BEHAVIORAL INFORMATION SECURITY: An Overview, Results, and Research Agenda

Jeffrey M. Stanton, Kathryn R. Stam, Paul M. Mastrangelo, Jeffrey A. Jolton

Research output: Chapter in Book/Report/Conference proceedingChapter

10 Scopus citations

Abstract

Information security is a multibillion-dollar problem faced by commercial, non-profit, and government organizations around the world. Because of their adverse effects on organizational information systems, viruses, hackers, and malicious insiders can jeopardize organizations’ capabilities to pursue their missions effectively. Although technology-based solutions help to mitigate some of the many problems of information security, even the best technology cannot work successfully unless effective human-computer interaction occurs. Information technology professionals, managers, and end users all play a significant role in determining whether the behavior that occurs as people interact with information technology will support the maintenance of effective security or undermine it. In the present paper we try to apply behavioral science concepts and techniques to understanding problems of information security in organizations. We analyzed a large set of interviews, developed a set of behavioral categories, and conducted three survey studies (N = 1167, N = 298, and N = 414) to explore whether and how behavioral science could apply to the complex set of organizational problems surrounding contemporary information security. We report these results and provide a future research agenda for researchers who wish to support organizations’ efforts to ensure security of their information assets.

Original languageEnglish (US)
Title of host publicationHuman-Computer Interaction and Management Information Systems
Subtitle of host publicationFoundations
PublisherTaylor and Francis
Pages262-280
Number of pages19
ISBN (Electronic)9781317468387
ISBN (Print)9780765614865
DOIs
StatePublished - Jan 1 2015
Externally publishedYes

Keywords

  • Information Security
  • Organizational Psychology
  • Surveys

ASJC Scopus subject areas

  • Economics, Econometrics and Finance(all)
  • Business, Management and Accounting(all)
  • Social Sciences(all)

Fingerprint

Dive into the research topics of 'BEHAVIORAL INFORMATION SECURITY: An Overview, Results, and Research Agenda'. Together they form a unique fingerprint.

Cite this