• Corpus ID: 44209364

Sensitizing Employees ’ Corporate IS Security Risk Perception Completed Research Paper

@inproceedings{Grueneburgplatz2014SensitizingE,
  title={Sensitizing Employees ’ Corporate IS Security Risk Perception Completed Research Paper},
  author={Frankfurt Grueneburgplatz and Frankfurt haag and De},
  year={2014}
}
Motivated by recent practical observations of employees’ unapproved sourcing of cloud services at work, this study empirically evaluates bring your own cloud (BYOC) policies and social interactions of the IT department to sensitize employees’ security risk perception. Based on social information processing theory, BYOC strategies varying in the level of restriction from the obligatory, recommended, permitted, not regulated, to the prohibited usage of cloud services in the organization as well… 

Figures and Tables from this paper

References

SHOWING 1-10 OF 69 REFERENCES

Protection motivation and deterrence: a framework for security policy compliance in organisations

TLDR
An Integrated Protection Motivation and Deterrence model of security policy compliance under the umbrella of Taylor-Todd's Decomposed Theory of Planned Behaviour is developed and it is found that employees in the sample underestimate the probability of security breaches.

Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness

TLDR
The results show that an employee's intention to comply with the ISP is significantly influenced by attitude, normative beliefs, and self-efficacy to comply, and the role of ISA and compliance-related beliefs in an organization's efforts to encourage compliance is shed.

Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model

TLDR
This study proposes and test empirically a nonmalicious security violation (NMSV) model with data from a survey of end users at work, and suggests that utilitarian outcomes, normative outcomes, and self-identity outcomes are key determinants of end user intentions to engage in NMSVs.

Understanding Compliance with Bring Your Own Device Policies Utilizing Protection Motivation Theory: Bridging the Intention-Behavior Gap

TLDR
Results demonstrate that participants' intentions to comply with a BYOD policy were primarily motivated by Self Efficacy and Response Efficency, and Threat Severity was more salient for accountants than non-accountants, perhaps due to their sensitivity to confidential data.

Individualization of Information Systems - Analyzing Antecedents of IT Consumerization Behavior

TLDR
A theoretical model for IT consumerization behavior is derived based on the theory of planned behavior and it is shown that it is foremost determined by normative pressures, specifically the behavior of friends, co*workers an d direct supervisors.

Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture

We develop an individual behavioral model that integrates the role of top management and organizational culture into the theory of planned behavior in an attempt to better understand how top

The influence of the informal social learning environment on information privacy policy compliance efficacy and intention

TLDR
The results of this survey of 234 healthcare professionals indicate that certain social conditions within the organizational setting contribute to an informal learning process that influences employee perceptions of efficacy to engage in compliance activities, which contributes to behavioural intention to comply with information privacy policies.
...