A Study on the Effects of Influencing Factors in the Security Environment of Military Organizational Members on Information Security Stress and Security Compliance Behavior Intention

2021 ◽  
Vol 21 (3) ◽  
pp. 93-104
Author(s):  
Eui Cheon Park ◽  
◽  
Ki Seok Jeon
Keyword(s):  
Information Security ◽  
Influencing Factors ◽  
Behavior Intention ◽  
Security Environment ◽  
Compliance Behavior ◽  
Security Compliance

Factors Influencing Information Security Policy Compliance Behavior

2022 ◽  
pp. 213-232
Author(s):  
Kwame Simpe Ofori ◽  
Hod Anyigba ◽  
George Oppong Appiagyei Ampong ◽  
Osaretin Kayode Omoregie ◽  
Makafui Nyamadi ◽  
...  
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Future Research ◽  
General Deterrence ◽  
Security Education ◽  
Weakest Link ◽  
Compliance Behavior ◽  
Security Compliance ◽  
Information Security Policy Compliance ◽  
Security Policy Compliance

One of the major concerns of organizations in today's networked world is to unravel how employees comply with information security policies (ISPs) since the internal employee has been identified as the weakest link in security policy breaches. A number of studies have examined ISP compliance from the perspective of deterrence; however, there have been mixed results. The study seeks to examine information security compliance from the perspective of the general deterrence theory (GDT) and information security climate (ISC). Data was collected from 329 employees drawn from the five top-performing banks in Ghana and analyzed with PLS-SEM. Results from the study show that security education training and awareness, top-management's commitment for information security, and peer non-compliance behavior affect the information security climate in an organization. Information security climate, punishment severity, and certainty of deterrent were also found to influence employees' intention to comply with ISP. The implications, limitations, and directions for future research are discussed.

scholarly journals Theory-Based Model and Prediction Analysis of Information Security Compliance Behavior in the Saudi Healthcare Sector

Symmetry ◽  
2020 ◽  
Vol 12 (9) ◽  
pp. 1544
Author(s):  
Sultan T. Alanazi ◽  
Mohammed Anbar ◽  
Shouki A. Ebad ◽  
Shankar Karuppayah ◽  
Hadeer A. Al-Ani
Keyword(s):  
Saudi Arabia ◽  
Information Systems ◽  
Information Security ◽  
Health Information ◽  
Healthcare Workers ◽  
Health Information Systems ◽  
General Information ◽  
Kingdom Of Saudi Arabia ◽  
Compliance Behavior ◽  
Security Compliance

The adoption of health information systems provides many potential healthcare benefits. The government of the Kingdom of Saudi Arabia has subsidized this field. However, like those of other less developed countries, organizations in the Kingdom of Saudi Arabia struggle to secure their health information systems. This issue may stem from a lack of awareness regarding information security. To date, most related studies have not considered all of the factors affecting information security compliance behavior (ISCB), which include psychological traits, cultural and religious beliefs, and legal concerns. This paper aims to investigate the usefulness of a theory-based model and determine the predictors of ISCB among healthcare workers at government hospitals in the Kingdom of Saudi Arabia. The study investigated 433 health workers in Arar, the capital of the Northern Borders Province in the Kingdom of Saudi Arabia. Two phases involved in this study were the hypothetical model formulation and identification of ISCB predictors. The results suggest that moderating and non-common factors (e.g., religion and morality) impact ISCB, while demographic characteristics (e.g., age, marital status, and work experience) do not. All published instruments and theories were embedded to determine the most acceptable theories for Saudi culture. The theory-based model of ISCB establishes the main domains of theory for this study, which were religion/morality, self-efficacy, legal/punishment, personality traits, cost of compliance/noncompliance, subjective norms, information security policy, general information security, and technology awareness. Predictors of ISCB indicate that general information security, followed by self-efficacy and religion/morality, is the most influential factor on ISCB among healthcare workers in the Kingdom of Saudi Arabia. This study is considered as the first to present the symmetry between theory and actual descriptive results, which were not investigated before.

Factors Influencing Information Security Policy Compliance Behavior

2020 ◽  
pp. 152-171
Author(s):  
Kwame Simpe Ofori ◽  
Hod Anyigba ◽  
George Oppong Appiagyei Ampong ◽  
Osaretin Kayode Omoregie ◽  
Makafui Nyamadi ◽  
...  
Keyword(s):  
Information Security ◽  
Security Policy ◽  
Future Research ◽  
General Deterrence ◽  
Security Education ◽  
Weakest Link ◽  
Compliance Behavior ◽  
Security Compliance ◽  
Information Security Policy Compliance ◽  
Security Policy Compliance

One of the major concerns of organizations in today's networked world is to unravel how employees comply with information security policies (ISPs) since the internal employee has been identified as the weakest link in security policy breaches. A number of studies have examined ISP compliance from the perspective of deterrence; however, there have been mixed results. The study seeks to examine information security compliance from the perspective of the general deterrence theory (GDT) and information security climate (ISC). Data was collected from 329 employees drawn from the five top-performing banks in Ghana and analyzed with PLS-SEM. Results from the study show that security education training and awareness, top-management's commitment for information security, and peer non-compliance behavior affect the information security climate in an organization. Information security climate, punishment severity, and certainty of deterrent were also found to influence employees' intention to comply with ISP. The implications, limitations, and directions for future research are discussed.

scholarly journals Why Employees (Still) Click on Phishing Links: An Investigation in Hospitals

10.2196/16775 ◽  
2020 ◽  
Vol 22 (1) ◽  
pp. e16775 ◽  
Author(s):  
Mohammad S Jalali ◽  
Maike Bruckes ◽  
Daniel Westmattelmann ◽  
Gerhard Schewe
Keyword(s):  
Information Security ◽  
Structural Equation ◽  
Behavioral Control ◽  
Equation Modeling ◽  
Perceived Behavioral Control ◽  
Security Technology ◽  
Compliance Behavior ◽  
Security Compliance ◽  
Reported Data ◽  
Felt Trust

Background Hospitals have been one of the major targets for phishing attacks. Despite efforts to improve information security compliance, hospitals still significantly suffer from such attacks, impacting the quality of care and the safety of patients. Objective This study aimed to investigate why hospital employees decide to click on phishing emails by analyzing actual clicking data. Methods We first gauged the factors that influence clicking behavior using the theory of planned behavior (TPB) and integrating trust theories. We then conducted a survey in hospitals and used structural equation modeling to investigate the components of compliance intention. We matched employees’ survey results with their actual clicking data from phishing campaigns. Results Our analysis (N=397) reveals that TPB factors (attitude, subjective norms, and perceived behavioral control), as well as collective felt trust and trust in information security technology, are positively related to compliance intention. However, compliance intention is not significantly related to compliance behavior. Only the level of employees’ workload is positively associated with the likelihood of employees clicking on a phishing link. Conclusions This is one of the few studies in information security and decision making that observed compliance behavior by analyzing clicking data rather than using self-reported data. We show that, in the context of phishing emails, intention and compliance might not be as strongly linked as previously assumed; hence, hospitals must remain vigilant with vulnerabilities that cannot be easily managed. Importantly, given the significant association between workload and noncompliance behavior (ie, clicking on phishing links), hospitals should better manage employees’ workload to increase information security. Our findings can help health care organizations augment employees’ compliance with their cybersecurity policies and reduce the likelihood of clicking on phishing links.

scholarly journals Analysis of Influencing Factors of College Students’ Intention to Repeated Blood Donation Based on Structural Equation Modeling

2021 ◽  
Author(s):  
Lingling Pan ◽  
Wei Hu ◽  
Wenjuan Han ◽  
Yingying Wang
Keyword(s):  
College Students ◽  
Structural Equation Modeling ◽  
Influencing Factors ◽  
Structural Equation ◽  
Blood Donation ◽  
Behavioral Control ◽  
Equation Modeling ◽  
Perceived Behavioral Control ◽  
Behavior Intention ◽  
Donation Behavior

AbstractTo research the influencing factors of college students' blood donation behavior intention and propose intervention strategies to improve the repeated blood donation rate of college students. Questionnaire survey was used to research and analyze the influencing factors of behavior intention. Amos 21.0 software was used to establish structural equation modeling and perform confirmatory factor analysis. SPSS 20.0 was used for statistic. The model was proved with highly adaptability, with χ2/df = 2.956 < 3. Factors influencing college students' intention of repeat blood donation behavior can be summarized into four: attitude, external motivation, advice-taking, and perceived behavioral control. Among them, attitude and perceived behavioral control have a great direct impact on behavioral intention, while the external motivation and recommendation acceptance have an indirect impact by influencing the other two factors. In view of those evaluation items with high path coefficient in each factor, we can develop recruitment strategies to influence college students’ repeated blood donation behavior and provide scientific suggestions for improving their repeated blood donation rate.

Investigating the Information Perception Value (IPV) Model in Maintaining the Information Security

2020 ◽  
pp. 499-524
Author(s):  
Sharul Tajuddin ◽  
Afzaal H. Seyal ◽  
Norfarrah Binti Muhamad Masdi ◽  
Nor Zainah H. Siau
Keyword(s):  
Data Analysis ◽  
Information Security ◽  
Social Values ◽  
Information Value ◽  
Information Security Behavior ◽  
Monetary Value ◽  
Security Environment ◽  
Brunei Darussalam ◽  
Security Behavior ◽  
Information Values

This pioneering study is conducted among 150 employees from various ministries of Brunei Darussalam regarding their perception in maintaining the information security and to validate the IPV model using linear regression data analysis techniques. The IPV model identifies the factors that affect the user's perception of information values and to further assess as how these perceptions of information value affect their behavior in information security environment. The results show that IPV model have significant predicting power the employees' behavior with more than half of the variance (59%) in information value is shared by these six contextual variables. However, four out of six antecedent variables monetary value, ministerial jurisdiction, spiritual, and social values are significantly predicting the information value. The study has significant impact both for the researchers and practitioners and will add value to the current repository of broad knowledge in information security behavior.

Sign in / Sign up

Export Citation Format

Share Document