In their own words: employee attitudes towards information security. (9th July 2018)
- Record Type:
- Journal Article
- Title:
- In their own words: employee attitudes towards information security. (9th July 2018)
- Main Title:
- In their own words: employee attitudes towards information security
- Authors:
- Ashenden, Debi
- Abstract:
- Abstract : Purpose: The purpose of this study is to uncover employee attitudes towards information security and to address the issue of social acceptability bias in information security research. Design/methodology/approach: The study used personal construct psychology and repertory grids as the foundation for the study in a mixed-methods design. Data collection consisted of 11 in-depth interviews followed by a survey with 115 employee responses. The data from the interviews informed the design of the survey. Findings: The results of the interviews identified a number of themes around individual responsibility for information security and the ability of individuals to contribute to information security. The survey demonstrated that those employees who thought the that organisation was driven by the need to protect information also thought that the risks were overstated and that their colleagues were overly cautious. Conversely, employees who thought that the organisation was driven by the need to optimise its use of information felt that the security risks were justified and that colleagues took too many risks. Research limitations/implications: The survey findings were not statistically significant, but by breaking the survey results down further across business areas, it was possible to see differences within groups of individuals within the organisation. Originality/value: The literature review highlights the issue of social acceptability bias and the problem ofAbstract : Purpose: The purpose of this study is to uncover employee attitudes towards information security and to address the issue of social acceptability bias in information security research. Design/methodology/approach: The study used personal construct psychology and repertory grids as the foundation for the study in a mixed-methods design. Data collection consisted of 11 in-depth interviews followed by a survey with 115 employee responses. The data from the interviews informed the design of the survey. Findings: The results of the interviews identified a number of themes around individual responsibility for information security and the ability of individuals to contribute to information security. The survey demonstrated that those employees who thought the that organisation was driven by the need to protect information also thought that the risks were overstated and that their colleagues were overly cautious. Conversely, employees who thought that the organisation was driven by the need to optimise its use of information felt that the security risks were justified and that colleagues took too many risks. Research limitations/implications: The survey findings were not statistically significant, but by breaking the survey results down further across business areas, it was possible to see differences within groups of individuals within the organisation. Originality/value: The literature review highlights the issue of social acceptability bias and the problem of uncovering weakly held attitudes. In this study, the use of repertory grids offers a way of addressing these issues. … (more)
- Is Part Of:
- Information and computer security. Volume 26:Number 3(2018)
- Journal:
- Information and computer security
- Issue:
- Volume 26:Number 3(2018)
- Issue Display:
- Volume 26, Issue 3 (2018)
- Year:
- 2018
- Volume:
- 26
- Issue:
- 3
- Issue Sort Value:
- 2018-0026-0003-0000
- Page Start:
- 327
- Page End:
- 337
- Publication Date:
- 2018-07-09
- Subjects:
- Attitudes -- Information security -- Personal construct psychology -- Social acceptability bias
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-04-2018-0042 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 7156.xml