Identifying Factors that Influence Employees’ Security Behavior for Enhancing ISP Compliance

Topa, Ioanna; Karyda, Maria

doi:10.1007/978-3-319-22906-5_13

Cited by 23 publications

(14 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In the information system context, anticipating the intention to involve in protective actions has been investigated by many types of research [ [44] , [45] , [46] ]. PMT indicates two main directions in motivating the individuals to adopt protective actions: risk evaluation and coping evaluation [ 44 , 47 ]. Risk evaluation is one's estimation of the degree to which a potential risk is possible to happen and how serious it can be.…”

Section: Theoretical Backgroundmentioning

confidence: 99%

The impact of coronavirus pandemic (COVID-19) on education: The role of virtual and remote laboratories in education

Abumalloh

Asadi

Nilashi

et al. 2021

Technology in Society

View full text Add to dashboard Cite

To avoid the spread of the COVID-19 crisis, many countries worldwide have temporarily shut down their academic organizations. National and international closures affect over 91% of the education community of the world. E-learning is the only effective manner for educational institutions to coordinate the learning process during the global lockdown and quarantine period. Many educational institutions have instructed their students through remote learning technologies to face the effect of local closures and promote the continuity of the education process. This study examines the expected benefits of e-learning during the COVID-19 pandemic by providing a new model to investigate this issue using a survey collected from the students at Imam Abdulrahman Bin Faisal University. Partial Least Squares Structural Equation Modeling (PLS-SEM) was employed on 179 useable responses. This study applied Push-Pull-Mooring theory and examined how push, pull, and mooring variables impact learners to switch to virtual and remote educational laboratories. The Protection Motivation theory was employed to explain how the potential health risk and environmental threat can influence the expected benefits from e-learning services. The findings revealed that the push factor (environmental threat) is significantly related to perceived benefits. The pull factors (e-learning motivation, perceived information sharing, and social distancing) significantly impact learners' benefits. The mooring factor, namely perceived security, significantly impacts learners’ benefits.

show abstract

Section: Theoretical Backgroundmentioning

confidence: 99%

The impact of coronavirus pandemic (COVID-19) on education: The role of virtual and remote laboratories in education

Abumalloh

Asadi

Nilashi

et al. 2021

Technology in Society

View full text Add to dashboard Cite

show abstract

“…Studies exploring acceptability in the field tend to focus on the factors influencing the acceptance of security policies and solutions within organizational context. Topa and Karyda (2015) recently reviewed the literature on employee security behaviour and classified the factors influencing them into individual, organizational and technical. Accordingly, organizations aiming to improve security policy compliance are recommended to adopt a holistic approach that addresses issues related to all three category of factors.…”

Section: Issues Related To the Adoption Of Cybersecurity Controlsmentioning

confidence: 99%

Exploring user behavioral data for adaptive cybersecurity

Addae

Sun

Towey

et al. 2019

User Model User-Adap Inter

View full text Add to dashboard Cite

This paper describes an exploratory investigation into the feasibility of predictive analytics of user behavioural data as a possible aid in developing effective user models for adaptive cybersecurity. Partial Least Squares Structural Equation Modelling (PLS-SEM) is applied to the domain of cybersecurity by collecting data on users' attitude towards digital security, and analysing how that influences their adoption and usage of technological security controls. Bayesian-network modeling is then applied to integrate the behavioural variables with simulated sensory data from the web browser and other empirical data gathered to support personalized adaptive cybersecurity decision-making. Results from the empirical study show that predictive analytics is feasible in the context of behavioural cybersecurity, and can aid in the generation of useful heuristics for the design and development of adaptive cybersecurity mechanisms. Predictive analytics can also aid in encoding digital security behavioural knowledge that can support the adaptation and/or automation of operations in the domain of cybersecurity. The experimental results demonstrate the effectiveness of the techniques applied to extract input data for the Bayesian-based models for personalized adaptive cybersecurity assistance.

show abstract

“…Um ein gewünschtes Informationssicherheitsniveau zu erreichen, werden Informationssicherheitsvorschriften (Information Security Policies) als sozio-organisatorische Maßnahmen eingesetzt. Informationssicherheitsvorschriften sind ein "statement of the roles and responsibilities of the employees to safeguard the information and technology resources of their organizations" [21]. In einem formellen Dokument wird festgelegt, was erwünschtes und nicht-erwünschtes Verhalten in Bezug auf Informationssicherheit bedeutet [22].…”

Section: Stand Der Forschungunclassified

“…Auch die handelnden Personen spielen eine bedeutende Rolle. Wird den verantwortlichen Personen vertraut, wirkt sich dies positiv auf die Einhaltung der Informationssicherheitsvorschriften aus und umgekehrt [7], [19], [21], [27], [28]. Häufig werden Sicherheitsvorschriften als zwingend oder bindend definiert [29].…”

Section: Inhaltliche Technische Und Organisatorische Faktoren Und Maunclassified

Einhaltung von Informationssicherheitsvorschriften durch MitarbeiterInnen: Faktoren und Maßnahmen

Krumay¹,

Koch²,

Winkler³

2020

WI2020 Zentrale Tracks

View full text Add to dashboard Cite

Informationssicherheitsvorschriften sind für alle Unternehmen ein wichtiges Instrument, um sich vor Sicherheitsvorfällen zu schützen. Allerdings nur dann, wenn MitarbeiterInnen diese auch befolgen. Ob Informationssicherheitsvorschriften eingehalten werden oder nicht, hängt von unterschiedlichen Einflussfaktoren ab. In der Literatur werden bereits verschiedene Faktoren und Maßnahmen, die auf die Befolgung von Informationssicherheitsvorschriften einen Einfluss haben, diskutiert. Dazu gehören unter anderem das Informationssicherheitsbewusstsein oder auch die klare Formulierung der Vorschriften. Im Rahmen dieser Studie wurden Faktoren und Maßnahmen aus der Literatur erhoben und qualitative und quantitative Methoden eingesetzt, um deren Relevanz in der Praxis zu evaluieren. In Interviews wurden zusätzliche Faktoren, wie das Verhalten von Stakeholdern, identifiziert. Auch die Vorbildwirkung von ExpertInnen und Persönlichkeitsmerkmale wie die Strukturiertheit der MitarbeiterInnen sind in der Literatur bisher wenig beachtete Faktoren, für die in der Befragungsstudie ein Zusammenhang mit dem Verhalten aufgezeigt werden konnte. Mit Hilfe eines etablierten Verhaltensmodells können diese Zusammenhänge erklärt werden.

show abstract

Identifying Factors that Influence Employees’ Security Behavior for Enhancing ISP Compliance

Cited by 23 publications

References 25 publications

The impact of coronavirus pandemic (COVID-19) on education: The role of virtual and remote laboratories in education

The impact of coronavirus pandemic (COVID-19) on education: The role of virtual and remote laboratories in education

Exploring user behavioral data for adaptive cybersecurity

Einhaltung von Informationssicherheitsvorschriften durch MitarbeiterInnen: Faktoren und Maßnahmen

Contact Info

Product

Resources

About