Information security conscious care behaviour formation in organizations

Nader, S.S. (2015) Information security conscious care behaviour formation in organizations. Computers & Security, 53. pp. 65-78. ISSN 0167-4048, DOI https://doi.org/10.1016/j.cose.2015.05.012.

[img]
Preview
 PDF (Human Aspects of Information Security)
1-s2.0-S0167404815000863-main.pdf - Published Version
Download (567kB)
Official URL: http://www.journals.elsevier.com/computers-and-sec...

Abstract

Today, the Internet can be considered to be a basic commodity, similar to electricity, without which many businesses simply cannot operate. However, information security for both private and business aspects is important. Experts believe that technology cannot solely guarantee a secure environment for information. Users' behaviour should be considered as an important factor in this domain. The Internet is a huge network with great potential for information security breaches. Hackers use different methods to change confidentiality, integrity, and the availability of information in line with their benefits, while users intentionally or through negligence are a great threat for information security. Sharing their account information, downloading any software from the Internet, writing passwords on sticky paper, and using social security numbers as a username or password are examples of their mistakes. Users’ negligence, ignorance, lack of awareness, mischievous, apathy and resistance are usually the reasons for security breaches. Users’ poor information security behaviour is the main problem in this domain and the presented model endeavours to reduce the risk of users’ behaviour in this realm. The results of structural equation modelling (SEM) showed that Information Security Awareness, Information Security Organization Policy, Information Security Experience and Involvement, Attitude towards information security, Subjective Norms, Threat Appraisal, and Information Security Self-efficacy have a positive effect on users’ behaviour. However, Perceived Behavioural Control does not affect their behaviour significantly. The Protection Motivation Theory and Theory of Planned Behaviour were applied as the backbone of the research model.

Item Type: Article
Funders: UNSPECIFIED
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Computer Science & Information Technology > Department of Information Science
Depositing User: Dr. Nader Sohrabi Safa
Date Deposited: 10 Jul 2015 00:24
Last Modified: 07 Aug 2019 03:02
URI: http://eprints.um.edu.my/id/eprint/13726

Actions (login required)

View Item View Item
UM Research Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.