Criminal organizational insider computer abuse (ICA) research has focused on factors that influence either ICA intentions, or actual behavior during the ICA process. However, we argue that this research has not correctly conceptualized the decision-making processes involved in ICA. Thus, our...

In this essay, we outline some important concerns in the hope of improving the effectiveness of security and privacy research. We discuss the need to re-examine our understanding of information technology (IT) and information system (IS) artefacts and to expand the range of the latter to include...

While hackers and viruses fuel the IS security concerns for organisations, the problems posed by employee computer crime should not be underestimated. Indeed, a growing number of IS security researchers have turned their attention to the ‘insider’ threat. However, to date, there has been a...

Employee computer crime represents a substantial threat for organisations. Yet information security researchers and practitioners currently lack a clear understanding of how these crimes are perpetrated, which, as a consequence, hinders security efforts. We argue that recent developments in...

This paper reviews the IS security literature for the period 1990-2004. More specifically three security journals and the top twenty IS journals were examined. In total 1280 papers were analysed in terms of theories, research methods and research topics. Our research found that 1043 of the...

IS security represents a growing concern for organisations. Although hackers and viruses are often the basis of such concerns, the inside threat of employee computer crime should not be underestimated. From an academic perspective, there are a modest but growing number of texts which examine the...

Systems risk refers to the likelihood that an IS is inadequately guarded against certain types of damage or loss. While risks are posed by acts of God, hackers and viruses, consideration should also be given to the ‘insider’ threat of dishonest employees, intent on undertaking some form of...

There is currently a paucity of literature focusing on the relationship between the actions of staff members, who perpetrate some form of computer abuse, and the organisational environment in which such actions take place. A greater understanding of such a relationship may complement existing...

This paper examines the concept of criminal opportunity. More precisely, it focuses on the nature of such opportunities that are to be found within an IS context, and the threat posed by dishonest staff who may act on them. Although hackers and their activities may be given ample column space in...