Executives' Commitment to Information Security

IF 2.8 4区 管理学 Q1 INFORMATION SCIENCE & LIBRARY SCIENCE
N. Menon, M. Siponen
{"title":"Executives' Commitment to Information Security","authors":"N. Menon, M. Siponen","doi":"10.1145/3400043.3400047","DOIUrl":null,"url":null,"abstract":"Two aspects of decision-making on information security spending, executives' varying preferences for how proposals should be presented and the framing of the proposals, are developed. The proposed model of executives' commitment to information security is an interaction model (in addition to the cost of a security solution, and the risk and the potential loss of a security threat) consisting of the interaction between an executive's preferred subordinate influence approach (PSIA), rational or inspirational, and the framing, positive or negative, of a security proposal. The interaction of these two constructs affects the executive's commitment to an information security proposal. The model is tested using a scenario-based experiment that elicited responses from business executives across 100+ organizations. Results show that the interaction of the negative framing of a proposal and the inspirational PSIA of an executive affects his or her commitment to information security. Further, negative framing of a proposal and the cost of the security solution interact to decrease the executive's commitment to information security. This study underscores that prescriptions for business executives from normative models in information security spending must be complemented with appropriately framed messages to account for the differences in executives' PSIA (rational and inspirational) and cognitive biases.","PeriodicalId":46842,"journal":{"name":"Data Base for Advances in Information Systems","volume":"2 1","pages":"36 - 53"},"PeriodicalIF":2.8000,"publicationDate":"2020-05-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Data Base for Advances in Information Systems","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1145/3400043.3400047","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 2

Abstract

Two aspects of decision-making on information security spending, executives' varying preferences for how proposals should be presented and the framing of the proposals, are developed. The proposed model of executives' commitment to information security is an interaction model (in addition to the cost of a security solution, and the risk and the potential loss of a security threat) consisting of the interaction between an executive's preferred subordinate influence approach (PSIA), rational or inspirational, and the framing, positive or negative, of a security proposal. The interaction of these two constructs affects the executive's commitment to an information security proposal. The model is tested using a scenario-based experiment that elicited responses from business executives across 100+ organizations. Results show that the interaction of the negative framing of a proposal and the inspirational PSIA of an executive affects his or her commitment to information security. Further, negative framing of a proposal and the cost of the security solution interact to decrease the executive's commitment to information security. This study underscores that prescriptions for business executives from normative models in information security spending must be complemented with appropriately framed messages to account for the differences in executives' PSIA (rational and inspirational) and cognitive biases.
高管对信息安全的承诺
信息安全支出决策的两个方面,即高管们对如何提出建议和建议框架的不同偏好,得到了发展。提出的高管对信息安全承诺的模型是一个交互模型(除了安全解决方案的成本,以及安全威胁的风险和潜在损失),包括高管首选的下属影响方法(PSIA)(理性或鼓舞性)与安全建议的框架(积极或消极)之间的交互。这两个构念的相互作用影响执行人员对信息安全建议的承诺。使用基于场景的实验对该模型进行了测试,该实验从100多个组织的业务主管那里获得了响应。结果表明,提案的负面框架和高管的鼓舞性PSIA的相互作用影响了他或她对信息安全的承诺。此外,提案的负面框架和安全解决方案的成本相互作用,会降低执行人员对信息安全的承诺。本研究强调,从信息安全支出的规范模型中为企业高管提供的处方必须与适当框架的信息相辅相成,以解释高管PSIA(理性和鼓舞性)和认知偏见的差异。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Data Base for Advances in Information Systems
Data Base for Advances in Information Systems INFORMATION SCIENCE & LIBRARY SCIENCE-
CiteScore
3.60
自引率
7.10%
发文量
18
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信