Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior |
| |
Institution: | 1. College of ICT Engineering, Chung-Ang University, 84 Heukseok-Ro, Dongjak-Gu, Seoul 156-756, Republic of Korea;2. Department of Business Administration, Hoseo University, 268 Anseo-dong, Cheonan, Chungnam 330-713, Republic of Korea;3. College of Business, Korea Advanced Institute of Science and Technology, 85 Hoegi-Ro, Dongdaemoon-Gu, Seoul 130-722, Republic of Korea;1. School of Psychology, University of Adelaide, South Australia;2. Defence Science and Technology Group, Edinburgh, South Australia |
| |
Abstract: | As internet technology and mobile applications increase in volume and complexity, malicious cyber-attacks are evolving, and as a result society is facing greater security risks in cyberspace more than ever before. This study has extended the published literature on cybersecurity by theoretically defining the conceptual domains of employees’ security behavior, and developed and tested operational measures to advance information security behavior research in the workplace. A conceptual framework is proposed and tested using survey results from 579 business managers and professionals. Structural equation modeling and ANOVA procedures are employed to test the proposed hypotheses. The results show that when employees are aware of their company’s information security policy and procedures, they are more competent to manage cybersecurity tasks than those who are not aware of their companies’ cybersecurity policies. The study also indicates that an organizational information security environment positively influences employees’ threat appraisal and coping appraisal abilities, which in turn, positively contribute to their cybersecurity compliance behavior. |
| |
Keywords: | Information security Peer behavior Cues to action Protection motivation theory Cybersecurity policy compliance |
本文献已被 ScienceDirect 等数据库收录! |
|