价值冲突与信息安全——高风险行业的混合方法研究

IF 1.6 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Kristina Gyllensten, A. Pousette, Marianne Törner
{"title":"价值冲突与信息安全——高风险行业的混合方法研究","authors":"Kristina Gyllensten, A. Pousette, Marianne Törner","doi":"10.1108/ics-09-2021-0139","DOIUrl":null,"url":null,"abstract":"\nPurpose\nThe purpose of this study is to investigate the influence of work-related value conflicts on information security in two organisations in nuclear power production and related industry.\n\n\nDesign/methodology/approach\nA mixed-methods design was applied. Individual interviews were conducted with 24 employees of two organisations in Sweden and questionnaire data on information security climate were collected from 667 employees (62%) in the same two organisations.\n\n\nFindings\nThe qualitative part of the study identified five different types of value conflicts influencing information security behaviour. The quantitative part of the study found that value conflicts relating to information security had a negative relationship with rule-compliant behaviour. The opposite was found for participative security behaviour where there was a positive relationship with value conflicts. A high climate of information security was positively related to both rule-compliant and participative information security behaviour. It also moderated the effect of value conflicts on compliant information security behaviour.\n\n\nOriginality/value\nThis paper highlights organisational contextual conditions that influence employees’ motivation and ability to manage value conflicts relating to information security in a high-risk industry. It also enables a better understanding of the influence of the information security climate on information security in the presence of value conflicts in this type of industry.\n","PeriodicalId":45298,"journal":{"name":"Information and Computer Security","volume":"39 1","pages":""},"PeriodicalIF":1.6000,"publicationDate":"2021-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Value conflicts and information security – a mixed-methods study in high-risk industry\",\"authors\":\"Kristina Gyllensten, A. Pousette, Marianne Törner\",\"doi\":\"10.1108/ics-09-2021-0139\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"\\nPurpose\\nThe purpose of this study is to investigate the influence of work-related value conflicts on information security in two organisations in nuclear power production and related industry.\\n\\n\\nDesign/methodology/approach\\nA mixed-methods design was applied. Individual interviews were conducted with 24 employees of two organisations in Sweden and questionnaire data on information security climate were collected from 667 employees (62%) in the same two organisations.\\n\\n\\nFindings\\nThe qualitative part of the study identified five different types of value conflicts influencing information security behaviour. The quantitative part of the study found that value conflicts relating to information security had a negative relationship with rule-compliant behaviour. The opposite was found for participative security behaviour where there was a positive relationship with value conflicts. A high climate of information security was positively related to both rule-compliant and participative information security behaviour. It also moderated the effect of value conflicts on compliant information security behaviour.\\n\\n\\nOriginality/value\\nThis paper highlights organisational contextual conditions that influence employees’ motivation and ability to manage value conflicts relating to information security in a high-risk industry. It also enables a better understanding of the influence of the information security climate on information security in the presence of value conflicts in this type of industry.\\n\",\"PeriodicalId\":45298,\"journal\":{\"name\":\"Information and Computer Security\",\"volume\":\"39 1\",\"pages\":\"\"},\"PeriodicalIF\":1.6000,\"publicationDate\":\"2021-12-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information and Computer Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1108/ics-09-2021-0139\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information and Computer Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ics-09-2021-0139","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

目的本研究旨在探讨核电生产及相关产业中两个组织的工作价值冲突对资讯安全的影响。设计/方法学/方法采用混合方法设计。对瑞典两个组织的24名员工进行了个人访谈,并从同一两个组织的667名员工(62%)中收集了有关信息安全气候的问卷数据。研究的定性部分确定了影响信息安全行为的五种不同类型的价值冲突。研究的定量部分发现,与信息安全相关的价值冲突与合规行为呈负相关。而参与性安全行为则与价值冲突呈正相关。高度的信息安全氛围与规则遵从性和参与性信息安全行为呈正相关。它还调节了价值观冲突对合规信息安全行为的影响。原创性/价值这篇论文强调了影响员工在高风险行业中管理与信息安全相关的价值冲突的动机和能力的组织背景条件。它也使人们能够更好地理解信息安全气候对信息安全的影响,在这种类型的行业存在价值冲突。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Value conflicts and information security – a mixed-methods study in high-risk industry
Purpose The purpose of this study is to investigate the influence of work-related value conflicts on information security in two organisations in nuclear power production and related industry. Design/methodology/approach A mixed-methods design was applied. Individual interviews were conducted with 24 employees of two organisations in Sweden and questionnaire data on information security climate were collected from 667 employees (62%) in the same two organisations. Findings The qualitative part of the study identified five different types of value conflicts influencing information security behaviour. The quantitative part of the study found that value conflicts relating to information security had a negative relationship with rule-compliant behaviour. The opposite was found for participative security behaviour where there was a positive relationship with value conflicts. A high climate of information security was positively related to both rule-compliant and participative information security behaviour. It also moderated the effect of value conflicts on compliant information security behaviour. Originality/value This paper highlights organisational contextual conditions that influence employees’ motivation and ability to manage value conflicts relating to information security in a high-risk industry. It also enables a better understanding of the influence of the information security climate on information security in the presence of value conflicts in this type of industry.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Information and Computer Security
Information and Computer Security COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
4.60
自引率
7.10%
发文量
23
期刊介绍: Information and Computer Security (ICS) contributes to the advance of knowledge directly related to the theory and practice of the management and security of information and information systems. It publishes research and case study papers relating to new technologies, methodological developments, empirical studies and practical applications. The journal welcomes papers addressing research and case studies in relation to many aspects of information and computer security. Topics of interest include, but are not limited to, the following: Information security management, standards and policies Security governance and compliance Risk assessment and modelling Security awareness, education and culture User perceptions and understanding of security Misuse and abuse of computer systems User-facing security technologies Internet security and privacy The journal is particularly interested in receiving submissions that consider the business and organisational aspects of security, and welcomes papers from both human and technical perspective on the topic. However, please note we do not look to solicit papers relating to the underlying mechanisms and functions of security methods such as cryptography (although relevant applications of the technology may be considered).
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信