Abstract

This study proposes and examines a multidimensional definition of information security awareness. We also investigate its antecedents and analyze its effects on compliance with organizational information security policies. The above research goals are tested through the theoretical lens of technology threat avoidance theory and protection motivation theory. Information security awareness is defined as a second-order construct composed of the elements of threat and coping appraisals supplemented by the responsibilities construct to account for organizational environment. The study was executed in two stages. First, the participants (employees of a municipality) were exposed to a series of phishing messages. Second, the same individuals were asked to participate in a survey designed to examine their security awareness. The research model was tested using PLS-SEM approach. The results indicate that security awareness is in fact a second-order formative construct composed of six components. There are significant differences in security awareness levels between the victims of the phishing experiment and the employees who maintain compliance with security policies. Our study extends the theory by proposing and validating a general, yet practical definition of security awareness. It also bridges the gap between theory and practice - our contextualization of security awareness draws heavily on both fields.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Enhancing Information Security Process in Organisations in Qatar
Aisha Khalid Al-Hamar
-
Aisha Khalid Al-HamarAisha Khalid Al-Hamar
01 Jan 2015
Strategy to Improve Employee Security Awareness at Information Technology Directorate Bank XYZ
Halida Ernita ... Desiana Nurul Maftuhah
Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) | VOL. 6
Halida Ernita, et. al.Halida Ernita ... Desiana Nurul Maftuhah
22 Aug 2022
Chapter 7 - Understanding users' information security awareness and intentions: A full nomology of protection motivation theory
Farkhondeh Hassandoust ... Angsana A Techatassanasoontorn
Cyber Influence and Cognitive Threats | VOL. -
Farkhondeh Hassandoust, et. al.Farkhondeh Hassandoust ... Angsana A Techatassanasoontorn
20 Sep 2019
The impact of information richness on information security awareness training effectiveness
R.S Shaw ... Hui-Jou Huang
Computers & Education | VOL. 52
R.S Shaw, et. al.R.S Shaw ... Hui-Jou Huang
15 Aug 2008
View more papers

More From: ACM SIGMIS Database: the DATABASE for Advances in Information Systems

Paper Title
Journal
Date
Author
Too Small to Succeed: Small Samples and the p-Value Problem
Miguel I Aguirre-Urreta ... Cameron N Mcintosh
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Miguel I Aguirre-Urreta, et. al.Miguel I Aguirre-Urreta ... Cameron N Mcintosh
31 Jul 2024
Historical Performance Gap, Readiness of Government, and Open Data Quality: Transnational Empirical Analysis Based on Performance Feedback Theory
Xianyin Meng ... Bo Fan
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Xianyin Meng, et. al.Xianyin Meng ... Bo Fan
31 Jul 2024
Attracting IT Talent: A Kano Analysis of Employer Attributes
Caroline Ernestine Oehlhorn ... Tim Weitzel
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Caroline Ernestine Oehlhorn, et. al.Caroline Ernestine Oehlhorn ... Tim Weitzel
31 Jul 2024
Promoting Ethical Use of Generative AI in Education
Xuefei (Nancy) Deng ... K.D Joshi
ACM SIGMIS Database: the DATABASE for Advances in Information Systems | VOL. 55
Xuefei (Nancy) Deng, et. al.Xuefei (Nancy) Deng ... K.D Joshi
31 Jul 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.