The utility organization has already implemented some of security framework and compliance in their data center to secure the data centers of valuable information. However, the implementation of security framework and compliance, still has several issues relates to some restricted areas. There is no effective security framework and compliance, being implemented in their data center such as access control management system at the entrance of the building zone. Therefore, the objective of this research is to develop information security compliance framework in data center in utility company. This research applied qualitative method namely semi-structured interviews for data collection. The contribution of this research will help professionals and security management organizations to understand the best ways they can be used to improve physical security within the context of information security compliance frameworks that play an important role.

The paper aims to identify behavioural theories that influence information security policies compliance behaviour. A systematic review of empirical studies from eleven online databases (ACM digital library, Emerald Insight, IEEE Xplore digital library, Springer link, Science direct, Scopus, Web of Science, Oxford academic journals, SAGE journals, Taylor & Francis and Wiley online library) are conducted. This review identified 29 studies met its criterion for inclusion. The investigated theories were extracted and analysed. Total of 19 theories have been identified and studied concerning to security policy compliance behaviour. The result indicated that the most established theories in information security compliance behaviour studies are the Theory of Planned Behavior and Protection Motivation theory. Meanwhile, General Deterrence Theory, Neutralization theory, Social Bond Theory / Social Control Theory are used moderately in this research area. Less explored theories are namely Self Determination Theory, Knowledge, Attitude, and Behavior, Social Cognitive Theory, Involvement Theory, Health belief model, Theory of Interpersonal Behavior, Extended Parallel Processing Model, Organisational Control Theory, Psychological Reactance Theory, Norm Activation Theory, Organizational Behaviour Theory, Cognitive Evaluation Theory and Extended Job Demands-Resources. The results from this review may guide the development and evaluation of theories promoting information security compliance behaviours. This will further contribute in the development of an integrated theory of information security compliance behaviour.

Data centers are primarily the main targets of cybercriminals and security threats as they host various critical information and communication technology (ICT) services. Identifying the threats and managing the risks associated with data centers have become a major challenge as this will enable organizations to optimize their resources to focus on the most hazardous threats to prevent the potential risks and damages. The objective of this paper is to identify major ICT security threats to data centers in the Malaysian public sector and their causes. The data for this study was collected through interview sessions. A total of 33 respondents from various government organizations were interviewed. The results revealed that the technical threats, spyware, phishing, bluesnarfing threats, social engineering and virus, trojan, malware, ransomware, viral websites threats are the major categories of threats often encountered by the malaysian public sector organizations. The causes for these threats are lack of budget, competent personnel, and manpower for security tasks, user awareness; lack of compliances and monitoring; insufficient security policies and procedures as well as deliberate cyber attacks. The outcome of this study will give a greater degree of awareness and understanding to the ICT security officers, who are entrusted with data center security. © 2021 Institute of Advanced Engineering and Science. All rights reserved.

Insider threat is a most worrying threat that haunts many organizations today that cause enormous financial losses and damages. As a frontline, Information Technology (IT) organizations has to implement necessary countermeasures to protect critical infrastructure. Although, many approaches proposed before to detect and mitigate insider threat, significant rise of cases in past few years and unavailability of a widely accepted solution paves way to conduct more researches. Moreover, the pandemic situation has brought in a new challenge for IT organizations to review the existing safeguards. This paper aims to contribute an interdisciplinary approach at proposing a multidimensional model that scrutinize factors from multiple dimensions such as psychological, behavioral, technological, organizational and environmental dimension that triggers insider threat. The constructed model coordinates organizations to counter insider threat by addressing issues in more effective and efficient way by applying the multidimensional approach for mitigation.

The data quality evaluation is essential towards designing a data assessment method for any company because data is an important asset. Therefore, the purpose of this study is to develop the data quality evaluation method for a transportation agency in Malaysia in order to quantify the quality of data in the SIKAP licensing system. This can benefit the transportation agency to improve the quality of data for the use of reporting, forecasting business operations and data integration with other agency's systems. The relevant data evaluation dimensions have been identified from literature study and relative data evaluation framework which are necessarily required by the transportation agency to maintain high data quality in the SIKAP system. The process design for the proposed method involves data dimension identification, capturing the relevant database structure, subjective evaluation with a questionnaire and objective evaluation with data profiling. From the design process, the result shows that data evaluation method for a transportation agency must have a minimum of six data quality dimensions. SIKAP, the legacy system is in the process to revamp into a new system. Thus, this research contributes to enhance the current system's data quality during revamping process and data migration into the new system.