2018
DOI: 10.2139/ssrn.3252742
|View full text |Cite
|
Sign up to set email alerts
|

Information Security Policy Compliance

Abstract: One of the most challenging problems modern firms face is that their weakest link in maintaining information security is the behavior of employees: clicking on phishing emails, telling friends and family private information, and searching for private information about themselves (Loch, Carr and Warkentin 1992). A survey conducted by the Computer Security Institute reported that the average monetary loss per incident was $288,618 and that 44% of those who responded to the survey reported insider securityrelated… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
2
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
2

Relationship

0
2

Authors

Journals

citations
Cited by 2 publications
(2 citation statements)
references
References 89 publications
(91 reference statements)
0
2
0
Order By: Relevance
“…Li and Hoffman [27] investigated the relationship between employees' ISCB and punishment severity in a series of organizations. Using the general deterrence theory (GDT), they identified demographic and human reasons behind IS violations and deployed a series of theories (i.e., GDT, PMT, and TPB) to evaluate predictors of ISCB.…”
Section: Literature Studiesmentioning
confidence: 99%
“…Li and Hoffman [27] investigated the relationship between employees' ISCB and punishment severity in a series of organizations. Using the general deterrence theory (GDT), they identified demographic and human reasons behind IS violations and deployed a series of theories (i.e., GDT, PMT, and TPB) to evaluate predictors of ISCB.…”
Section: Literature Studiesmentioning
confidence: 99%
“…Information security policy violations can be very serious for an organization, as the consequence of one non-compliant action can compromise an organization's entire information security system. The information security of an organization is dependent on employees' compliance with the organization's information security policies [10]. Even when users have received good information security training, some factors can promote non-compliance behavior.…”
mentioning
confidence: 99%