Description
The information security community has come to realize that the weakest link in a cybersecurity chain is human behavior. Based on Protection Motivation Theory and an extensive literature review on behavioral information security, a large-scale survey study was conducted recently to investigate the cybersecurity behavior and beliefs of employees. Five hundred seventy nine employees from various U.S. organizations and companies completed an online survey with 87 items carefully designed by six experts in cybersecurity, information technology, psychology and decision science. From the survey results, factors that contribute to employees’ cybersecurity behavior were identified. We are currently building a theoretical model to understand how these factors affect employees’ self-reported security behavior.
Recommended Citation
He, Wu; Ash, Ivan; Li, Ling; Xu, Li; Anwar, Mohd; and Yuan, Xiaohong, "A Security Behavior Model of Employees in Cyberspace" (2015). AMCIS 2015 Proceedings. 6.
https://aisel.aisnet.org/amcis2015/ISSecurity/GeneralPresentations/6
A Security Behavior Model of Employees in Cyberspace
The information security community has come to realize that the weakest link in a cybersecurity chain is human behavior. Based on Protection Motivation Theory and an extensive literature review on behavioral information security, a large-scale survey study was conducted recently to investigate the cybersecurity behavior and beliefs of employees. Five hundred seventy nine employees from various U.S. organizations and companies completed an online survey with 87 items carefully designed by six experts in cybersecurity, information technology, psychology and decision science. From the survey results, factors that contribute to employees’ cybersecurity behavior were identified. We are currently building a theoretical model to understand how these factors affect employees’ self-reported security behavior.