Does Explicit Information Security Policy Affect Employees' Cyber Security Behavior? A Pilot Study

被引：15

作者：

Li, Ling ^{[1
]}

He, Wu ^{[1
]}

Ivan, Ash ^{[1
]}

Xu, Li ^{[1
]}

Anwar, Mohd ^{[2
]}

Yuan, Xiaohong ^{[2
]}

机构：

[1] Old Dominion Univ, Norfolk, VA 23529 USA

[2] North Carolina A&T Univ, Greensboro, NC USA

来源：

2014 SECOND INTERNATIONAL CONFERENCE ON ENTERPRISE SYSTEMS (ES) | 2014年

关键词：

information security; cyber security behavior; pilot study; cues to action; self-efficacy;

D O I：

10.1109/ES.2014.66

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

In this pilot study, we have (i) examined the relative importance of ten factors that can be used for developing new training methods and materials to improve employees' awareness and skills to defend against cyber risks, and (ii) investigated the relationship between an explicit security policy at the organizational level and individual employee's behavior and beliefs toward cybersecurity issues. Our results show that an explicit cybersecurity policy does positively affect employee's behavior towards information security risks. The insights drawn from this pilot study can be employed toward encouraging and enhancing employees' cybersecurity behavior both in the workplace and outside the workplace.(1)

引用

页码：169 / 173

页数：5

共 11 条

[1]

[Anonymous], INFORM SYSTEMS J

[2]

[Anonymous], 1983, SOCIAL PSYCHOPHYSIOL

[3]

Cisco Systems, 2008, DAT LEAK WORLDW EFF

[4] Protection motivation and deterrence: a framework for security policy compliance in organisations [J].