Bringing a background variable into focus: a multimethod investigation of IT security climate’s influence on elicited IT security beliefs

Abstract

PurposeIT security breaches plague organizations worldwide, yet there continues to be a paucity of comprehensive research models for protective technologies. This study aims to develop an IT security user behavior model focusing on the protective technology anti-spyware which includes organizational climate, a theory of planned behavior (TPB) background variable and elicited salient user beliefs.Design/methodology/approachA multimethod approach, including interviews and a survey, is used to elicit salient user beliefs and test hypotheses of the influences of perceived IT security climate on those user beliefs and ultimately user behavioral intentions. Primary data were collected through interviews following the prescribed TPB methodology and an offline survey method with 254 valid responses recorded. Partial least squares was used to investigate the hypotheses.FindingsThe authors found that attitudinal beliefs – protecting organizational interests for data/privacy, preventing disruptions to work and control beliefs – monetary resources and time constraints mediate significant relationships between IT security climate and attitude and perceived behavioral control, respectively. Implications are discussed.Originality/valueThis study is the first, to the best of the authors’ knowledge, that uses both interviews and a survey to examine the relationships among IT security climate, elicited user beliefs and behavioral intentions in a TPB-based model for a protective technology.