Although the number of security incidents and data breaches caused by humans increasing, no well-established scale exists to measure individuals’ information security misbehaviors in interaction with the information systems. Knowing that individuals’ misbehaviors differ in term of intentions, in this research, we identify important unintentional behaviors that users may threaten security through non-malicious actions and develop a unified information security misbehaviors scale aiming to exhibit acceptable psychometric properties. We believe such a measurement tool can help researchers to investigate various causes of human errors in system-user interactions and guide practitioners to make strategic decisions in organizations. Our goal is to build a set of Likert scale questions by exploring literature, security experts’ advice, or adopting security policies implemented in organizations to find out what type of individuals’ mistakes may lead to unintentional security misbehaviors.
Shadbad, Forough Nasirpouri and Biros, David, "Developing an Unintentional Information Security Misbehavior Scale (UISMS)" (2019). MWAIS 2019 Proceedings. 10.