Understanding people and how they factor into complex information technology (IT) implementations is critical to reversing the growing trend of costly IT implementation failures. Accordingly, this article presents an approach to dissecting the social and organizational influences impacting peoples' acceptance of technology designed to improve business performance. This article applies the diffusion of innovation theoretical framework to understand and analyze IT innovation implementation challenges. The diffusion approach is applied to two recent cases of implementations of IT supply chain innovations at two aerospace firms, both with complex, global, inter‐firm supply chains. Results indicate that several social and organizational factors do affect the implementation's success. Those factors include users' perceptions of the innovation, the firm's culture, the types of communication channels used to diffuse knowledge of the innovation and various leadership factors.
PurposeWhile the idea of the resilience of information systems security exists, there is a lack of research that conceptualizes, defines and specifies a way to measure it as a dynamic capability. Drawing on relevant cybersecurity and dynamic capabilities literature, this study aims to define Information Systems Security Resilience (ISSR) as a "dynamic capability of a firm to respond to, and recover from, a security attack" and test it as a new construct.Design/methodology/approachThe authors employ a methodology including multiple phases to develop and test this construct of ISSR. The authors first interview senior managers from various organizations to establish the face validity of the construct; then develop and analyze a pilot survey for internal validity and reliability; and finally, design and deploy a field survey to test and externally validate the construct.FindingsThe authors conceptualize and define the construct of ISSR as a dynamic capability, develop a scale for its measurement and test it in a pilot and field survey. The construct is valid, and the measurement tool works. It demonstrates that resilience is something that is done, rather than had. As a capability, organizations need to track and measure ISSR, which is what this tool provides the ability to do.Originality/valueThis research contributes to the information systems and cybersecurity literature and offers valuable insights for organizations to manage their security effectively.