Despite the existence of stringent policies and clear sanctions, employees are often considered the weakest link in information security (IS). This paper explores this phenomenon within a military context, investigating military cadets’ attitudes towards IS and their justifications for employing neutralisation techniques to deviate from organisational IS regulations. These techniques include Condemnation of the condemners, The Metaphor of the ledger, Denial of injury, Denial of responsibility, Appeal to higher loyalties, and Defence of necessity. A survey involving 144 military cadets assessed their use of these neutralisation techniques and their personality traits based on the Five Factor and the Dark Triad models of personality. The results suggest that a more individualised approach to IS education could be beneficial. Understanding how personality traits can make one more susceptible to certain neutralisation techniques can help individuals recognise their strengths and vulnerabilities in IS behaviour.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....