Deterrence and leadership factors: Which are important for information security policy compliance in the hotel industry

Abstract

Hotels have developed information security policies to deal with information security incidents, and managers are interested in how to enhance employees' compliance with these policies. This study examines how deterrence perception and managers' leadership influence employees' intention to comply with information security policies. Two rounds of surveys were conducted to collect data from Chinese hotel employees. The results show that perceived deterrent certainty has a positive effect. On the other hand, ethical leadership has a significant indirect effect with the second-round compliance intention. Abusive supervision does not have positive effects, even when managers' intent is motivational. Our study is among the first to examine the effect of managers' leadership on information security compliance intentions in the hotel industry. Our study also provides important strategic guidelines for by informing hotel managers that ethical leadership should be practiced as a means of enhancing employees' information security policy compliance.