Managing Security in Organizations: Adoption of Information Security Solutions

Abstract

We develop an integrative model grounded in two theoretical perspectives -- the diffusion of innovation theory and the technology-organization-environment framework -- to examine the diffusion of information security solutions (ISS) in organizations. We specify four innovation characteristics that are specific to ISS (compatibility, complexity, costs, and relative advantage), two organizational factors (organizational readiness and top management support), and two environmental factors (external pressure and visibility) as drivers of ISS diffusion. The model will be tested using data collected through survey questionnaires. We hope to share the results at the workshop in June.