预测六种基于员工的风险的信息安全策略遵从意图和行为

IF 0.5 Q4 COMPUTER SCIENCE, SOFTWARE ENGINEERING
T. Ryutov, Nicole D. Sintov, Mengtian Zhao, R. John
{"title":"预测六种基于员工的风险的信息安全策略遵从意图和行为","authors":"T. Ryutov, Nicole D. Sintov, Mengtian Zhao, R. John","doi":"10.1080/15536548.2017.1418632","DOIUrl":null,"url":null,"abstract":"ABSTRACT Employees’ non-compliance with organizational information security policies poses a significant threat to organizations. Enhancing our understanding of compliance behavior is crucial for improving security. Although research has identified numerous psychological factors that affect intentions to comply with security policies, how such intentions map onto actual compliance behavior is not well understood. Building on a well-supported model of security policy compliance intentions, we evaluate compliance with each of six types of information security policies using decision vignettes, and compare parameters across models. The study contributes to information security compliance research by examining each risk separately and exploring heterogeneity across risk types.","PeriodicalId":44332,"journal":{"name":"International Journal of Information Security and Privacy","volume":"223 1","pages":"260 - 281"},"PeriodicalIF":0.5000,"publicationDate":"2017-10-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Predicting information security policy compliance intentions and behavior for six employee-based risks\",\"authors\":\"T. Ryutov, Nicole D. Sintov, Mengtian Zhao, R. John\",\"doi\":\"10.1080/15536548.2017.1418632\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Employees’ non-compliance with organizational information security policies poses a significant threat to organizations. Enhancing our understanding of compliance behavior is crucial for improving security. Although research has identified numerous psychological factors that affect intentions to comply with security policies, how such intentions map onto actual compliance behavior is not well understood. Building on a well-supported model of security policy compliance intentions, we evaluate compliance with each of six types of information security policies using decision vignettes, and compare parameters across models. The study contributes to information security compliance research by examining each risk separately and exploring heterogeneity across risk types.\",\"PeriodicalId\":44332,\"journal\":{\"name\":\"International Journal of Information Security and Privacy\",\"volume\":\"223 1\",\"pages\":\"260 - 281\"},\"PeriodicalIF\":0.5000,\"publicationDate\":\"2017-10-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/15536548.2017.1418632\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, SOFTWARE ENGINEERING\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/15536548.2017.1418632","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 5

摘要

员工不遵守组织的信息安全政策对组织构成了重大威胁。增强我们对遵从性行为的理解对于提高安全性至关重要。尽管研究已经确定了许多影响遵从安全策略的意图的心理因素,但是这些意图如何映射到实际的遵从行为还没有得到很好的理解。在一个得到良好支持的安全策略遵从意图模型的基础上,我们使用决策片段评估了六种类型的信息安全策略的遵从性,并比较了模型之间的参数。本研究通过对每一种风险进行单独考察,探索不同风险类型之间的异质性,为信息安全合规研究做出了贡献。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Predicting information security policy compliance intentions and behavior for six employee-based risks
ABSTRACT Employees’ non-compliance with organizational information security policies poses a significant threat to organizations. Enhancing our understanding of compliance behavior is crucial for improving security. Although research has identified numerous psychological factors that affect intentions to comply with security policies, how such intentions map onto actual compliance behavior is not well understood. Building on a well-supported model of security policy compliance intentions, we evaluate compliance with each of six types of information security policies using decision vignettes, and compare parameters across models. The study contributes to information security compliance research by examining each risk separately and exploring heterogeneity across risk types.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
International Journal of Information Security and Privacy
International Journal of Information Security and Privacy COMPUTER SCIENCE, SOFTWARE ENGINEERING-
CiteScore
2.50
自引率
0.00%
发文量
73
期刊介绍: As information technology and the Internet become more and more ubiquitous and pervasive in our daily lives, there is an essential need for a more thorough understanding of information security and privacy issues and concerns. The International Journal of Information Security and Privacy (IJISP) creates and fosters a forum where research in the theory and practice of information security and privacy is advanced. IJISP publishes high quality papers dealing with a wide range of issues, ranging from technical, legal, regulatory, organizational, managerial, cultural, ethical and human aspects of information security and privacy, through a balanced mix of theoretical and empirical research articles, case studies, book reviews, tutorials, and editorials. This journal encourages submission of manuscripts that present research frameworks, methods, methodologies, theory development and validation, case studies, simulation results and analysis, technological architectures, infrastructure issues in design, and implementation and maintenance of secure and privacy preserving initiatives.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信