Location
Online
Event Website
https://hicss.hawaii.edu/
Start Date
3-1-2023 12:00 AM
End Date
7-1-2023 12:00 AM
Description
Extra-role security behavior has been recognized as a salient element of information security. Drawing upon the research on proactivity in the management literature, we identify ‘felt responsibility for constructive change’ (FRCC) as an important proactive motivational state that drives the behavior. We then follow proactive motivation theory and seek the contextual element and individual difference that precede FRCC. Based on buy-in theory, we propose that user participation in the development of information security-related activities and artifacts induces FRCC. To balance context specificity with generality, we model the individual difference of proactive personality as a moderator of this relation. Our model expands the scope of studying behavioral security by addressing users’ proactive involvement in protecting organizations’ information assets, as opposed to only examining reactive and passive user involvement. Further, the model extends the literature by addressing how promoting positive pre-kinetic events serves organizational information security.
Recommended Citation
Nehme, Alaa and Marler, Laura, "Buying in and Feeling Responsible: A Model of Extra-role Security Behavior" (2023). Hawaii International Conference on System Sciences 2023 (HICSS-56). 3.
https://aisel.aisnet.org/hicss-56/in/behavioral_is_security/3
Buying in and Feeling Responsible: A Model of Extra-role Security Behavior
Online
Extra-role security behavior has been recognized as a salient element of information security. Drawing upon the research on proactivity in the management literature, we identify ‘felt responsibility for constructive change’ (FRCC) as an important proactive motivational state that drives the behavior. We then follow proactive motivation theory and seek the contextual element and individual difference that precede FRCC. Based on buy-in theory, we propose that user participation in the development of information security-related activities and artifacts induces FRCC. To balance context specificity with generality, we model the individual difference of proactive personality as a moderator of this relation. Our model expands the scope of studying behavioral security by addressing users’ proactive involvement in protecting organizations’ information assets, as opposed to only examining reactive and passive user involvement. Further, the model extends the literature by addressing how promoting positive pre-kinetic events serves organizational information security.
https://aisel.aisnet.org/hicss-56/in/behavioral_is_security/3