The Forgotten Model - Validating the Integrated Behavioral Model in Context of Information Security Awareness

The behavior of employees has a strong influence on the information security of a company. Whether humans behave information security compliant depends on a large extent on their information security awareness (ISA). Social psychology provides an understanding about factors that influence awareness and thus gives relevant insights on how to increase an employee's ISA. A promising theory from health psychology is the Integrated Behavioral Model (IBM). To validate the significance of the IBM for ISA, a structured literature review about models that explain ISA has been conducted. The analysis of the found ISA models and their constructs showed that the IBM indeed includes all found factors. Based on the findings, the paper presents an extended model of the IBM within the ISA context with a higher level of detail. The model can be used to analyze individualized ISA and help companies to enhance ISA in a systematic way.