Start Date

11-12-2016 12:00 AM

Description

To increase information security awareness among their workforce and to achieve secure information systems (IS), decision-makers employ measures of information security, such as security policies or associated training and educational programs. However, these information security measures might also put stress on employees, so-called security-related stress, for instance, if they are perceived as difficult to understand, as an invasion of privacy, or if they give rise to conflicts of interest. While previous IS security research directly applies the existing concept of technostress to the security context, we develop and validate a more specific and holistic construct of security-related stress manifested in multidimensional stressors of individuals’ work, personal, and social environment. A first empirical test with 165 participants does not only confirm the newly identified sub-dimensions, but also shows mixed effects of the interrelated but distinct sub-dimensions of security-related stress on information security policy compliance intention.

Share

COinS
 
Dec 11th, 12:00 AM

How Information Security Requirements Stress Employees

To increase information security awareness among their workforce and to achieve secure information systems (IS), decision-makers employ measures of information security, such as security policies or associated training and educational programs. However, these information security measures might also put stress on employees, so-called security-related stress, for instance, if they are perceived as difficult to understand, as an invasion of privacy, or if they give rise to conflicts of interest. While previous IS security research directly applies the existing concept of technostress to the security context, we develop and validate a more specific and holistic construct of security-related stress manifested in multidimensional stressors of individuals’ work, personal, and social environment. A first empirical test with 165 participants does not only confirm the newly identified sub-dimensions, but also shows mixed effects of the interrelated but distinct sub-dimensions of security-related stress on information security policy compliance intention.