least squares (PLS) path modelling gebruik. Om OB-gedrag te evalueer, het ons 'n eksperiment uitgevoer wat bestaan uit drie ISAT-sessies en drie gesimuleerde uitvissing-aanvalle. Na elke uitvissing-eksperiment het ons onderhoude gevoer om 'n beter begrip te kry waarom mense aan die aanvalle geswig het. Te optimistiese individue is geneig om onveilig op te tree, terwyl faktore soos gesindheid en vertroue die voorneme om veilig op te tree, aansienlik beïnvloed het. Die studie se bydrae tot die praktyk is om die doeltreffendheid van ISAT te verbeter deur die OBswakheid te identifiseer en aan te spreek om 'n meer suksesvolle opleidingsuitkoms te lewer. Verder verryk die studie die Inligtingstelsels-literatuur deur die effek van 'n kognitiewe vooroordeel op uitvissing-vatbaarheid te evalueer en deur navorsing bied dit 'n kontekstuele verduideliking van die gevolglike gedrag.
- Full Text:
- Date Issued: 2023-03-31
The role of optimism bias in susceptibility to phishing attacks in a financial services organisation
- Authors: Owen, Morné
- Date: 2023-03-31
- Subjects: Mixed methods research , Phishing , Optimism bias , Information security , Information storage and retrieval systems Financial services industry , Risk perception
- Language: English
- Type: Academic theses , Doctoral theses , text
- Identifier: http://hdl.handle.net/10962/419257 , vital:71629 , DOI 10.21504/10962/419257
- Description: Researchers looking for ways to change the insecure behaviour that results in successful phishing have considered multiple possible reasons for such behaviour. Therefore, the purpose of this study is to understand the role of optimism bias (OB – defined as a cognitive bias), which characterises overly optimistic or unrealistic individuals, in order to ensure secure behaviour. Research is considered that has focused on issues such as personality traits, trust, attitude and information security awareness training (ISAT). We used a mixed methods design to investigate OB behaviour, building on a recontextualised version of the theory of planned behaviour to evaluate the influence that OB has on phishing susceptibility. To model the data, an analysis was performed on 226 survey responses (systematic random sampling method) from the employees of a financial services organisation using partial least squares (PLS) path modelling. To evaluate OB behaviour, we conducted an experiment consisting of three ISAT sessions and three simulated phishing attacks. After each phishing experiment, we conducted interviews to gain a better understanding of why people succumbed to the attacks. It was subsequently found that overly optimistic individuals are inclined to behave insecurely, while factors such as attitude and trust significantly influence the intention to behave securely. Our contribution to practice is to enhance the effectiveness of ISAT by identifying and addressing the OB weakness to deliver a more successful training outcome. Our contribution to theory enriches the Information Systems literature by evaluating the effect of a cognitive bias on phishing susceptibility and, through research, offering a contextual explanation of the resultant behaviour. , Thesis (PhD) -- Faculty of Commerce, Information Systems, 2023 , Navorsers op soek na ‘n antwoord om onveilige gedrag te verander wat lei na uitvissing het verskeie moontlike redes oorweeg vir sulke gedrag. Daarom is die doel van hierdie verhandeling om die rol van optimistiese vooroordeel (OB - gedefinieer as 'n kognitiewe vooroordeel) te verstaan, wat te optimistiese of onrealistiese individue kenmerk om veilige gedrag te verseker. Navorsing was oorweeg wat gefokus het op kwessies soos persoonlikheidseienskappe, vertroue, gesindheid en inligtingsekuriteitsbewustheidsopleiding (ISAT). Die navorser het gemengde metodes gebruik om OB-gedrag te ondersoek. Daar was voortgebou op 'n gerekontekstualiseerde weergawe van die theory of planned behaviour om die invloed wat OB op uitvissing-vatbaarheid het, te evalueer. Om die data te modelleer, is 'n analise gedoen waar 226 opname antwoorde verkry is van 'n finansiële dienste organisasie en is partial least squares (PLS) path modelling gebruik. Om OB-gedrag te evalueer, het ons 'n eksperiment uitgevoer wat bestaan uit drie ISAT-sessies en drie gesimuleerde uitvissing-aanvalle. Na elke uitvissing-eksperiment het ons onderhoude gevoer om 'n beter begrip te kry waarom mense aan die aanvalle geswig het. Te optimistiese individue is geneig om onveilig op te tree, terwyl faktore soos gesindheid en vertroue die voorneme om veilig op te tree, aansienlik beïnvloed het. Die studie se bydrae tot die praktyk is om die doeltreffendheid van ISAT te verbeter deur die OBswakheid te identifiseer en aan te spreek om 'n meer suksesvolle opleidingsuitkoms te lewer. Verder verryk die studie die Inligtingstelsels-literatuur deur die effek van 'n kognitiewe vooroordeel op uitvissing-vatbaarheid te evalueer en deur navorsing bied dit 'n kontekstuele verduideliking van die gevolglike gedrag.
- Full Text:
- Date Issued: 2023-03-31
- «
- ‹
- 1
- ›
- »