Corpus ID: 44209364

Sensitizing Employees ’ Corporate IS Security Risk Perception Completed Research Paper

  title={Sensitizing Employees ’ Corporate IS Security Risk Perception Completed Research Paper},
  author={Frankfurt Grueneburgplatz and Frankfurt haag and De},
Motivated by recent practical observations of employees’ unapproved sourcing of cloud services at work, this study empirically evaluates bring your own cloud (BYOC) policies and social interactions of the IT department to sensitize employees’ security risk perception. Based on social information processing theory, BYOC strategies varying in the level of restriction from the obligatory, recommended, permitted, not regulated, to the prohibited usage of cloud services in the organization as well… Expand

Figures and Tables from this paper


Protection motivation and deterrence: a framework for security policy compliance in organisations
An Integrated Protection Motivation and Deterrence model of security policy compliance under the umbrella of Taylor-Todd's Decomposed Theory of Planned Behaviour is developed and it is found that employees in the sample underestimate the probability of security breaches. Expand
Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness
The results show that an employee's intention to comply with the ISP is significantly influenced by attitude, normative beliefs, and self-efficacy to comply, and the role of ISA and compliance-related beliefs in an organization's efforts to encourage compliance is shed. Expand
Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness
A theoretical model of the incentive effects of penalties, pressures and perceived effectiveness of employee actions that enhances the understanding of employee compliance to information security policies and suggests that security behaviors can be influenced by both intrinsic and extrinsic motivators. Expand
Understanding the mindset of the abusive insider: An examination of insiders' causal reasoning following internal security changes
This research attempts to understand the phenomenon of increased internal computer abuses by applying causal reasoning theory to explain employees' causal-search process following the implementation of information security measures. Expand
Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model
This study proposes and test empirically a nonmalicious security violation (NMSV) model with data from a survey of end users at work, and suggests that utilitarian outcomes, normative outcomes, and self-identity outcomes are key determinants of end user intentions to engage in NMSVs. Expand
Understanding Compliance with Bring Your Own Device Policies Utilizing Protection Motivation Theory: Bridging the Intention-Behavior Gap
Results demonstrate that participants' intentions to comply with a BYOD policy were primarily motivated by Self Efficacy and Response Efficency, and Threat Severity was more salient for accountants than non-accountants, perhaps due to their sensitivity to confidential data. Expand
Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory
  • P. Ifinedo
  • Psychology, Computer Science
  • Comput. Secur.
  • 2012
This study showed that factors such as self-efficacy, attitude toward compliance, subjective norms, response efficacy and perceived vulnerability positively influence ISSP behavioral compliance intentions of employees. Expand
Individualization of Information Systems - Analyzing Antecedents of IT Consumerization Behavior
A theoretical model for IT consumerization behavior is derived based on the theory of planned behavior and it is shown that it is foremost determined by normative pressures, specifically the behavior of friends, co*workers an d direct supervisors. Expand
Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture
We develop an individual behavioral model that integrates the role of top management and organizational culture into the theory of planned behavior in an attempt to better understand how topExpand
The influence of the informal social learning environment on information privacy policy compliance efficacy and intention
The results of this survey of 234 healthcare professionals indicate that certain social conditions within the organizational setting contribute to an informal learning process that influences employee perceptions of efficacy to engage in compliance activities, which contributes to behavioural intention to comply with information privacy policies. Expand