The purpose of this paper is to identify variables that influence compliance with information security policies of organizations and to identify how important these variables are. A systematic review of empirical studies described in extant literature is performed....
Research Library
The world’s first globally accessible archive of research into the human aspect of cyber security and behavioral science as applied to cyber security awareness and online behavioral change.
Variables influencing information security policy compliance
The purpose of this paper is to identify variables that influence compliance with information security policies of organizations and to identify how important these variables are.
Employees’ adherence to information security policies: An exploratory field study
The key threat to information security comes from employees who do not comply with information security policies. We developed a new multi-theory based model that explained employees’ adherence to security policies. The paradigm combines elements from the Protection...
Using the health belief model to explore users’ perceptions of ‘being safe and secure’ in the world of technology mediated financial transactions
Fraudulent transactions occurring via the Internet or Automatic Teller Machines (ATMs) present a considerable problem for financial institutions and consumers alike. Whilst a number of technological improvements have helped reduce the likelihood of security breaches,...
Social cognitive determinants of non-malicious, counterproductive computer security behaviors ( Ccsb): An empirical analysis
This study used a cross-sectional survey to test the relationships among social cognitive variables and employees' counterproductive computer security behaviors (CCSB). We used data collected from 201 professionals in Canadian organizations. Components from social...
Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition
This study investigated employees’ information systems security policy (ISSP) compliance behavioural intentions in organisations from the theoretical lenses of social bonding, social influence, and cognitive processing. Given that previous research on ISSP compliance...
Analysis of unintentional insider threats deriving from social engineering exploits
This paper reports on the researchers' efforts to collect and analyse data from unintentional insider threats, noting how difficult data collection and analysis is in this area. Researchers note overcoming data collection and analysis issues is and will be necessary...
Do it OR ELSE ! Exploring the effectiveness of deterrence on employee compliance with information security policies
Organizations have long relied upon the threat of sanctions to influence employees to follow information security policies. Unfortunately, the belief in the power of deterrence has provided mixed results in both research and in real life. This study explored the...
Using behavioural insights to improve the public’s use of cyber security best practices
Behavioural change theory suggests influencers of behavioural change include environmental factors (such as technological design), social influencers (such as peers or family) and personal influencers (such as what we know and believe). Using the MINDSPACE framework...
Information security culture: A definition and a literature review
Information security culture guides how things are done in organization in regard to information security, with the aim of protecting the information assets and influencing employees’ security behavior. In this paper, we review key literature on information security...