Abstract

This paper presents a conceptual model to explain employee security behaviors as a function of manager’s transgressions in the workplace. To date, most information systems security (ISS) studies neglect the effects poor leadership can have on the security of organizational ISS. This paper seeks to broaden the study of leadership in information systems security by examining negative effects of leadership. This paper suggests that leader transgressions create punitive desires in employees that result in ISS-related deviance. This paper identifies two forms of deviance, intentional policy non-compliance and less intentional neglect of proactive security behaviors. Importantly, although other studies mention these two forms of deviance, this paper is one of few that model them together. The model in this paper can help leaders understand the effects of their negative behaviors and direct leaders toward ways to improve relationships with employees, and thereby enhance security.

Share

COinS
 

The Dark Side of Leadership in Information Systems Security: A Model of the Effect of Manager Transgressions on Employee Security Behaviors

This paper presents a conceptual model to explain employee security behaviors as a function of manager’s transgressions in the workplace. To date, most information systems security (ISS) studies neglect the effects poor leadership can have on the security of organizational ISS. This paper seeks to broaden the study of leadership in information systems security by examining negative effects of leadership. This paper suggests that leader transgressions create punitive desires in employees that result in ISS-related deviance. This paper identifies two forms of deviance, intentional policy non-compliance and less intentional neglect of proactive security behaviors. Importantly, although other studies mention these two forms of deviance, this paper is one of few that model them together. The model in this paper can help leaders understand the effects of their negative behaviors and direct leaders toward ways to improve relationships with employees, and thereby enhance security.