Abstract

Companies are facing increasing risks of insider threats, with malicious data breaches being one of their top concerns. Extant information security studies have largely ignored the role of offender motivation and the perception and choice processes underlying malicious insider computer abuses (MICA). Drawing upon the situational action theory (SAT), this study develops a comprehensive and situational understanding of the causes of MICA. This study attempts to test the key proposition of SAT that crime propensity and criminogenic environment jointly shape situational motivations and personal moral beliefs about the action alternatives (perception process), which further translate into criminal acts (choice process). In addition, to extend SAT to fit the context of MICA, we argue that offender motivations serve as an important boundary condition that adjusts the effect of personal moral beliefs. Offender motivations could even break through the moral filter and exert enduring influences on the choice process. Our study offers novel theoretical insights on malicious insider threats and important implications for IS security practitioners to prevent MICA in organizations.

Download

Share

COinS