Keeping secure to the end: a long-term perspective to understand employees' consequence-delayed information security violation.

Li, Ying ; Zhang, Nan ; et al.

In: Behaviour & Information Technology, Jg. 38 (2019-05-01), Heft 5, S. 435-453

academicJournal

Employees' violation of information security policies is a major threat to an organisation. Some violations such as using an easy-to-guess password or storing confidential data on personal unencrypted flash drives usually do not cause immediate harm; instead, these actions create security flaws that can be attacked in the future and cause delayed consequences. We call such behaviour consequence-delayed information security violation (CDISV). The ignorance or denial of the possible delayed consequences is the main reason employees engage in such insecure behaviour. Due to the delay between the action and the consequence, a long-term mindset could play an important role in employees' current decision-making. Specifically, in this study, we propose that long-term orientation is an influential factor in decreasing CDISV. The long-term orientation includes three dimensions: continuity, futurity, and perseverance. In addition, based on the stewardship theory and the needs theory, we further propose that value identification and the fulfilment of higher-order needs (trusted relationship and growth) are important drivers for employees to have a long-term orientation. We collected survey data using the 170 responses we received from a global company's employees. The empirical results support our arguments. Our findings provide implications to organisations to encourage employees' information security behaviours. [ABSTRACT FROM AUTHOR]

Copyright of Behaviour & Information Technology is the property of Taylor & Francis Ltd and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Titel:	Keeping secure to the end: a long-term perspective to understand employees' consequence-delayed information security violation.
Autor/in / Beteiligte Person:	Li, Ying ; Zhang, Nan ; Siponen, Mikko
Zeitschrift:	Behaviour & Information Technology, Jg. 38 (2019-05-01), Heft 5, S. 435-453
Veröffentlichung:	2019
Medientyp:	academicJournal
ISSN:	0144-929X (print)
DOI:	10.1080/0144929X.2018.1539519
Schlagwort:	DATA security failures BEHAVIOR CONFIDENCE intervals DATA encryption DECISION making EMPLOYEE orientation EMPLOYEE attitudes FACTOR analysis INDUSTRIAL relations INFORMATION technology INTELLECT INTENTION MANAGEMENT QUESTIONNAIRES RESEARCH funding RISK management in business SURVEYS TRUST RULES JOB performance DATA security PREVENTION
Sonstiges:	Nachgewiesen in: Complementary Index Sprachen: English

Klicken Sie ein Format an und speichern Sie dann die Daten oder geben Sie eine Empfänger-Adresse ein und lassen Sie sich per Email zusenden.

BibTeX Citavi, JabRef, u.a.
(Literaturverwaltung)

PDF kein Volltext!
(Merkzettel, Notizen)

RIS Endnote, Citavi u.a.
(Literaturverwaltung)

MODS
(XML zur Weiterverarbeitung)

oder

Wählen Sie das für Sie passende Zitationsformat und kopieren Sie es dann in die Zwischenablage, lassen es sich per Mail zusenden oder speichern es als PDF-Datei.

Gewünschter Zitations-Stil:

oder

Bitte prüfen Sie, ob die Zitation formal korrekt ist, bevor Sie sie in einer Arbeit verwenden. Benutzen Sie gegebenenfalls den "Exportieren"-Dialog, wenn Sie ein Literaturverwaltungsprogramm verwenden und die Zitat-Angaben selbst formatieren wollen.