MWAIS 2024 Proceedings


This paper aims to explore areas for practical and theoretical integration of information security and human resource domains based on the conducted findings from the focus group with CISOs and CTOs. It explores the idea that lack of departmental support of Information security efforts by other departments in the organization is hurting employee compliance efforts. Responses from a focus group of executives have led us to explore potential points of integration with the firm’s human resource department, a group tasked with orchestrating the firm’s human capital to effectively work towards the firm’s goals. It is our contention that information security departments can reduce employees’ noncompliance behaviors by involving HR department for work design interventions that reduce limiting job crafting as well as through the improving of training materials that go beyond awareness and provide concrete steps for action.