Anusha Bhana scite author profile

Anusha Bhana

2Publications

2Citation Statements Received

57Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Cape Town

Publications

Order By: Most citations

Security Fatigue: A Case Study of Data Specialists

Bhana

Ophoff

2022

View full text Add to dashboard Cite

Due to the number of data breaches occurring worldwide there is increasing vigilance regarding information security. Organisations employ a variety of technical, formal, and informal security controls but also rely on employees to safeguard information assets. This relies heavily on compliance and constantly challenges employees with security-related tasks. Security compliance behaviour is a finite resource and when employees engage in cost-benefit analyses that extend tolerance thresholds, security fatigue may set in. Security fatigue has been described as a despondency and weariness to experience any further security tasks. This study used a case study approach to investigate employee security fatigue, focusing on data specialists. Primary data was collected through semi-structured interviews with 12 data specialists in a large financial services company. A thematic analysis of the data revealed several interlinked themes that evidence security fatigue. Awareness and understanding of these themes can help organisations to monitor for this and tailor security activities, such as security education, training, and awareness for increased effectiveness.

show abstract

Risk homeostasis and security fatigue: a case study of data specialists

Bhana

Ophoff

2023

ICS

View full text Add to dashboard Cite

Purpose Organisations use a variety of technical, formal and informal security controls but also rely on employees to safeguard information assets. This relies heavily on compliance and constantly challenges employees to manage security-related risks. The purpose of this research is to explore the homeostatic mechanism proposed by risk homeostasis theory (RHT), as well as security fatigue, in an organisational context. Design/methodology/approach A case study approach was used to investigate the topic, focusing on data specialists who regularly work with sensitive information assets. Primary data was collected through semi-structured interviews with 12 data specialists in a large financial services company. Findings A thematic analysis of the data revealed risk perceptions, behavioural adjustments and indicators of security fatigue. The findings provide examples of how these concepts manifest in practice and confirm the relevance of RHT in the security domain. Originality/value This research illuminates homeostatic mechanisms in an organisational security context. It also illustrates links with security fatigue and how this could further impact risk. Examples and indicators of security fatigue can assist organisations with risk management, creating “employee-friendly” policies and procedures, choosing appropriate technical security solutions and tailoring security education, training and awareness activities.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Anusha Bhana

Security Fatigue: A Case Study of Data Specialists

Risk homeostasis and security fatigue: a case study of data specialists

Contact Info

Product

Resources

About