The assumptions and profiles behind IT security behavior
(2017) 50th Annual Hawaii International Conference on System Sciences, HICSS 2017 In Proceedings of the Annual Hawaii International Conference on System Sciences 2017-January. p.4987-4996- Abstract
Among the major IT security challenges facing organizations is non-malicious employee behavior that nevertheless poses significant threats to an organization's IT security. Using a grounded theory methodology, this paper finds that organizational security behaviors are inherently related to employee assumptions regarding the importance of IT security policy compliance and regarding the reason why IT security measures are implemented. Analyzing these assumptions uncovers four profiles of perspectives concerning IT security: the IT Security Indulgence, the IT Security Overindulgence, the IT Knows Best and the IT Security Disconnect profiles. These profiles are useful in understanding employee IT security behaviors and may help IT... (More)
Among the major IT security challenges facing organizations is non-malicious employee behavior that nevertheless poses significant threats to an organization's IT security. Using a grounded theory methodology, this paper finds that organizational security behaviors are inherently related to employee assumptions regarding the importance of IT security policy compliance and regarding the reason why IT security measures are implemented. Analyzing these assumptions uncovers four profiles of perspectives concerning IT security: the IT Security Indulgence, the IT Security Overindulgence, the IT Knows Best and the IT Security Disconnect profiles. These profiles are useful in understanding employee IT security behaviors and may help IT departments in developing more effective strategies designed to ensure policy compliance.
(Less)
- author
- Balozian, Puzant and Leidner, Dorothy LU
- organization
- publishing date
- 2017
- type
- Chapter in Book/Report/Conference proceeding
- publication status
- published
- subject
- host publication
- Proceedings of the 50th Annual Hawaii International Conference on System Sciences, HICSS 2017
- series title
- Proceedings of the Annual Hawaii International Conference on System Sciences
- editor
- Bui, Tung X. and Sprague, Ralph
- volume
- 2017-January
- pages
- 10 pages
- publisher
- IEEE Computer Society
- conference name
- 50th Annual Hawaii International Conference on System Sciences, HICSS 2017
- conference location
- Big Island, United States
- conference dates
- 2017-01-03 - 2017-01-07
- external identifiers
-
- scopus:85108235891
- ISSN
- 1530-1605
- ISBN
- 9780998133102
- language
- English
- LU publication?
- yes
- id
- 1a18b882-6fe1-433b-ae0c-e5e16d4ca11f
- date added to LUP
- 2021-07-14 15:30:02
- date last changed
- 2022-02-09 07:33:57
@inproceedings{1a18b882-6fe1-433b-ae0c-e5e16d4ca11f, abstract = {{<p>Among the major IT security challenges facing organizations is non-malicious employee behavior that nevertheless poses significant threats to an organization's IT security. Using a grounded theory methodology, this paper finds that organizational security behaviors are inherently related to employee assumptions regarding the importance of IT security policy compliance and regarding the reason why IT security measures are implemented. Analyzing these assumptions uncovers four profiles of perspectives concerning IT security: the IT Security Indulgence, the IT Security Overindulgence, the IT Knows Best and the IT Security Disconnect profiles. These profiles are useful in understanding employee IT security behaviors and may help IT departments in developing more effective strategies designed to ensure policy compliance.</p>}}, author = {{Balozian, Puzant and Leidner, Dorothy}}, booktitle = {{Proceedings of the 50th Annual Hawaii International Conference on System Sciences, HICSS 2017}}, editor = {{Bui, Tung X. and Sprague, Ralph}}, isbn = {{9780998133102}}, issn = {{1530-1605}}, language = {{eng}}, pages = {{4987--4996}}, publisher = {{IEEE Computer Society}}, series = {{Proceedings of the Annual Hawaii International Conference on System Sciences}}, title = {{The assumptions and profiles behind IT security behavior}}, volume = {{2017-January}}, year = {{2017}}, }