Information Security Awareness: Its Antecedents and Mediating Effects on Security Compliant Behavior
Start Date
12-17-2013
Description
Information security awareness (ISA) is referred to as a state of consciousness and knowledge about security issues and is frequently found to impact security compliant behavior. However, to date we know little about the factors influencing ISA and its mediating effect on behavior. Our study addresses these gaps. We propose a research model that studies ISA’s institutional, individual, and environmental antecedents and investigates the mediating role of ISA. The model was empirically tested with survey data from 475 employees. The model explains a substantial proportion of the variance of ISA (.50) and intention to comply (.41). The results imply that the provision of security policies and employees’ knowledge on information systems are the most influential antecedents of ISA. The study shows that ISA mediates the relationship between ISA’s antecedents and behavioral intention. The findings will be useful for stakeholders interested in encouraging employees’ information security policy compliant behavior.
Recommended Citation
Haeussinger, Felix and Kranz, Johann, "Information Security Awareness: Its Antecedents and Mediating Effects on Security Compliant Behavior" (2013). ICIS 2013 Proceedings. 9.
https://aisel.aisnet.org/icis2013/proceedings/SecurityOfIS/9
Information Security Awareness: Its Antecedents and Mediating Effects on Security Compliant Behavior
Information security awareness (ISA) is referred to as a state of consciousness and knowledge about security issues and is frequently found to impact security compliant behavior. However, to date we know little about the factors influencing ISA and its mediating effect on behavior. Our study addresses these gaps. We propose a research model that studies ISA’s institutional, individual, and environmental antecedents and investigates the mediating role of ISA. The model was empirically tested with survey data from 475 employees. The model explains a substantial proportion of the variance of ISA (.50) and intention to comply (.41). The results imply that the provision of security policies and employees’ knowledge on information systems are the most influential antecedents of ISA. The study shows that ISA mediates the relationship between ISA’s antecedents and behavioral intention. The findings will be useful for stakeholders interested in encouraging employees’ information security policy compliant behavior.