How protection motivation and social bond factors influence information security behavior

2021 ◽  
Vol Volume 26 (2) ◽  
pp. 77-115
Author(s):  
Jean-François Berthevas
Keyword(s):  
Information Security ◽  
Social Bond ◽  
Protection Motivation ◽  
Information Security Behavior ◽  
Security Behavior

A Meta-Analysis of Studies on Protection Motivation Theory and Information Security Behaviour

2015 ◽  
Vol 9 (1) ◽  
pp. 26-46 ◽  
Author(s):  
Teodor Sommestad ◽  
Henrik Karlzén ◽  
Jonas Hallberg
Keyword(s):  
Information Security ◽  
Meta Analysis ◽  
Correlation Coefficients ◽  
Protection Motivation Theory ◽  
Protection Motivation ◽  
Motivation Theory ◽  
Security Threat ◽  
Information Security Behavior ◽  
Security Behavior ◽  
The Individual

Individuals' willingness to take security precautions is imperative to their own information security and the information security of the organizations they work within. This paper presents a meta-analysis of the protection motivation theory (PMT) to assess how its efficacy is influenced by the information security behavior it is applied to. It investigates if the PMT explains information security behavior better if: 1) The behavior is voluntary? 2) The threat and coping method is concrete or specific? 3) The information security threat is directed to the person itself? Synthesized data from 28 surveys suggests that the answers to all three questions are yes. Weighted mean correlation coefficients are on average 0.03 higher for voluntary behavior than mandatory behavior, 0.05 higher for specific behaviors than studies of general behaviors, 0.08 higher to threat appraisal when the threat targets the individual person instead of the person's organization or someone else.

Investigating the Information Perception Value (IPV) Model in Maintaining the Information Security

2020 ◽  
pp. 499-524
Author(s):  
Sharul Tajuddin ◽  
Afzaal H. Seyal ◽  
Norfarrah Binti Muhamad Masdi ◽  
Nor Zainah H. Siau
Keyword(s):  
Data Analysis ◽  
Information Security ◽  
Social Values ◽  
Information Value ◽  
Information Security Behavior ◽  
Monetary Value ◽  
Security Environment ◽  
Brunei Darussalam ◽  
Security Behavior ◽  
Information Values

This pioneering study is conducted among 150 employees from various ministries of Brunei Darussalam regarding their perception in maintaining the information security and to validate the IPV model using linear regression data analysis techniques. The IPV model identifies the factors that affect the user's perception of information values and to further assess as how these perceptions of information value affect their behavior in information security environment. The results show that IPV model have significant predicting power the employees' behavior with more than half of the variance (59%) in information value is shared by these six contextual variables. However, four out of six antecedent variables monetary value, ministerial jurisdiction, spiritual, and social values are significantly predicting the information value. The study has significant impact both for the researchers and practitioners and will add value to the current repository of broad knowledge in information security behavior.

The Cultural Foundation of Information Security Behavior

2021 ◽  
pp. 522-545
Author(s):  
Canchu Lin ◽  
Anand S. Kunnathur ◽  
Long Li
Keyword(s):  
Organizational Culture ◽  
Information Security ◽  
Security Policy ◽  
Behavior Control ◽  
Policy Compliance ◽  
Information Security Policy ◽  
Information Security Behavior ◽  
Security Behavior ◽  
Information Security Policy Compliance ◽  
Security Policy Compliance

Past behavior research overwhelmingly focused on information security policy compliance and under explored the role of organizational context in shaping information security behaviors. To address this research gap, this study integrated two threads of literature: organizational culture, and information security behavior control, and proposed a framework that integrates mid-range theories used in empirical research, connects them to organizational culture, and predicts its role in information security behavior control. Consistent with the cultural-fit perspective, this framework shows that information security policy compliance fits hierarchical culture and the approach of promoting positive, proactive, and emerging information security behaviors fits participative culture. Contributions and practical implications of this framework, together with future research directions, are discussed.

scholarly journals Organizational Information Security Management for Sustainable Information Systems: An Unethical Employee Information Security Behavior Perspective

2020 ◽  
Vol 12 (8) ◽  
pp. 3163
Author(s):  
Amanda M. Y. Chu ◽  
Mike K. P. So
Keyword(s):  
Information Systems ◽  
Information Security ◽  
Security Management ◽  
Information Security Management ◽  
Information Security Behavior ◽  
Security Behavior ◽  
Different Types ◽  
Employee Information ◽  
Willingness To Report ◽  
Security Incidents

This article examines the occurrences of four types of unethical employee information security behavior—misbehavior in networks/applications, dangerous Web use, omissive security behavior, and poor access control—and their relationships with employees’ information security management efforts to maintain sustainable information systems in the workplace. In terms of theoretical contributions, this article identifies and develops reliable and valid instruments to measure different types of unethical employee information security behavior. In addition, it investigates factors affecting different types of such behavior and how such behavior can be used to predict employees’ willingness to report information security incidents. In terms of managerial contributions, the article suggests that information security awareness programs and perceived punishment have differential effects on the four types of unethical behavior and that certain types of unethical information security behavior exert negative effects on employees’ willingness to report information security incidents. The findings will help managers to derive better security rules and policies, which are important for business continuity.

Sign in / Sign up

Export Citation Format

Share Document