Exploring the Antecedents of Shadow Information Security Practices

Authors

Duy Dang-Pham, RMIT University, Viet NamFollow
Nik Thompson, Curtin University, AustraliaFollow
Atif Ahmad, The University of Melbourne, AustraliaFollow
Sean Maynard, The University of Melbourne, AustraliaFollow

Abstract

Employees are both the first line of defence in organisations as well as a significant source of vulnerability. Behavioural research in information security (InfoSec) has studied compliance of employees with organisational directives. Less understood are ‘shadow security practices’–a related category of behaviour where employees invent InfoSec workarounds albeit with the intention of still complying with organisational InfoSec directives. In this research-in-progress paper, we present the theoretical development of a model, by conducting in-depth reviews of the relevant and multidisciplinary literatures, to identify the potential antecedents of the employees' intention to perform shadow security.

Recommended Citation

Dang-Pham, Duy; Thompson, Nik; Ahmad, Atif; and Maynard, Sean, "Exploring the Antecedents of Shadow Information Security Practices" (2023). ACIS 2023 Proceedings. 5.
https://aisel.aisnet.org/acis2023/5