Permanent URI for this collection
Browse
Recent Submissions
Publication An investigation into time pressure, group cohesion and decision making in software development groups(Australasia Conference on Information Systems (ACIS), 2014-12-04) Lohan, Garry; Acton, Thomas; Conboy, KieranTwo of the key themes in contemporary ISD literature are (i) how to build and release systems in shorter time frames and (ii) how to enable work group to build systems in a cohesive manner. This is reflected by today s predominant contemporary ISD methods such as agile, their distinguishing feature being an explicit emphasis on continuous, timely releases and facilitating effective group collaboration and communication. In a survey of 119 software developers we explore the effects of time pressure and group cohesion on the decision quality of the development groups. Our results demonstrate how time pressure and group cohesion both impact the decision-making quality of ISD groups, with group cohesion having the greater influence.Publication A survey of cyberbullying amongst students in Ireland's higher education sector(International Association for Development of the Information Society, 2015-10-26) Doherty, Clare; Lang, MichaelCyberbullying is an extension of traditional bullying where victims are harassed via the internet or mobile phones. This study investigated the victims’ experiences of cyberbullying including the prevalence, type and effects of cyberbullying of students in higher education (third level) in Ireland, as well as how students can partake safely online with strategies which can help prevent further cyberbullying cases. Participants were 415 students from nine different Irish third level institutions. Results indicated that 15% of respondents were cyberbullied with a mobile phone being the medium most used to cyberbully. Victims mainly did not tell others about their experience due to their embarrassment. 20% of those who were cyberbullied have attempted to self-harm and/or take their own life.Publication Investigation of employee security behaviour: A grounded theory approach(Springer, 2015-05-09) Connolly, Lena; Lang, Michael; Tygar, Doug J.At a time of rapid business globalisation, it is necessary to understand employee security behaviour within diverse cultural settings. While general deterrence theory has been extensively used in Behavioural Information Security research with the aim to explain the effect of deterrent factors on employees’ security actions, these studies provide inconsistent and even contradictory findings. Therefore, a further examination of deterrent factors in the security context is required. The aim of this study is to contribute to the emerging field of Behavioural Information Security research by investigating how a combination of security countermeasures and cultural factors impact upon employee security behaviour in organisations. A particular focus of this project is to explore the effect of national culture and organisational culture on employee actions as regards information security. Preliminary findings suggest that organisational culture, national culture, and security countermeasures do have an impact upon employee security behaviour.Publication The effect of organisational and national culture on employee security behaviour: A qualitative study(Centre for Security, Communications & Network Research, Plymouth University, 2016-07) Connolly, Lena Yuryna; Lang, Michael; Tygar, Doug J.An increasing number of information security breaches in organisations presents a serious threat to the confidentiality of personal and commercially sensitive data. Recent research shows that humans are the weakest link in the security chain and the root cause of a great portion of security breaches. This paper draws on prior research on organisational culture to examine how cultural factors affect employee security behaviour. Data for this research project were collected in 15 organisations in the United States and Ireland through qualitative interviews. Our findings demonstrate that organisational culture values of solidarity and people-orientation promote information security compliance, while sociability and taskorientation have a negative effect on employee security behaviour.Publication The impact of procedural security countermeasures on employee security behaviour: A qualitative study(Association for Information Systems (AIS), 2017-09-08) Connolly, Alena Yuryna; Lang, Michael; Tygar, Doug J.The growing number of information security breaches in organisations presents a serious risk to the confidentiality of personal and commercially sensitive data. Current research studies indicate that humans are the weakest link in the information security chain and the root cause of numerous security incidents in organisations. Based on literature gaps, this study investigates how procedural security countermeasures tend to affect employee security behaviour. Data for this study was collected in organisations located in the United States and Ireland. Results suggest that procedural security countermeasures are inclined to promote security-cautious behaviour in organisations, while their absence tends to lead to non-compliant behaviour.Publication Insights from preliminary analysis of online classroom chat logs during the COVID-19 pandemic(Association for Information Systems (AIS), 2021-12-16) Lang, MichaelThis work-in-progress practice paper reports on the experiences of using Microsoft Teams to teach a large postgraduate class on database systems during the 2020/’21 academic year, under conditions when students and lecturers were in an enforced societal lock-down because of the COVID-19 pandemic. The class was made up of 167 students of 12 different nationalities from diverse backgrounds. Determined efforts were made to create an interactive online classroom experience through the use of quizzes, practical demonstrations, worked examples, and live discussion. The chat feature of Microsoft Teams was extensively used by students to pose and answer questions, as well as to communicate with each other outside of class time. An analysis of the chat log files is presented, looking at how factors such as gender and national culture influenced behaviour, and also looking at how participation in the chat impacted upon the sense of belonging and overall performance.Publication Assessing database development skills using an on-line MCQ: Reflections on test design and academic integrity(Editorial Universitat Politècnica de València, 2021-06-23) Lang, MichaelThis paper reports on the experiences of assessing a large postgraduate module in Database Systems using an on-line MCQ test under COVID-19 conditions with no remote proctoring. While the technology and the “higher order thinking” assessment worked well, analysis of response patterns suggested that, despite the use of randomised questions, time pressure and an honour pledge, a substantial number of students formed mini-networks during the test and colluded with each other to discuss the answers. No differences by gender or age were observed as regards tendency to engage in this behaviour, and domestic students were just as likely as international students to do it. Notably, domestic and international students seemed to stay apart, colluding almost exclusively with others of their own nationality.Publication Using data analytics to detect possible collusion in a multiple choice quiz test(Springer, 2021-08-25) Lang, MichaelThis paper reports on the experiences of using an on-line MCQ test to assess students’ knowledge for a postgraduate module. Because of the COVID-19 pandemic, the test was taken in a remote non-proctored environment. Although it was executed under timed conditions with students seeing questions in a randomised order, algorithmic analysis of the response patterns suggests that collusion occurred during the test. Practical implications for assessment design and administration are discussed.Publication Heat maps from decision flaps - What we see and what we think(Association for Information Systems (AIS), 2021-09-10) Barry, Chris; Hogan, Mairéad; Lang, MichaelThis research study observes how consumers are influenced by the design of decision constructs encountered during the online transactional process. The default values of decision constructs and how decisions are framed, set out the scope of the analysis. A multimethod approach is taken to examine error rates and attitudes of users when making microdecisions. Eye tracking technology and Cued RTA interviews were used to gather both quantitative and qualitative data. Powerful techniques, namely heat maps and gaze plots, are used to visualise and inform the discussion. The study found: choice errors abound; consumers dither and vacillate during decision-making, extending dwell times; and that there are gender differences in outcomes.Publication Learning analytics for measuring engagement and academic performance: a case study and future directions(Editorial Universitat Politècnica de València, 2022-06-17) Lang, MichaelThis paper presents an analysis of various metrics of student engagement and academic performance, based on data extracted from a virtual learning environment (VLE) and other supporting technologies. The level of student activity on the VLE, as measured by hours and count of accesses to content areas, was found to be a strong indicator of engagement and impacted the level of performance. Participation in self-regulated optional learning activities was also found to be a strong indicator of engagement, which again impacted students’ scores. As regards gender comparisons, males and females demonstrated different study approaches but there was no difference in performance. Senior (final year) students out-performed sophomore (second year) students, and students on programmes with higher entry bars fared better. Interestingly, students who adopted a steady approach with consistent levels of activity through the semester achieved higher scores than those who procrastinated. The paper concludes with some recommendations on where learning analytics technologies need to go to truly be useful for teachers and students in higher education.Publication Using peer-assisted problem-based learning to develop business systems analysis skills: an experience report(The International Academic Forum (IAFOR), 2022-07-17) Lang, MichaelThis paper reports on the experiences of using peer-assisted problem-based learning (PAPBL) in a very large class of postgraduate students for an assignment spanning two complementary modules (Database Technologies and Systems Analysis). Students worked in teams of three. They were provided with a realistic business case study and required to generate data flow diagrams, UML diagrams, a fully normalised entity-relationship model, and SQL code to build the database. All teams were required to provide peer feedback on the draft solutions of two other teams, and in their final submission to explain how (or why not) they modified their work in response to peer suggestions. Each individual student was also required to write a reflection piece about their experience of working in a team and of receiving peer feedback. Additionally, they were asked to complete a survey seeking opinions on how PAPBL helped them to develop study skills, build confidence, make learning more enjoyable, clarify understanding of fundamental and complex concepts, consider and value the perspectives of others, and gain practical skills. Student feedback on the effectiveness of the lecturers in guiding the process was also sought. Quantitative and qualitative findings based on analysis of students’ experiences are presented, further backed up by the lecturers’ reflections on what worked well and what did not.Publication Discovering sense of community enabling factors for public and government staff in online public engagement(Springer, Cham, 2021-08-31) O'Brien, Ann; Golden, William; Scott, MurrayeParticipation has largely not lived up to expectations and government responsiveness to public feedback, provided via eParticipation has proved challenging. In a new conceptualization of the theory of Sense of Community (SoC), this paper explores the dynamics of online government responsiveness, by using dimensions of SoC to identify how those components enable successful interaction from both the perspective of government staff and public users. This study re-ports from two case studies designed to explore these interaction dynamics in online engagement initiatives in Ireland and the UK. The findings enabled the identification of important factors which facilitate successful SoC (for online public interaction) in this domain. Participation for government staff users was particularly associated with their perception of a safe online space. For public users, openness without responsiveness to public feedback was not valued, highlighting the importance of appropriate government responsiveness. The absence of social interactivity was identified as a negative for public users while the presence of social interactivity was identified as a positive for government staff users in the second case study. Overall, this study is the first empirical step to contribute to an understanding of successful social processes in online public engagement. It highlights the utility of examining all four subconstructs of SoC and proposes factors to assist in the identification of critical SoC components in future studies.Publication Contextualising the insider threat: a mixed method study(AIS Electronic Library (AISeL), 2016-12-10) Browne, Sean; Lang, Michael; Golden, WilliamThe insider threat is potentially the most damaging and costly threat to organisations, and while there is a considerable body of literature aimed at understanding this phenomenon, we contend that the theories contained in such literature are most beneficial if they can be utilised in a way that is contextually relevant. Our research, and this paper, is specifically focussed on developing and improving this contextual validity. We find that malicious acts arising from disgruntlement are perceived as very real problems in practice. We also present a current list of non-malicious aberrant behaviours and show how they rank in relative seriousness to one another. Given that the primary motivation for conducting this study is the view that reliance on the traditional conceptualisation of a boundary or perimeter is no longer viable, our essential contribution lies in devising a series of vignettes that empirically reflect this current contextual validity.Publication Cloud security consciousness: a need for realisation in entrepreneurial small firms(AIS Electronic Library (AISeL), 2014-04-09) Browne, Sean; Lang, MichaelCloud computing represents a fundamental shift in the way information services are provided but with its unique architecture comes additional security challenges, many of which are technical in nature. However, the paradigm shift also presents new challenges, which are non-technical and whether or not companies actually consider all of these issues in moving to the cloud is a matter of concern. This paper attempts to elevate the notion of cloud security consciousness (CSC) in the domain of small firms with a goal of introducing a level of innateness into the concept in its practical use. By synthesising CSC with various behavioural theories including coping theory, we seek to place CSC and the coping process at the centre of a security-centric cognitive framework for cloud adoption, while recognising that such coping processes are heavily shaped by both social influence and self-efficacy factors.Publication The insider threat - understanding the aberrant thinking of the rogue" Trusted Agent"(AIS Electronic Library (AISeL), 2015-05-29) Browne, Sean; Lang, Michael; Golden, WilliamA deficiency exists in the Information Systems Security literature because of the paucity of research aimed at understanding the mind of the insider criminal . Much of the academic and popular press focuses on external breaches but the greatest danger to an organisation lurks within. Whatever the motivation, the trusted agent inside the organisation has the potential to do more damage than an anonymous outsider and it is by increasing our understanding of this threat that we will get greater value for our defence efforts. While acknowledging that a significant number of security incidents are attributable to employees, it is important to remember in an organisational context, that simply increasing security controls and sanctions has previously been shown to be counterproductive. Therefore this research-in-progress takes the approach of increasing our understanding of how such offenders think, through a synthesis of Rational Choice Theory, Deterrence Theory, Neutralisation Theory and elements from Criminological Theory. In deliberately prioritising problems that are important in practice and basing our measures on these priorities we will improve on the contextual relevance of previous studies in this area, thereby making a solid contribution to the field.Publication Linking threat avoidance and security adoption: a theoretical model For SMEs(AIS Electronic Library (AISeL), 2015-06-07) Browne, Sean; Lang, Michael; Golden, WillieA deficiency exists in the Information Systems Security literature because of the tendency to regard IT threat avoidance and IT security adoption as separate behaviours. In addressing the deficiency this research in progress focuses on SMEs, for several reasons including their strategic importance globally, the current trend among cybercriminals to conduct more high volume, low risk attacks against weaker targets and also because of the individualistic behavioural patterns in SMEs. Drawing on several well-established behavioural theories, this paper synthesises elements of these theories into a holistic model, with coping theory placed firmly at is centre. This study will make several contributions to the field, initially creating an empirically validated model for behaviours surrounding both avoidance and preventative actions in small firms and also in presenting and prioritising a specific view of the external factors influencing how threats are appraised, assessed and dealt with.Publication Proceedings of the 1st IAIS workshop on Cloud computing research(NUI Galway, 2013-09-27) Clohessy, Trevor; Morgan, L.; Science Foundation Ireland; Hewlett Packard, GalwayNational University of Ireland, Galway is proud to host the first IAIS Workshop on Cloud Computing Research (IWCCR) on Sep 27, 2013. The workshop is supported by the Irish chapter of the Association for Information Systems (IAIS), the Irish Software Engineering Research Centre (Lero) and NUI Galway's Whitaker Institute, and is being jointly delivered by the Business Information Systems discipline and Lero at NUI Galway, and the Cloud Computing Services Innovation Centre at Hewlett-Packard.Publication Enterprise personal analytics: A research agenda(NUI Galway, 2018-08-16) Clohessy, Trevor; Acton, ThomasThere have been increased calls by academics to investigate the individuation of information systems (IS) which has largely gone unnoticed in the IS research discipline. Thus, we focus on an emergent category of analytics which we refer to as enterprise personal analytics which encompasses the concept of organizations enabling their employees to use their individual analytics to manage their digital working lives from descriptive, diagnostic, predictive and prescriptive points of view. This study offers the following theoretical and practical contributions: (1) We present a framework, derived from a detailed review of the personal analytics literature, which consists of various combinations of research stakeholder perspectives and concerns. This framework can be used to guide and coalesce future IS research on enterprise personal analytics. (2) We provide an overview of possible research questions aimed at highlighting how the framework can be used.Publication Smart City as a Service (SCaaS): A future roadmap for e-government smart city cloud computing initiatives(ACM, 2014-11-08) Clohessy, Trevor; Acton, Thomas; Morgan, Lorraine; Science Foundation IrelandThe concept of a smart city has been identified as not only representing a crucible for technological innovation, a medium for realising global integration but also as an exemplar response for addressing current and impending global issues (societal, environmental economic and governance). There is now general consensus that emerging information communication technologies (ICT) such as cloud computing can be deployed as a vehicle for catalysing smart city innovation. There is also evidence to suggest that cloud computing has become a strategic direction for many e-government initiatives as evidenced by the emergence of global government clouds (G Cloud). In this paper, we delineate the concept of a smart city and explore the propitious potential of cloud computing to enable the development of smart cities. We review the current state of art pertaining to a selection of cloud schemes currently being operationalized by international governments aimed at capitalising on the nascent innovation capabilities of the technological paradigm, and present a future research roadmap for cloud facilitated smart city developmentPublication Running while standing still: Rethinking ICT business model decisions for the new cloud economy(AIS Electronic Library (AISeL), 2016-06-20) Clohessy, Trevor; Acton, Thomas; Morgan, Lorraine; Science Foundation IrelandCloud computing has underpinned an accelerated business model evolution for delivering ICT solutions. However, some established business model mature ICT providers are experiencing substantial difficulties related to the formulation of effective business models. Currently, there is dearth of IS research relating to deciphering how large business model mature ICT providers can effectively formalise and sustain competitive cloud enabled business model decisions. Thus, in order to extend the extant research, we derive a conceptual framework as a reference model which is based on business model and decision making theory. We then apply our framework to an in-depth case study of an established large ICT provider (Alpha) who have been provisioning cloud services for the past five years. Our findings reveal how the case organisation are executing their core business model decisions along increasingly specific decision making levels in order to effectively sustain their competitiveness. Our analysis provides new insight into the role of using the business model as a focusing device for enabling the effective provision of cloud technology.