Are Information Security Practices Driven by the Likelihood and potential Impact of Security Events?
Loading...
Paper Type
ERF
Description
Organizations have opened up various digital interfaces through which customers gain access to online services. Digital interaction between the organization and its customers increases security risks. This study examines how the risk profile of customers defined by their perception of the likelihood and potential impact of a security incident is related to their information security behaviors. We collected data in the context of online banking services to empirically evaluate this research question. The results showed that individuals with low likelihood and high impact perceptions of security incidents had authentication and device security practices significantly higher than that of other groups. Surprisingly, there was no difference in security practices across groups with high likelihood/high impact and low likelihood/low impact perceptions of security incidents. Implications of these results are discussed along with ways we plan to extend this research study.
Paper Number
1398
Recommended Citation
Batra, Gunjan; Saeed, Khawaja; and Zafar, Humayun, "Are Information Security Practices Driven by the Likelihood and potential Impact of Security Events?" (2023). AMCIS 2023 Proceedings. 13.
https://aisel.aisnet.org/amcis2023/sig_sec/sig_sec/13
Are Information Security Practices Driven by the Likelihood and potential Impact of Security Events?
Organizations have opened up various digital interfaces through which customers gain access to online services. Digital interaction between the organization and its customers increases security risks. This study examines how the risk profile of customers defined by their perception of the likelihood and potential impact of a security incident is related to their information security behaviors. We collected data in the context of online banking services to empirically evaluate this research question. The results showed that individuals with low likelihood and high impact perceptions of security incidents had authentication and device security practices significantly higher than that of other groups. Surprisingly, there was no difference in security practices across groups with high likelihood/high impact and low likelihood/low impact perceptions of security incidents. Implications of these results are discussed along with ways we plan to extend this research study.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIG SEC