Browse > Article

Understanding Security Knowledge and National Culture: A Comparative Investigation between Korea and the U.S  

Kwak, Dong-Heon (Lubar School of Business, University of Wisconsin-Milwaukee)
Kizzier, Donna Mcalister (College of Business and Public Affairs, Morehead State University)
Zo, Hang-Jung (Department of Management Science, Korea Advanced Institute of Science and Technology (KAIST))
Jung, Eui-Sung (Lubar School of Business, University of Wisconsin-Milwaukee)
Publication Information
Asia pacific journal of information systems / v.21, no.3, 2011 , pp. 51-69 More about this Journal
Abstract
Security has been considered one of the most critical issues for managing IT resources in many organizations. Despite a growing interest and extensive research on security at various levels, little research has focused on the comparison of security knowledge levels between different cultures. The current study investigates and compares the security knowledge level between Korea and the U.S. Based on the literature review of spyware, Hofstede's cultural dimensions, and security knowledge, this study identifies three constructs (i.e., security familiarity, spyware awareness, and spyware knowledge) to examine the difference of security knowledge levels between Korea and the U.S. Six hundred ninety-six respondents from Korea and the U.S. participated in the survey, and an in-depth analysis based on analysis of covariance (ANCOVA) was carried out. The results show that the levels of security familiarity, spyware awareness, and spyware knowledge are significantly lower in Korea than in the U.S., as expected. These findings present a significant association between national culture and security knowledge, and the degree of individualism (or collectivism) plays an especially critical role in the perception of security. A number of implications for academia and practitioners emerge. Limitations and future research directions are discussed in the conclusion.
Keywords
IS Management; Security; Spyware; Familiarity; Awareness; Knowledge; Culture; Collectivism; Individualism; Analysis of Covariance (ANCOVA);
Citations & Related Records
연도 인용수 순위
  • Reference
1 Venkatesh, V., Morris, M.G., Davis, F.D., and Davis, G.B., "User Acceptance of Information Technology: Toward a Unified View," MIS Quarterly, Vol. 27, No. 3, 2003, pp. 425-478.   DOI
2 Warkentin, M., Luo, X., and Templeton, G. F., "A Framework for Spyware Assessment," Communication of the ACM, Vol. 48, No. 8, 2005, pp. 79-84.   DOI   ScienceOn
3 Dinev, T., Goo, J., Hu, Q., and Nam, K., "User Behaviour towards Protective Information Technologies: The Role of National Cultural Differences," Information Systems Journal, Vol. 19, No. 4, 2009, pp. 391-412.   DOI   ScienceOn
4 Fishbein, M. and Ajzen, I., Belief, Attitude, Intention and Behavior: An Introduction to Theory and Research, Reading, MA: Addison- Wesley, 1975.
5 Gefen, D., Karahanna, E., and Straub, D.W., "Trust and TAM in Online Shopping: An Integrated Model," MIS Quarterly, Vol. 27, No. 1, 2003, pp. 51-90.   DOI
6 Kogut, B. and Zander, U., "Knowledge of the Firm, Combinative Capabilities and the Replication of Technology," Organization Science, Vol. 3, No. 3, 1992, pp. 383-397.   DOI   ScienceOn
7 Zhang, X., "What Do Consumers Really Know About Spyware?," Communication of the ACM, Vol. 48, No. 8, 2005, pp. 45-48.
8 Gefen, D., Straub, D.W., and Boudreau, M.C., "Structural Equation Modeling and Regression: Guidelines for Research Practice," Communications of AIS, Vol. 4, No. 7, 2000, pp. 1-79.
9 Hair, J.F., Tatham, R.L., Anderson, R.E., and Black, W., Multivariate Data Analysis, 7th ed., Englewood Cliffs, NJ: Prentice-Hall, 2009.
10 Kenyon, H.S., "Spyware Stymies Network Operators," Armed Forces Communications and Electronics Association, Vol. 58, No. 12, 2004, pp. 47-48.
11 Hofstede, G., Geert Hofstede Cultural Dimensions, Retrieved 2010. 12. 12. from http://www. geert-hofstede.com, 2010.
12 Im, G.P. and Baskerville, R.L., "A Longitudinal Study of Information System Threat Categories: The Enduring Problem of Human Error," The DATA BASE for Advances in Information Systems, Vol. 36, No. 4, 2005, pp. 68-79.   DOI
13 Internet World Stat, "World Internet Usage and Population Statistics," Retrieved 2010. 8. 20 from http://www.internetworldstats.com, 2010.
14 Johnston, A.C. and Warkentin, M., "Fear Appeals and Information Security Behaviors: An Empirical Study," MIS Quarterly, Vol. 34, No. 3, 2010, pp. 549-566.   DOI
15 Karahanna, E., Evaristo, J.R., and Srite, M., "Methodological Issues in MIS Cross-Cultural Research," Journal of Global Information Management, Vol. 10, No. 1, 2002, pp. 48-55.   DOI
16 Hofstede, G., Culture's Consequences, 2nd ed., Thousand Oaks, CA: Sage Publications, 2001.
17 Asaravala, A., "Sick of Spam? Prepare for Adware," Wired News, Retrieved 2011. 2. 20 from http://www.wired.com/science/discove ries/news/2004/05/63345, 2004.
18 Hwang, W., Jung, H.-S., and Salvendy, G., "Internationalisation of E-Commerce: A Comparison of Online Shopping Preferences among Korean, Turkish and US populations," Behaviour and Information Technology, Vol. 25, No. 1, 2006, pp. 3-18.   DOI   ScienceOn
19 Alba, J.W. and Hutchinson, J.W., "Dimensions of Consumer Expertise," Journal of Consumer Research, Vol. 13, No. 4, 1987, pp. 411-454.   DOI   ScienceOn
20 Arnett, K.P. and Schmidt, M.B., "Busting the Ghost in the Machine," Communications of the ACM, Vol. 48, No. 8, 2005, pp. 92-95.   DOI   ScienceOn
21 Straub, D. and Welke, R., "Coping with Systems Risk: Security Planning Models for Management Decision Making," MIS Quarterly, Vol. 22, No. 4, 1998, pp. 441-469.   DOI   ScienceOn
22 Baker, W.M., "What's Your Main Technology Concern?," Strategic Finance, December, 2006, pp. 49-54.
23 Bower, G.H. and Hilgard, E.R., Theories of Learning, Englewood Cliffs, NJ: Prentice-Hall, 1981.
24 Kwak, D.-H., Kizzier, D., Zo, H., and Jung, E., "Cross-Cultural Investigation of Security Knowledge Process," International Journal of Business Information Systems, Forthcoming.
25 Lee, Y. and Kozar, K.A., "An Empirical Investigation of Anti-Spyware Software Adoption: A Multi theoretical Perspective," Information and Management, Vol. 45, No. 2, 2008, pp. 109-119.   DOI   ScienceOn
26 Lee, Y. and Kozar, K.A., "Investigating Factors Affecting the Adoption of Antispyware Systems," Communication of the ACM, Vol. 48, No. 8, 2005, pp. 72-77.   DOI   ScienceOn
27 Liang, H. and Xue Y., "Avoidance of Information Technology Threats: A Theoretical Perspective," MIS Quarterly, Vol. 33, No. 1, 2009, pp. 71-90.   DOI
28 Looney, C.A., Akbulut, A.Y., and Poston, R.S., "Understanding the Determinants of Service Channel Preference in the Early Stages of Adoption: A Social Cognitive Perspective on Online Brokerage Services," Decision Sciences, Vol. 39, No. 4, 2008, pp. 821-857.   DOI   ScienceOn
29 Myyry, L., Siponen, M., Pahnila, S., Vartiainen, T., and Vance, A., "What Levels of Moral Reasoning and Values Explain Adherence to Information Security Rules: An Empirical Study," European Journal of Information Systems, Vol. 18, No. 2, 2009, pp. 126-139.   DOI   ScienceOn
30 Page, K. and Uncles, M., "Consumer Knowledge of the World Wide Web: Conceptualization and Measurement," Psychology and Marketing, Vol. 21, No. 8, 2004, pp. 573-591.   DOI   ScienceOn
31 Straub, D., "Effective IS Security: An Empirical Study," Information Systems Research, Vol. 1, No. 3, 1990, pp. 255-276.   DOI
32 Cohen, J.E., "DRM and Privacy," Communications of the ACM, Vol. 46, No. 4, 2003, pp. 46-49.   DOI   ScienceOn
33 Srite, M. and Karahanna, E., "The Role of Espoused National Cultural Values in Technology Acceptance," MIS Quarterly, Vol. 30, No. 3, 2006, pp. 679-704.   DOI
34 Probst, T.M. and Lawler, J., "Cultural Values as Moderators of the Outcomes of Job Insecurity: The Role of Individualism and Collectivism," Applied Psychology: An International Review, Vol. 55, No. 2, 2006, pp. 234-254.   DOI   ScienceOn
35 Rogers, E.M., Diffusion of Innovations, 5th ed., New York, NY: Free Press, 2003.
36 Schmidt, M.B., Johnston, A.C., Arnett, K.P., Chen, J.Q., and Li, S., "A Cross-Cultural Comparison of U.S. and Chinese Computer Security Awareness," Journal of Global Information Management, Vol. 16, No. 2, 2008, pp. 91-103.   DOI
37 Stafford, T.F. and Urbaczewski, A., "Spyware: The Ghost in the Machine," Communications of the AIS, Vol. 14, No. 1, 2004, pp. 291-306.
38 Spring, T., "Striking Back at Spyware," PC World, Vol. 33, No. 1, 2004, pp. 36-38.
39 Sriramachandramurthy, R., Balasubramanian, S., and Hodis, M., "Spyware and Adware: How do Internet Users Defend Themselves?," American Journal of Business, Vol. 24, No. 2, 2009, pp. 41-52.
40 Sung, S., "There is No Cyber Privacy(?)," Digital Contents, April, 2004, pp. 120-128.
41 Computer Security Institute, "CSI Computer Crime and Security Survey 2009," Retrieved 2010. 2. 20, from http://gocsi.com/survey, 2009.
42 Consumer Reports, "Social Insecurity: What Millions of Online Users Don't Know Can Hurt Them," Retrieved 2010. 8. 20 from http:// www.consumerreports.org/cro/magazinearchive/ 2010/june/electronics-computers/ social-insecurity/overview/index.htm, 2010.
43 Cook, T.D. and Campbell, D.T., Quasi Experimentation: Design and Analytical Issues for Field Settings, Chicago, IL: Rand McNally, 1979.
44 Triandis, H.C., "Individualism-Collectivism and Personality," Journal of Personality, Vol. 69, No. 6, 2001, pp. 907-924.   DOI   ScienceOn
45 Sun, L., Srivastava, R.P., and Mock, T.J., "An Information Systems Security Risk Assessment Model Under the Dempster- Shafer Theory of Belief Functions," Journal of Management Information Systems, Vol. 22, No. 4, 2006, pp. 109-142.   DOI   ScienceOn
46 Chen, C.C., Medlin B.D., and Shaw, R.S., "A Cross-Cultural Investigation of Situational Information Security Awareness Programs," Information Management and Computer Security, Vol. 16, No. 4, 2008, pp. 360-376.   DOI   ScienceOn
47 Chen, Y. and Zahedi, F.M., "Internet Users Security Behaviors and Trust," Proceedings of the Pre-ICIS Workshop on Privacy and Security, 2009.
48 Claburn, T., "70 of Top 100 Web Sites Spread Malware," InformationWeek, Retrieved 2011. 2. 20 from http://www.informationweek.com/ news/internet/security/212901775, 2009.
49 Triandis H.C., "The Self and Social Behavior in Differing Cultural Contexts," Psychological Review, Vol. 96, No. 3, 1989, pp. 269-289.
50 Triandis, H.C. and Suh, E.M., "Cultural Influences on Personality," Annual Review of Psychology, Vol. 53, 2002, pp. 133-160.   DOI   ScienceOn
51 Dhillon, G. and Backhouse, J., "Current Directions in IS Security Research: Towards Socio-Organizational Perspectives," Information Systems Journal, Vol. 11, No. 2, 2001, pp. 127-153.   DOI   ScienceOn
52 Dinev, T. and Hu, Q., "The Centrality of Awareness in the Formation of User Behavioral Intention toward Protective Information technology," Journal of the Association for Information Systems, Vol. 8, No. 7, 2007, pp. 386-408.   DOI