The purpose of this paper based on compensation theory, is to incorporate perceived technical security protection into the theory of planned behavior and examined factors affecting end‐user security behaviors, specifically, compliance with security policies. The results show that both perceived behavioral control (PBC) and attitude have significant impact on intention to comply with security policy. Perceived technical protection affects behavioral intentions both indirectly, through PBC, and directly. The negative direct effect (i.e. perceived high technical protection leads to low intention to comply with security policy) suggests possible risk compensation effects in the information security context.
Research on the effectiveness of cyber security awareness in ICS Risk Assessment Frameworks
Assessing security awareness among users is essential for protecting industrial control systems (ICSs) from social...