Abstract
Information security is a multibillion-dollar problem faced by commercial, non-profit, and government organizations around the world. Because of their adverse effects on organizational information systems, viruses, hackers, and malicious insiders can jeopardize organizations’ capabilities to pursue their missions effectively. Although technology-based solutions help to mitigate some of the many problems of information security, even the best technology cannot work successfully unless effective human-computer interaction occurs. Information technology professionals, managers, and end users all play a significant role in determining whether the behavior that occurs as people interact with information technology will support the maintenance of effective security or undermine it. In the present paper we try to apply behavioral science concepts and techniques to understanding problems of information security in organizations. We analyzed a large set of interviews, developed a set of behavioral categories, and conducted three survey studies (N = 1167, N = 298, and N = 414) to explore whether and how behavioral science could apply to the complex set of organizational problems surrounding contemporary information security. We report these results and provide a future research agenda for researchers who wish to support organizations’ efforts to ensure security of their information assets.
Original language | English (US) |
---|---|
Title of host publication | Human-Computer Interaction and Management Information Systems |
Subtitle of host publication | Foundations |
Publisher | Taylor and Francis |
Pages | 262-280 |
Number of pages | 19 |
ISBN (Electronic) | 9781317468387 |
ISBN (Print) | 9780765614865 |
DOIs | |
State | Published - Jan 1 2015 |
Externally published | Yes |
Keywords
- Information Security
- Organizational Psychology
- Surveys
ASJC Scopus subject areas
- Economics, Econometrics and Finance(all)
- General Business, Management and Accounting
- General Social Sciences