Select Page
Research library

Information security is more than just policy; It is in your personality

Despite the existence of stringent policies and clear sanctions, employees are often considered the weakest link in information security (IS). This paper explores this phenomenon within a military context, investigating military cadets’ attitudes towards IS and their justifications for employing neutralisation techniques to deviate from organisational IS regulations. These techniques include Condemnation of the condemners, The Metaphor of the ledger, Denial of injury, Denial of responsibility, Appeal to higher loyalties, and Defence of necessity. A survey involving 144 military cadets assessed their use of these neutralisation techniques and their personality traits based on the Five Factor and the Dark Triad models of personality. The results suggest that a more individualised approach to IS education could be beneficial. Understanding how personality traits can make one more susceptible to certain neutralisation techniques can help individuals recognise their strengths and vulnerabilities in IS behaviour.

You May Also Like