Journal of Digital Convergence (디지털융복합연구)

The Society of Digital Policy and Management (한국디지털정책학회)
권호 표지
DOI QR코드

DOI QR Code

Analysis of the effects of self-control and organization-control on information security attitude

자기통제 차원과 조직통제 차원이 정보보안 태도에 미치는 영향 분석

  • Hu, Sung-ho (Department of Psychology, Chung-Ang University) ;
  • Hwang, In-ho (College of General Education, Kookmin University)
  • Received : 2021.06.17
  • Accepted : 2021.08.20
  • Published : 2021.08.28
Download PDF
⟨ Previous Next ⟩

Abstract

This paper aims to confirm the effect of self-control and organization-control on information security attitude. The research method is composed of a cross-design of locus of control and tightness culture. The measurement variables used in the assessment are information security actual attitude, compliace behavioral attitude, and information security efficacy. As a result, the locus of control had a significant effect on information security actual attitude, information security efficacy, information security efficacy, and it was found that influence of the internal-based condition was greater than the external-based condition. The tightness culture had a significant effect on compliace behavioral attitude, information security efficacy, and it was found that influence of the tight culture-based condition was greater than the loose culture-based condition. In addition, the discussion contatins the implications of information security direction that reflect these research results.

본 연구의 목적은 자기통제 차원의 통제 소재 차원과 조직통제 차원의 경직성 문화 차원이 정보보안 태도에 미치는 영향력을 확인하는 것이다. 연구는 통제 소재와 경직성 문화의 교차방안으로 구조화되었고, 정보보안 태도는 정보보안 실제 태도, 준수행동 태도, 정보보안 효능감의 세 가지 변수들로 이루어졌다. 연구 결과, 통제 소재 차원이 정보보안 태도에 끼치는 효과는 통계학적으로 유의미한 것으로 실증되었다. 즉, 정보보안 실제 태도, 준수행동 태도, 정보보안 효능감에 영향력을 미치고 있었으며, 내적통제 조건의 영향이 외적통제 조건보다 더 큰 것으로 실증되었다. 두 번째로 경직성 문화 차원이 정보보안 태도에 끼치는 효과는 통계학적으로 유의미한 것으로 실증되었다. 즉, 준수행동 태도, 정보보안 효능감에 영향력을 미치고 있었으며, 경직된 문화 조건의 영향이 느슨한 문화 조건보다 더 큰 것으로 실증되었다. 아울러, 논의점은 이러한 결과들을 중심으로 정보보안에 요구되는 내용들을 중심으로 학술적, 제도적 지향성을 설명하였다.

Keywords

Acknowledgement

This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (NRF-2018R1D1A1B07050305)

References

  1. G. V. Research. (2019). Home Textiles Market Size, Share & Trends Analysis Report by Product (Carpets & Floor Covering, Bathroom Linen, Bedroom Linen), By Region, By Distribution Channel (Retail Outlet, Online), And Segment Forecasts, 2019 - 2025. https://www.globenewswire.com
  2. R. W. Lee, I. H. Hwang & S. H. Hu. (2017). Exploratory research of information security strategy focused on human factors. The Journal of General Education, 6, 103-124. https://doi.org/10.24173/jge.2017.12.6.4
  3. J. D'Arcy & P.-L. Teh. (2019). Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress, emotions, and neutralization. Information & Management, 56(7), 103151. DOI : 10.1016/j.im.2019.02.006
  4. Verizon. (2020). 2020 data breach investigations report. Richmod, Texas.
  5. I. Corradini, (2020). Security: Human Nature and Behaviour. Springer.
  6. M. L. Foulds. (1971). Changes in locus of internal-external control: A growth group experience. Comparative Group Studies, 2(3), 293-300. DOI : 10.1177/104649647100200303
  7. S. A. Stumpf & M. London. (1981). Management promotions: Individual and organizational factors influencing the decision process. Academy of Management Review, 6(4), 539-549. https://doi.org/10.5465/AMR.1981.4285668
  8. S. J. Lee & H. Lina Kim. (2018). Roles of perceived behavioral control and self-efficacy to volunteer tourists' intended participation via theory of planned behavior. International Journal of Tourism Research, 20(2), 182-190. DOI : 10.1002/jtr.2171
  9. L. Tredinnick. (2008). Digital information culture: the individual and society in the digital age. Amsterdam : Elsevier.
  10. M. J. Gelfand, L. H. Nishii & J. L. Raver. (2006). On the nature and importance of cultural tightness-looseness. Journal of Applied Psychology, 91(6), 1225-1244. DOI : 10.1037/0021-9010.91.6.1225
  11. S. H. Schwartz. (1990). Individualism-collectivism: Critique and proposed refinements. Journal of cross-cultural psychology, 21(2), 139-157. https://doi.org/10.1177/0022022190212001
  12. E. Hartono, C. W. Holsapple, K.-Y. Kim, K.-S. Na & J. T. Simpson. (2014). Measuring perceived security in B2C electronic commerce website usage: A respecification and validation. Decision Support Systems, 62, 11-21. https://doi.org/10.1016/j.dss.2014.02.006
  13. T. Herath & H. R. Rao. (2009). Protection motivation and deterrence: a framework for security policy compliance in organisations. European Journal of Information Systems, 18(2), 106-125. https://doi.org/10.1057/ejis.2009.6
  14. P. Ifinedo. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83-95. DOI : 10.1016/j.cose.2011.10.007
  15. M. Siponen, M. A. Mahmood & S. Pahnila. (2014). Employees' adherence to information security policies: An exploratory field study. Information & Management, 51(2), 217-224. https://doi.org/10.1016/j.im.2013.08.006
  16. P. Ifinedo. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51(1), 69-79. DOI : 10.1016/j.im.2013.10.001
  17. N. S. Safa, M. Sookhak, R. Von Solms, S. Furnell, N. A. Ghani & T. Herawan. (2015). Information security conscious care behaviour formation in organizations. Computers & Security, 53, 65-78. DOI : 10.1016/j.cose.2015.05.012
  18. J. Kaur & N. Mustafa, (2013). Examining the effects of knowledge, attitude and behaviour on information security awareness: A case on SME. IEEE.
  19. I. H. Hwang & S. H. Hu. (2018). A Study on the Influence of Information Security Compliance Intention of Employee: Theory of Planned Behavior, Justice Theory, and Motivation Theory Applied. Journal of Digital Convergence, 16(3), 225-236. DOI : 10.14400/JDC.2018.16.3.225
  20. M. Chan, I. Woon & A. Kankanhalli. (2005). Perceptions of information security in the workplace: linking information security climate to compliant behavior. Journal of information privacy and security, 1(3), 18-41. https://doi.org/10.1080/15536548.2005.10855772
  21. B. Khan, K. S. Alghathbar, S. I. Nabi & M. K. Khan. (2011). Effectiveness of information security awareness methods based on psychological theories. African Journal of Business Management, 5(26), 10862-10868. DOI : 10.5897/AJBM11.067
  22. I. H. Hwang & S. H. Hu. (2021). A Study on the Information Security Related Organizational Citizenship Behavior : From Prospect Theory and Goal Orientation Theory Perspective. Journal of Digital Convergence, 19(1), 89-97. https://doi.org/10.14400/JDC.2021.19.1.089