International Journal of

ADVANCED AND APPLIED SCIENCES

EISSN: 2313-3724, Print ISSN: 2313-626X

Frequency: 12

line decor
  
line decor

 Volume 12, Issue 10 (October 2025), Pages: 159-180

----------------------------------------------

 Original Research Paper

A cybersecurity framework for Jordanian express delivery service companies: Analyzing the impact of organizational culture and project team skills

 Author(s): 

 Ahmad AlArabiat 1, Umi Kalsum Zolkafli 2, *

 Affiliation(s):

  1Faculty of Built Environment, University of Malaya, Kuala Lumpur, Malaysia
  2Department of Quantity Surveying, University of Malaya, Kuala Lumpur, Malaysia

 Full text

    Full Text - PDF

 * Corresponding Author. 

   Corresponding author's ORCID profile:  https://orcid.org/0000-0001-5061-1019

 Digital Object Identifier (DOI)

  https://doi.org/10.21833/ijaas.2025.10.018

 Abstract

In the rapidly changing digital environment, cybersecurity has become a major challenge for express delivery service companies, which rely on digital systems and handle sensitive customer data. This study explores how organizational culture influences the development of project team skills in responding to cyberattacks, aiming to improve company performance in Jordan. Using Structural Equation Modeling (SEM) and survey data from 274 operations and IT managers, the study examines the impact of cyberattack factors—such as software vulnerabilities, human error, weak passwords, and insider threats—on organizational responses and team skill development. The results show that these threats significantly affect response mechanisms, which in turn enhance team capabilities. Key elements such as incident response planning, cybersecurity expertise, and fast threat detection are essential for reducing risks. Furthermore, a supportive and flexible organizational culture strengthens these effects by promoting teamwork, learning, and innovation. The study provides practical guidance for improving cybersecurity management in the express delivery sector and offers a foundation for future research in other high-risk industries.

 © 2025 The Authors. Published by IASE.

 This is an open access article under the CC BY-NC-ND license ( http://creativecommons.org/licenses/by-nc-nd/4.0/).

 Keywords

 Cybersecurity, Organizational culture, Team skills, Cyberattacks, Express delivery

 Article history

 Received 11 January 2025, Received in revised form 23 May 2025, Accepted 2 October 2025

 Acknowledgment

No Acknowledgment. 

 Compliance with ethical standards

 Ethical considerations

This study was conducted in accordance with established ethical standards. All participants were provided with detailed information about the research objectives and procedures, and informed consent was obtained prior to their participation. Data were collected anonymously and treated with strict confidentiality to ensure privacy and protection of participants. 

 Conflict of interest: The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

 Citation:

 AlArabiat A and Zolkafli UK (2025). A cybersecurity framework for Jordanian express delivery service companies: Analyzing the impact of organizational culture and project team skills. International Journal of Advanced and Applied Sciences, 12(10): 159-180

  Permanent Link to this page

 Figures

  Fig. 1  Fig. 2  Fig. 3  Fig. 4  Fig. 5 

 Tables

  Table 1  Table 2  Table 3  Table 4  Table 5  Table 6  Table 7  Table 8  Table 9 

----------------------------------------------   

 References (74)

  1. Abbad M, Abbad R, and Saleh M (2011). Limitations of e‐commerce in developing countries: Jordan case. Education Business and Society Contemporary Middle Eastern Issues, 4(4): 280–291.  https://doi.org/10.1108/17537981111190060    [Google Scholar]
  2. Abulhaija S, Hattab S, and Qusef A (2022). Cyber security awareness, knowledge and behavior in the banking sector in Jordan. In the13th International Conference on Information and Communication Systems, IEEE, Irbid, Jordan: 48-53.  https://doi.org/10.1109/ICICS55353.2022.9811212    [Google Scholar]
  3. AlHadid I, Abu-Taieh EM, Rawajbeh MA, Alkhawaldeh RS, Khwaldeh S, Afaneh S, Alrowwad A, and Alrwashdeh DF (2023). Evaluating the influence of security considerations on information dissemination via social networks. International Journal of Data and Network Science, 7(4): 1471–1484.  https://doi.org/10.5267/j.ijdns.2023.8.015    [Google Scholar]
  4. Al-Hawamleh A (2024). Cyber resilience framework: Strengthening defenses and enhancing continuity in business security. International Journal of Computing and Digital Systems, 15(1): 1315–1331.  https://doi.org/10.12785/ijcds/150193    [Google Scholar]
  5. Alhejaili MOM (2024). Securing the Kingdom’s e-commerce frontier: Evaluation of Saudi Arabia’s cybersecurity legal frameworks. Journal of Governance and Regulation, 13(2): 275–286.  https://doi.org/10.22495/jgrv13i2siart4    [Google Scholar]
  6. Alnaeli SM, Sarnowski M, Aman S, Abdelgawad A, and Yelamarthi K (2017). Source code vulnerabilities in IoT software systems. Advances in Science, Technology and Engineering Systems Journal, 2(3): 1502–1507.  https://doi.org/10.25046/aj0203188    [Google Scholar]
  7. Alqudhaibi A, Deshpande S, Jagtap S, and Salonitis K (2023). Towards a sustainable future: Developing a cybersecurity framework for manufacturing. Technological Sustainability, 2(4): 372-387.  https://doi.org/10.1108/TECHS-05-2023-0022    [Google Scholar]
  8. Alsharif M, Mishra S, and Alshehri M (2022). Impact of human vulnerabilities on cybersecurity. Computer Systems Science and Engineering, 40(3): 1153–1166.  https://doi.org/10.32604/csse.2022.019938    [Google Scholar]
  9. Álvarez-García D, Barreiro-Collazo A, Núñez JC, and Dobarro A (2016). Validity and reliability of the cyber-aggression questionnaire for adolescents (CYBA). The European Journal of Psychology Applied to Legal Context, 8(2): 69-77.  https://doi.org/10.1016/j.ejpal.2016.02.003    [Google Scholar]
  10. Amorosa K and Yankson B (2023). Human error - A critical contributing factor to the rise in data breaches: A case study of higher education. Holistica, 14(1): 110–132.  https://doi.org/10.2478/hjbpa-2023-0007    [Google Scholar]
  11. Ayandibu AO, Vezi-Magigaba MF, and Kaseeram I (2021). Innovation as an improvement tool for SMMEs. In: Ayandibu AO (Ed.), Reshaping entrepreneurship education with strategy and innovation: 78-107. IGI Global Scientific Publishing, Hershey, USA.  https://doi.org/10.4018/978-1-7998-3171-6.ch005    [Google Scholar]
  12. Back S and Guerette RT (2021). Cyber place management and crime prevention: The effectiveness of cybersecurity awareness training against phishing attacks. Journal of Contemporary Criminal Justice, 37(3): 427–451.  https://doi.org/10.1177/10439862211001628    [Google Scholar]
  13. Benavides-Astudillo E, Fuertes W, Sanchez-Gordon S, Nuñez-Agurto D, and Rodríguez-Galán G (2023). A phishing-attack-detection model using natural language processing and deep learning. Applied Sciences, 13(9): 5275.  https://doi.org/10.3390/app13095275    [Google Scholar]
  14. Berényi L and Soltész L (2022). Evaluation of product development success: A student perspective. Administrative Sciences, 12(2): 49.  https://doi.org/10.3390/admsci12020049    [Google Scholar]
  15. Bordoloi S, Cooper WW, and Matsuo H (1999). Flexibility, adaptability, and efficiency in manufacturing systems. Production and Operations Management, 8(2): 133–150.  https://doi.org/10.1111/j.1937-5956.1999.tb00366.x    [Google Scholar]
  16. Carlton M and Levy Y (2015). Expert assessment of the top platform independent cybersecurity skills for non-IT professionals. In the SoutheastCon 2015, IEEE, Fort Lauderdale, USA: 1-6.  https://doi.org/10.1109/SECON.2015.7132932    [Google Scholar]
  17. Chanani UL and Wibowo UB (2019). A learning culture and continuous learning for a learning organization. KnE Social Sciences, 3(17): 591–598.  https://doi.org/10.18502/kss.v3i17.4686    [Google Scholar]
  18. Chatterjee D (2021). Cybersecurity readiness: A holistic and high-performance approach. SAGE Publications, Thousand Oaks, USA.  https://doi.org/10.4135/9781071837313    [Google Scholar]
  19. Chen Q and Bridges RA (2017). Automated behavioral analysis of malware: A case study of Wannacry ransomware. In the 16th IEEE International Conference on Machine Learning and Applications, IEEE, Cancun, Mexico: 454-460.  https://doi.org/10.1109/ICMLA.2017.0-119    [Google Scholar]
  20. Cheung K and Bell MG (2021). Attacker–defender model against quantal response adversaries for cyber security in logistics management: An introductory study. European Journal of Operational Research, 291(2): 471–481.  https://doi.org/10.1016/j.ejor.2019.10.019    [Google Scholar]
  21. Darko CD (2022). Weak credential information as a threat to online security. Advances in Multidisciplinary and Scientific Research Journal, 1(1): 35–40.  https://doi.org/10.22624/AIMS/CRP-BK3-P6    [Google Scholar]
  22. Davis JS, Radhakrishnan A, and Zaveri J (2021). The impact of project team characteristics and client collaboration on project agility and project success: An empirical study. European Management Journal, 40(5): 758–777.  https://doi.org/10.1016/j.emj.2021.09.011    [Google Scholar]
  23. Delone WH and McLean ER (2003). The DeLone and McLean model of information systems success: A ten-year update. Journal of Management Information Systems, 19(4): 9–30.  https://doi.org/10.1080/07421222.2003.11045748    [Google Scholar]
  24. Deyannis D, Papadogiannaki E, Chrysos G, Georgopoulos KN, and Ioannidis S (2022). The diversification and enhancement of an IDS scheme for the cybersecurity needs of modern supply chains. Electronics, 11(13): 1944.  https://doi.org/10.3390/electronics11131944    [Google Scholar]
  25. Dhillon G, Smith K, and Hedström K (2019). Ensuring core competencies for cybersecurity specialists. In: Vasileiou I and Furnell S (Eds.), Cybersecurity education for awareness and compliance: 1-13. IGI Global, Hershey, USA.  https://doi.org/10.4018/978-1-5225-7847-5.ch007    [Google Scholar] PMCid:PMC6915323
  26. Dreibelbis RC, Martin J, Coovert MD, and Dorsey DW (2018). The looming cybersecurity crisis and what it means for the practice of industrial and organizational psychology. Industrial and Organizational Psychology, 11(2): 346–365.  https://doi.org/10.1017/iop.2018.3    [Google Scholar]
  27. Farrell M (2017). Time management. Journal of Library Administration, 57(2): 215–222.  https://doi.org/10.1080/01930826.2017.1281666    [Google Scholar]
  28. Fornell C and Larcker DF (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1): 39-50.  https://doi.org/10.1177/002224378101800104    [Google Scholar]
  29. Furukawa C (2016). Dynamics of a critical problem-solving project team and creativity in a multiple-project environment. Team Performance Management, 22(1-2): 92–110.  https://doi.org/10.1108/TPM-04-2015-0021    [Google Scholar]
  30. Gelenbe E and Nakip M (2023). Real-time cyberattack detection with offline and online learning. In the IEEE 29th International Symposium on Local and Metropolitan Area Networks (LANMAN), IEEE, London, UK: 1-6.  https://doi.org/10.1109/LANMAN58293.2023.10189812    [Google Scholar]
  31. Georgiadou A, Michalitsi-Psarrou A, and Askounis D (2022). Evaluating the cyber-security culture of the EPES sector: Applying a cyber-security culture framework to assess the EPES sector's resilience and readiness. In the Proceedings of the 17th International Conference on Availability, Reliability and Security, ACM, Vienna, Austria: 1-10.  https://doi.org/10.1145/3538969.3543813    [Google Scholar]
  32. Granova V, Mashatan A, and Turetken O (2023). Changing hearts and minds: The role of cybersecurity champion programs in cybersecurity culture. In: Schmorrow DD and Fidopiastis CM (Eds.), Augmented cognition. HCII 2023. Lecture Notes in Computer Science, 14019: 416-428. Springer Nature, Cham, Switzerland.  https://doi.org/10.1007/978-3-031-35017-7_26    [Google Scholar]
  33. Hair JF, Risher JJ, Sarstedt M, and Ringle CM (2019). When to use and how to report the results of PLS-SEM. European Business Review, 31(1): 2-24.  https://doi.org/10.1108/EBR-11-2018-0203    [Google Scholar]
  34. Hawkins N (2017). Why communication is vital during a cyber-attack. Network Security, 2017(3): 12-14.  https://doi.org/10.1016/S1353-4858(17)30028-4    [Google Scholar]
  35. Huang K and Pearlson K (2019). For what technology can’t fix: Building a model of organizational cybersecurity culture. In the Proceedings of the 52nd Hawaii International Conference on System Sciences, AIS, Grand Wailea, Hawaii: 6398-6407.  https://doi.org/10.24251/HICSS.2019.769    [Google Scholar]
  36. Hyslip TS and Burruss GW (2023). Ransomware. In: Hummer D and Byrne JM (Eds.), Handbook on crime and technology: 86-104. Edward Elgar Publishing, Cheltenham, UK.  https://doi.org/10.4337/9781800886643.00013    [Google Scholar]
  37. Jadhav GG, Gaikwad SV, and Bapat D (2023). A systematic literature review: Digital marketing and its impact on SMEs. Journal of Indian Business Research, 15(1): 76-91.  https://doi.org/10.1108/JIBR-05-2022-0129    [Google Scholar]
  38. Jegatheswaran RA and Juremi J (2022). Distributed denial of service: Detection method and response strategy. In the IEEE 2nd Mysore Sub Section International Conference, IEEE, Mysuru, India: 1-5. https://doi.org/10.1109/MysuruCon55714.2022.9972744    [Google Scholar]
  39. Jiang H, Choi T, and Ko RK (2020). Pandora: A cyber range environment for the safe testing and deployment of autonomous cyber attack tools. In: Thampi SM, Wang G, Rawat DB, Ko R, and Fan CI (Eds.), International symposium on security in computing and communication: 1-20. Springer, Singapore, Singapore.  https://doi.org/10.1007/978-981-16-0422-5_1   [Google Scholar]
  40. Johnson AP and Aggarwal R (2019). Assessment of non-technical skills: Why aren’t we there yet? BMJ Quality & Safety, 28: 606-608.  https://doi.org/10.1136/bmjqs-2018-008712    [Google Scholar] PMid:31129619
  41. Kareem HM, Aziz KA, Maelah R, Yunus YM, and Dauwed M (2019). Organizational performance in Iraqi SMEs: Validity and reliability questionnaire. Academy of Accounting and Financial Studies Journal, 23(6): 1-16.    [Google Scholar]
  42. Klingner JK and Boardman AG (2011). Addressing the “research gap” in special education through mixed methods. Learning Disability Quarterly, 34(3): 208–218.  https://doi.org/10.1177/0731948711417559    [Google Scholar]
  43. Kosutic D and Pigni F (2020). Cybersecurity: Investing for competitive outcomes. Journal of Business Strategy, 43(1): 28–36. https://doi.org/10.1108/JBS-06-2020-0116    [Google Scholar]
  44. Krejcie RV and Morgan DW (1970). Determining sample size for research activities. Educational and Psychological Measurement, 30(3): 607–610.  https://doi.org/10.1177/001316447003000308    [Google Scholar]
  45. Muszyńska K, Dermol K, Trunk V, Ðakovic A, and Smrkolj G (2015). Communication management in project teams–practices and patterns. In the Joint International Conference, TIIM, Bari, Italy: 1359-1366.    [Google Scholar]
  46. Mwim EN and Mtsweni J (2022). Systematic review of factors that influence the cybersecurity culture. In: Clarke N and Furnell S (Eds.), IFIP advances in information and communication technology: 147–172. Springer, Cham, Switzerland.  https://doi.org/10.1007/978-3-031-12172-2_12    [Google Scholar]
  47. Naseer A, Naseer H, Ahmad A, Maynard SB, and Siddiqui AM (2023). Moving towards agile cybersecurity incident response: A case study exploring the enabling role of big data analytics-embedded dynamic capabilities. Computers and Security, 135: 103525.  https://doi.org/10.1016/j.cose.2023.103525    [Google Scholar]
  48. Nkomo L and Kalisz D (2023). Establishing organisational resilience through developing a strategic framework for digital transformation. Digital Transformation and Society, 2(4): 403–426.  https://doi.org/10.1108/DTS-11-2022-0059    [Google Scholar]
  49. Oriola O, Adeyemo AB, Papadaki M, and Kotzé E (2021). A collaborative approach for national cybersecurity incident management. Information and Computer Security, 29(3): 457–484.  https://doi.org/10.1108/ICS-02-2020-0027    [Google Scholar]
  50. Pandey S, Singh RK, Gunasekaran A, and Kaushik A (2020). Cyber security risks in globalized supply chains: Conceptual framework. Journal of Global Operations and Strategic Sourcing, 13(1): 103–128. https://doi.org/10.1108/JGOSS-05-2019-0042    [Google Scholar]
  51. Pavlova E (2020). Enhancing the organisational culture related to cyber security during the university digital transformation. Information and Security an International Journal, 46(3): 239–249.  https://doi.org/10.11610/isij.4617    [Google Scholar]
  52. Pharris L and Pérez-Mira B (2022). Preventing social engineering: A phenomenological inquiry. Information and Computer Security, 31(1): 1–31.  https://doi.org/10.1108/ICS-09-2021-0137    [Google Scholar]
  53. Rejeb A, Rejeb K, Simske SJ, and Treiblmaier H (2021). Drones for supply chain management and logistics: A review and research agenda. International Journal of Logistics Research and Applications, 26(6): 708–731.  https://doi.org/10.1080/13675567.2021.1981273    [Google Scholar]
  54. Riebe T, Kaufhold MA, and Reuter C (2021). The impact of organizational structure and technology use on collaborative practices in computer emergency response teams: An empirical study. In the Proceedings of the ACM on human-computer interaction, 5(CSCW2): 478.  https://doi.org/10.1145/3479865    [Google Scholar]
  55. Safitra MF, Lubis M, and Fakhrurroja H (2023). Counterattacking cyber threats: A framework for the future of cybersecurity. Sustainability, 15(18): 13369.  https://doi.org/10.3390/su151813369    [Google Scholar]
  56. Salehi Shahraki A and Nikmaram M (2013). Human errors in computer related abuses. Journal of Theoretical and Applied Information Technology, 47(1): 93-97.    [Google Scholar]
  57. Sarkar KR (2010). Assessing insider threats to information security using technical, behavioural and organisational measures. Information Security Technical Report, 15(3): 112–133.  https://doi.org/10.1016/j.istr.2010.11.002    [Google Scholar]
  58. Saunders J (2017). Tackling cybercrime – the UK response. Journal of Cyber Policy, 2(1): 4–15.  https://doi.org/10.1080/23738871.2017.1293117    [Google Scholar]
  59. Sawyer BD and Hancock PA (2018). Hacking the human: The prevalence paradox in cybersecurity. Human Factors, 60(5): 597–609.  https://doi.org/10.1177/0018720818780472    [Google Scholar] PMid:29986155
  60. Seghezzi A, Mangiaracina R, Tumino A, and Perego A (2020). ‘Pony express’ crowdsourcing logistics for last-mile delivery in B2C e-commerce: An economic analysis. International Journal of Logistics: Research and Applications, 24(5): 456–472.  https://doi.org/10.1080/13675567.2020.1766428    [Google Scholar]
  61. Setiawan I, Fauzi A, and Rohmansyah MS (2023). Epistemology as a scientific methodology foundation for the development of new theories in the field of Islamic education management. International Journal of Asian Business and Management, 2(2): 153–166.  https://doi.org/10.55927/ijabm.v2i2.3707    [Google Scholar]
  62. Sharma R and Patel M (2018). Toxic comment classification using neural networks and machine learning. International Advanced Research Journal in Science, Engineering and Technology, 5(9): 47–52.  https://doi.org/10.17148/IARJSET.2018.597    [Google Scholar]
  63. Sharmeen S, Ahmed YA, Huda S, Koçer BŞ, and Hassan MM (2020). Avoiding future digital extortion through robust protection against ransomware threats using deep learning based adaptive approaches. IEEE Access, 8: 24522–24534.  https://doi.org/10.1109/ACCESS.2020.2970466    [Google Scholar]
  64. Sistla AP, Žefran M, Feng Y, and Ben Y (2014). Timely monitoring of partially observable stochastic systems. In the Proceedings of the 17th International Conference on Hybrid Systems: Computation and Control, ACM, Berlin Germany: 61-70.  https://doi.org/10.1145/2562059.2562136    [Google Scholar]
  65. Skilton PF and Dooley KJ (2010). The effects of repeat collaboration on creative abrasion. Academy of Management Review, 35(1): 118–134.  https://doi.org/10.5465/AMR.2010.45577886    [Google Scholar]
  66. Srinivasan K, Gupta T, Agarwal P, and Nema A (2018). A robust security framework for cloud-based logistics services. In the IEEE International Conference on Applied System Invention, IEEE, Chiba, Japan: 162-165.  https://doi.org/10.1109/ICASI.2018.8394557    [Google Scholar] PMid:31049321 PMCid:PMC6489043
  67. Steinke JA, Bolunmez B, Fletcher LS, Wang V, Tomassetti AJ, Repchick KM, Zaccaro SJ, Dalal RS, and Tetrick LE (2015). Improving cybersecurity incident response team effectiveness using teams-based research. IEEE Security and Privacy, 13(4): 20–29.  https://doi.org/10.1109/MSP.2015.71    [Google Scholar]
  68. Tariq E, Akour I, Al-Shanableh N, Alquqa EK, Alzboun N, Al-Hawary SIS, and Alshurideh MT (2023). How cybersecurity influences fraud prevention: An empirical study on Jordanian commercial banks. International Journal of Data and Network Science, 8(1): 69–76.  https://doi.org/10.5267/j.ijdns.2023.10.016    [Google Scholar]
  69. Tormey R and Laperrouza M (2023). The development, validation and use of an interprofessional project management questionnaire in engineering education. European Journal of Engineering Education, 48(3): 502-517.  https://doi.org/10.1080/03043797.2023.2171854    [Google Scholar]
  70. Tseng SM (2010). The correlation between organizational culture and knowledge conversion on corporate performance. Journal of Knowledge Management, 14(2): 269-284.  https://doi.org/10.1108/13673271011032409    [Google Scholar]
  71. Uchendu B, Nurse JR C, Bada M, and Furnell S (2021). Developing a cyber security culture: Current practices and future needs. Computers and Security, 109: 102387.  https://doi.org/10.1016/j.cose.2021.102387    [Google Scholar]
  72. Yi B, Sawant A, Chen S, Lee SW, and Zhang B (2022). Readiness for radiation treatment continuity: Survey on contingency plans against cyberattacks. Advances in Radiation Oncology, 7(5): 100990.  https://doi.org/10.1016/j.adro.2022.100990    [Google Scholar] PMid:36148373 PMCid:PMC9486412
  73. Yuen KF, Tan L, and Loh HS (2022). Core competencies for maritime business educators in the digital era. Frontiers in Psychology, 13: 915980.  https://doi.org/10.3389/fpsyg.2022.915980    [Google Scholar] PMid:35903743 PMCid:PMC9315266
  74. Zlomislić V, Fertalj K, and Sruk V (2017). Denial of service attacks, defences and research challenges. Cluster Computing, 20(1): 661–671.  https://doi.org/10.1007/s10586-017-0730-x    [Google Scholar]