Books by Gurpreet Dhillon
Papers by Gurpreet Dhillon
Springer Series in Supply Chain Management
Web Data Mining and Applications in Business Intelligence and Counter-Terrorism
Any occurrence of an information security breach is a matter of grave concern for an organization... more Any occurrence of an information security breach is a matter of grave concern for an organization and often leads to disastrous consequences. Organizations, however, tend to deal with security breaches in a reactive manner, building on short-term solutions rather than identifying long-term options. It is therefore important to identify and consider a range of issues related to data and information security that should form the basis for any protection strategy. The papers in this special issue are a step in that direction. The first paper in the ...
Designing for a Digital and Globalized World
Journal of Business Research
The Electronic Journal of Information Systems in Developing Countries
Enormous and dramatically swift changes in Information Technology (IT) and Information Systems (I... more Enormous and dramatically swift changes in Information Technology (IT) and Information Systems (IS) have created a global economy on an unprecedented scale, one that is perhaps much more pervasive than many had previously anticipated. The speed of this change has caught many companies as well as IT professionals by surprise. Many companies have had to undergo rapid restructuring to face new challenges and to take advantage of new opportunities, while IT professionals have had to concern themselves with a wide variety of hitherto unfamiliar concerns and issues, including those involving culture, ethics, intellectual property, and computer crime.
Decision Sciences
Threats to the individual identity on social media are real and problematic. Yet, there is a pauc... more Threats to the individual identity on social media are real and problematic. Yet, there is a paucity of research on online identity management. We posit that identity management on social media requires a value perspective to determine gaps between what social media users want from online identity management and what social media sites offer through their current security and privacy controls. Following the design science research paradigm, we present an Identity Management Value Model (IMVM). Based on multiple-objectives decision analysis technique, the value model explicates a hierarchy of fundamental identity management objectives and quantifies the achievement of objectives on a social media site. The emergent value scores and value gaps provide an understanding of how well a social media site manages users online identity. We demonstrate the application of the value model for Facebook and assess a set of measures to reduce the value gaps on Facebook. We conducted sensitivity analysis followed by deterministic analysis to evaluate the value model. The evaluation results indicate that the modeling outcome is robust to a range of individual values and preferences. By focusing on individual values, this study extends the research on values in the context of identity management on social media. Social media companies might find the model useful for instituting identity management measures. Individual users could use the model for strategizing about personal identity management. Our study also demonstrates the usefulness of a retrospective design approach, accounting for user values in a principled and comprehensive manner. [
Communications of the Association for Information Systems
Concerns about information security and privacy continue to make headlines in the media and pose ... more Concerns about information security and privacy continue to make headlines in the media and pose serious challenges to business. While there are many good practices that an organization can adopt to manage information security and privacy, there are also underlying areas of contention about the protection of personal information in a digital environment. This ICIS panel considered three challenges facing businesses in developing effective strategies for information security and privacy-innovating with personal information, building robust governance models, and connecting security and privacy with business goals. In the process, the panel brought together a range of research disciplines and senior business representatives to critique current practice and develop a future research agenda.
Communications of the Association for Information Systems
A number of well-documented, fundamental assumptions are associated with strategic information sy... more A number of well-documented, fundamental assumptions are associated with strategic information systems planning (SISP). A core activity for this domain is the alignment of an organisations systems and technology strategy with its business objectives. The difficulty is the complex and diverse nature of the strategy process itself that renders such a match increasingly problematic. The evidence within the literature relating to SISP suggests that it does not fully mirror contemporary business strategy and contains some fundamentally incorrect assumptions. This paper identifies eight such assumptions that propose a number of challenges for future research directions. Case examples are also presented which reflect the issues posed for exploiting the value of Information Technology (IT) as a strategic opportunity given the approaches adopted for SISP. Finally, a number of challenges to SISP are noted which relate to identified categories, through an 'IS complexity framework', of reviewing benefits, managing business change, and assessing organisational competencies for sustainable competitive advantage.
Communications of the Association for Information Systems
The importance of culture in helping explain and understand behavior is generally accepted. Schol... more The importance of culture in helping explain and understand behavior is generally accepted. Scholars in the area of information security have argued that security culture is a key factor in safeguarding information assets. Scholars in the area of professional culture have argued that differences in cultures across professions must be accounted for, in correctly assessing the influence of culture. Combining these arguments, we suggest that differences in security cultures across professions need to be examined to fully comprehend the influences of security culture. This study utilizes a qualitative approach to further the understanding of information security cultures across four professions: Information Systems, Accounting, Human Resources, and Marketing. The concept of security culture is articulated, and the security cultures of the four professions are characterized to demonstrate that there are significant variations in security culture across these professions, when the professions are examined independent of organizations.
Computers in Human Behavior
Prior research has found trust to play a significant role in shaping purchase intentions of a con... more Prior research has found trust to play a significant role in shaping purchase intentions of a consumer. However there has been limited research where consumer trust dimensions have been empirically defined and tested. In this paper we empirically test a path model such that Internet vendors would have adequate solutions to increase trust. The path model presented in this paper measures the three main dimensions of trust, i.e. competence, integrity, and benevolence. And assesses the influence of overall trust of consumers. The paper also analyses how various sources of trust, i.e. consumer characteristics, firm characteristic, website infrastructure and interactions with consumers, influence dimensions of trust. The model is tested using 365 valid responses. Findings suggest that consumers with high overall trust demonstrate a higher intention to purchase online.
KINERJA, 2017
Studi ini meneliti pembentukan kebijakan keamanan pada sebuah bank di Indonesia dengan menggunaka... more Studi ini meneliti pembentukan kebijakan keamanan pada sebuah bank di Indonesia dengan menggunakan teori institusional dan struktural sebagai kerangka teoritis. Penelitian mengenai keamanan sistem informasipada umumnya kurang memperhatikan aspek-aspek sosial dalam perancangan dan pelaksanaan kebijakan keamanan. Penelitian ini menggunakan studi kasus dengan sebuah bank pemerintah di Indonesia sebagai unit analisis. Kasus ini dipilih karena terjadinya peristiwa penjebolan sistem keamanan pada saat penelitian ini dilakukan. Studi kasus ini membahas mengenai bagaimana kebijakan keamanan dibentuk dan pelajaran penting apa saja yang dapat ditarik dari sudut pandang teori institusional dan stukturasi. Hasil penelitian ini menunjukkan peranan penting dari sebuah desain sistem yang baik dan bagaimana faktor-faktor sosial dan politik dipertimbangkan ketika merencanakan kebijakan keamanan. Kontribusi yang diberikan oleh hasil penelitian ini,antara lain adalah, menunjukkan bagaimana teor...
Journal of Information Systems Education, 2009
Abstract: In the information systems field there are numerous programming languages that can be u... more Abstract: In the information systems field there are numerous programming languages that can be used in specifying the behavior of concurrent and distributed systems. In the literature it has been argued that a lack of pragmatic and semantic consideration decreases the effectiveness of such specifications. In other words, to simply understand the syntactic features of a programming language alone does not provide an adequate foundation for students, programmers and designers to learn or to create robust and efficient programs. ...
ABSTRACT This book, now its second edition, covers an interesting range of topic areas. These inc... more ABSTRACT This book, now its second edition, covers an interesting range of topic areas. These include cyber stalking, cyber fraud and abuse; denial of services; cyber espionage; cryptography, security policies; cyber terrorism; cyber detection and forensics. Ethical and intellectual property issues are also discussed. The book culminates with case studies. Cases allow students to apply and contextualize the concepts. Management of cyber security is challenging. Cyber security professionals tend to take a rather skewed approach in dealing with security issues. Clearly there is no right or wrong path to choose. An exclusive reliance on technical measures ignores the governance aspects that are so important. Incorporating governance may result in ignoring the cultural and normative issues. It is usually not about choosing one over the other. It is about defining a holistic perspective to management of cyber security.
Communications of the Acm, Dec 1, 2003
While e-commerce has not changed the basic nature of the commercial transaction, a trust gap has ... more While e-commerce has not changed the basic nature of the commercial transaction, a trust gap has developed in business-to-consumer (B2C) e-commerce transactions. This trust gap centers primarily on the privacy of personally identifiable information, such as name, address, and so forth, that is an essential element of B2C transactions. A Forrester research survey suggests that while US business-to-consumer (B2C) e-commerce sales are likely to exceed $100 billion by 2002, sales were reduced by some $3 billion because of privacy ...
Uploads
Books by Gurpreet Dhillon
Papers by Gurpreet Dhillon