Journal ArticleDOI
Information Security Effectiveness: Conceptualization and Validation of a Theory
Reads0
Chats0
TLDR
A theoretical model is proposed and test that includes four variables through which top management can positively influence security effectiveness: user training, security culture, policy relevance, and policy enforcement.Abstract:
Taking a sequential qualitative-quantitative methodological approach, we propose and test a theoretical model that includes four variables through which top management can positively influence security effectiveness: user training, security culture, policy relevance, and policy enforcement. During the qualitative phase of the study, we generated the model based on textual responses to a series of questions given to a sample of 220 information security practitioners. During the quantitative phase, we analyzed survey data collected from a sample of 740 information security practitioners. After data collection, we analyzed the survey responses using structural equation modeling and found evidence to support the hypothesized model. We also tested an alternative, higher-order factor version of the original model that demonstrated an improved overall fit and general applicability across the various demographics of the sampled data. We then linked the finding of this study to existing top management support literature, general deterrence theory research, and the theoretical notion of the dilemma of the supervisor.read more
Citations
More filters
Journal ArticleDOI
User preference of cyber security awareness delivery methods
TL;DR: This study conducted information security awareness using text-based, game-based and video-based delivery methods and suggests that a combined delivery methods are better than individual security awareness delivery method.
Journal ArticleDOI
The Role of Extra-Role Behaviors and Social Controls in Information Security Policy Effectiveness
TL;DR: Paired data indicated that formal control and social control individually and interactively enhance both in-and extra-role security behaviors, which substantiated the importance of extra- role behaviors in improving ISP effectiveness.
Journal ArticleDOI
Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture
TL;DR: This paper presents an empirical investigation on what behavioral information security governance factors drives the establishment of information security knowledge sharing in organizations.
Journal ArticleDOI
Personal information privacy and emerging technologies
TL;DR: This research presents a model of personal information privacy (PIP) that includes not only transactional data gathering, but also interorganisational data sharing.
Journal ArticleDOI
Shaping intention to resist social engineering through transformational leadership, information security culture and awareness
TL;DR: The results showed that attitude toward resisting social engineering has the strongest direct association with intention to resist social engineering, while both self-efficacy and normative beliefs showed weak relationships with intention-to-resist social engineering.
References
More filters
Journal ArticleDOI
Common method biases in behavioral research: a critical review of the literature and recommended remedies.
TL;DR: The extent to which method biases influence behavioral research results is examined, potential sources of method biases are identified, the cognitive processes through which method bias influence responses to measures are discussed, the many different procedural and statistical techniques that can be used to control method biases is evaluated, and recommendations for how to select appropriate procedural and Statistical remedies are provided.
Journal ArticleDOI
Convergent and discriminant validation by the multitrait-multimethod matrix.
TL;DR: This transmutability of the validation matrix argues for the comparisons within the heteromethod block as the most generally relevant validation data, and illustrates the potential interchangeability of trait and method components.
Journal ArticleDOI
Self-Reports in Organizational Research: Problems and Prospects
TL;DR: In this paper, the authors identify six categories of self-reports and discuss such problems as common method variance, the consistency motif, and social desirability, as well as statistical and post hoc remedies and some procedural methods for dealing with artifactual bias.
Journal ArticleDOI
Testing Moderator and Mediator Effects in Counseling Psychology Research.
TL;DR: In this paper, the authors describe differences between moderator and mediator effects, and provide non-technical descriptions of how to examine each type of effect, including study design, analysis, and interpretation of results.
Journal ArticleDOI
Bad Management Theories Are Destroying Good Management Practices
TL;DR: In this article, the authors argue that academic research related to the conduct of business and management has had some very significant and negative influences on the practice of management, and that these influences have had a negative impact on the management practice.
Related Papers (5)
Evaluating Structural Equation Models with Unobservable Variables and Measurement Error
Claes Fornell,David F. Larcker +1 more