Impacts of security climate on employees’ sharing of security advice and troubleshooting: Empirical networks

Abstract

While extant research has studied the motivations of individualistic security compliance, this study explains what motivates employees to share security advice and troubleshoot with others. We argue that such findings are crucial for the development of people-centric security workplaces, where desirable security behaviors are disseminated amongst the employees. In this research, we applied network analysis techniques to perform two tasks. First, we explored the structural patterns of employees’ sharing of security advice and troubleshooting. Second, we evaluated the effects of security climate perceptions, perceived accountability, and personal attributes on those sharing activities. While the sharing network was found to be thin and sparse, perceptions of a direct supervisor's security practices and accountability for security tasks can increase sharing. Age, seniority, and tenure—as well as having the same gender and department membership—can also motivate sharing. In contrast, security climate perceptions of coworkers and top management's security practices were found to discourage sharing. Our practical recommendations focus on strategies to maximize security engagement in the workplace. Potential ideas for future research are also discussed in detail. Most importantly, we hope to offer this research as the foundation for future network studies in the behavioral security field.