Leadership by Example in e-Government Security Management System

Print
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Authors:
Dyana Zainudin, Thaier Hamid, Atta Ur-Rahman
10.5120/ijca2016910239

Dyana Zainudin, Thaier Hamid and Atta Ur-Rahman. Leadership by Example in e-Government Security Management System. International Journal of Computer Applications 144(4):10-17, June 2016. BibTeX

@article{10.5120/ijca2016910239,
	author = {Dyana Zainudin and Thaier Hamid and Atta Ur-Rahman},
	title = {Leadership by Example in e-Government Security Management System},
	journal = {International Journal of Computer Applications},
	issue_date = {June 2016},
	volume = {144},
	number = {4},
	month = {Jun},
	year = {2016},
	issn = {0975-8887},
	pages = {10-17},
	numpages = {8},
	url = {http://www.ijcaonline.org/archives/volume144/number4/25166-2016910239},
	doi = {10.5120/ijca2016910239},
	publisher = {Foundation of Computer Science (FCS), NY, USA},
	address = {New York, USA}
}

Abstract

e-Government is getting advance in targeting efficient services to citizens, hence, information security becomes an important asset to the national entities. Information security maturity level by Von Solms is theoretically has improved from technical to governance wave. However, a problem exists when theory does not align with the current practice because practically, the employees’ mind-set is still in technical wave and organisations’ strategy partially involve governance wave especially a leadership context. These can also be found by a previous contribution made by Zakaria studies, he describes a leadership stays under the manager’s responsibilities. His study is a continuation of a Schein’s organisation culture. Schein defines culture with three layers of values, observable and assumption, in additions Zakaria has improvised into security culture becomes security value, observable and assumption. However, manager’s responsibilities stay under management wave; meanwhile, governance wave involves top management. Thus, the composition explores a ‘leadership-by-example’ in e-Government security management system in order to come out with a model of key-factors to line up with governance wave. In order to develop a ‘leadership-by-example’ concept in the e-Government management system, the authors guide the study with four objectives and are achieved in different sections. The authors concluded an empirical study by critically reviewing previous literatures that are achieved in section 2, and followed by evaluation of leaders’ strategy on information security development and its implementation and distribution to employees which described in section 4. Findings from the study show an inappropriate strategy of leadership concept in the organisations creates lack of motivation to employees which can be a cause of incidents by insiders. Inappropriate strategy of leadership concept is due to incompatible security leadership and unorganised security structure. Therefore, the study contributes a model of key-factors contains of 3Ps includes ‘People’, ‘Process’ and ‘Product’ to guide on the concept of ‘leadership-by-example’ in managing information security management system systematically.

References

  1. Alhabshi, 2008. eGovernment in Malaysia. eGovernment in Malaysia, Volume 18, pp. 1-16.
  2. Cerny, P., 2010. Rethinking World Politics: A Theory of Transnational Neopluralism. 1st ed. Oxford: Oxford Scholarship Online.
  3. Dyana Zainudin, A. U.-R. a. B. H., 2014. An Analysis of Top Management Change on Information Security Management System. Asian Journal of Computer and Information Systems , 2(6), pp. 177-181.
  4. Dyana Zainudin, A. U.-R., 2015. The Impact of the Leadership Role on Human Failures in the Face of Cyber Threats. Journal of Information System Security, 11(2), p. 89–109.
  5. Gams, A. P. a. M., 2000. E-commerce Intelligent Agents. [Online] Available at: http://dis.ijs.si/Sandi/docs/ECIAgents.pdf[Accessed 26 April 2016].
  6. Hamid, Thaier KA. "Attack graph approach to dynamic network vulnerability analysis and countermeasures." (2014).
  7. IT Governance Institute. (2006). Information Security Governance: Guidance for Boards of Directors and Executive Management Guidance for Boards of Directors and Executive Management (2nd Editio.). United States of America: IT Governance Institute.
  8. Karokola, G. R., 2012. A Framework for Securing e-Government, Sweden: Department of Computer and Systems Sciences.
  9. Martinez-Moyano, J. R. G.-G. a. I. J., 2007. Understanding the evolution of e-government: The influence of systems of rules on public sector dynamics. Government Information Quarterly, 24(2), pp. 266-290.
  10. Nicolescu, O. (2009). Methods and Techniques Specific to Human Resource Management. Review of International Comparative Management, 10(1), 5–18.
  11. Ramli, 2012. Malaysian eGovernment: Issues and Challenges in Public. Department of Politics, Philosophy & Religion, Lancaster University, UK, Volume 48.5, pp. 1-5.
  12. Schein, E. H., 1992. Organisational Culture and Leadership. 3rd ed. San Francisco: Jossey-Bass.
  13. Shenkir, W. G., & Walker, P. L. (2007). Enterprise Risk Management: Tools and techniques for effective implementation. Institute of Management Accountants, 1–31.
  14. Stephen Smith, D. B. a. V. P., 2006. Does Agency Size Affect IS Security Compliance. Wales, UK, The Tenth Pacific Asia Conference on Information Systems (PACIS 2006).
  15. Von Solms, B. (2006). Information Security - The Fourth Wave. Computers and Security, 25(3), 165–168. doi:10.1016/j.cose.2006.03.004
  16. Zakaria, O., 2007. Investigating information security culture challenges in a public sector ogranisation: a Malaysian case, London: University of London.
  17. Zulhuda, 2011. The State of eGovernment Security in Malaysia.

Keywords

e-Government, information security, leadership, information security culture, human factor, cyber threats, risk management.