Browse > Article
http://dx.doi.org/10.15207/JKCS.2021.12.1.211

Analysis of the effects of Information Security Awareness, Response Efficacy, and Compliance Behavioral Intention on Information Security Behavior: Focursing on Availability and Culture  

Hu, Sung-ho (Department of Psychology, Chung-Ang University)
Hwang, In-ho (Department of General Education, Kookmin University)
Publication Information
Journal of the Korea Convergence Society / v.12, no.1, 2021 , pp. 211-218 More about this Journal
Abstract
This study is composed of a convergence research design plan as the necessity of information security field dealing with human factors are raised. The purpose of this study is to analyze the effectiveness of the aspect of information security on the cognitive process related to security policy. The research method consisted of the cross-design of the availability dimension and the culture dimension, and the information security process was measured with information security awareness, response efficacy, compliance behavioral intention, and information security behavior. As a result of the study, the dimension of availability had a significant effect on response efficacy, and it was found that the influence of the case-based condition was greater than that of the statistics-based condition. The cultural dimension had a significant effect on information security awareness, response efficacy, compliance behavioral intention, and information security behavior, and the influence of the homogeneity condition was found to be greater than that of the diversity condition. The proposed research model was verified as a multiple mediation model reconstructed with measurement variables. In addition, the discussion describes the necessity of an information security strategy in consideration of individual factors and organizational characteristics.
Keywords
Availability theory; Culture theory; Information security awareness; Response efficacy; Compliance behavioral intention; Information security behavior;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Grandviewresearch. (2019). Cyber security market size, share & trends analysis report by component, by security type, by solution, by service, by deployment, by organization, by application, and segment Forecasts, 2019 - 2025. https://www.globenewswire.com.
2 L. Tredinnick. (2008). Digital information culture: the individual and society in the digital age, Amsterdam : Elsevier.
3 A. AlHogail. (2015). Design and validation of information security culture framework. Computers in human behavior, 49, 567-575. DOI : 10.1016/j.chb.2015.03.054   DOI
4 B. Khan, K. S. Alghathbar, S. I. Nabi & M. K. Khan. (2011). Effectiveness of information security awareness methods based on psychological theories. African Journal of Business Management, 5(26), 10862-10868. DOI : 10.5897/AJBM11.067
5 M. L. Foulds. (1971). Changes in locus of internal-external control: A growth group experience. Comparative Group Studies, 2(3), 293-300. DOI : 10.1177/104649647100200303   DOI
6 S. A. Stumpf & M. London. (1981). Management promotions: Individual and organizational factors influencing the decision process. Academy of Management Review, 6(4), 539-549.   DOI
7 A. Tversky & D. Kahneman. (1973). Availability: A heuristic for judging frequency and probability. Cognitive psychology, 5(2), 207-232.   DOI
8 W. E. Watson, K. Kumar & L. K. Michaelsen. (1993). Cultural diversity's impact on interaction process and performance: Comparing homogeneous and diverse task groups. Academy of management journal, 36(3) 590-602.   DOI
9 B. Bulgurcu, H. Cavusoglu & I. Benbasat. (2010). Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS quarterly, 34(3), 523-548.   DOI
10 Verizon. (2020). 2020 data breach investigations report.
11 S. Z. ul Abdin, O. Farooq, N. Sultana & M. Farooq. (2017). The impact of heuristics on investment decision and performance: Exploring multiple mediation mechanisms. Research in International Business and Finance, 42, 674-688. DOI : 10.1016/j.ribaf.2017.07.010   DOI
12 M. Siponen, S. Pahnila & M. A. Mahmood. (2010). Compliance with information security policies: An empirical investigation. Computer, 43(2), 64-71. DOI : 10.1109/MC.2010.35   DOI
13 M. Workman, W. H. Bommer & D. Straub. (2008). Security lapses and the omission of information security measures: A threat control model and empirical test. Computers in human behavior, 24(6), 2799-2816. DOI : 10.1016/j.chb.2008.04.005   DOI
14 P. Ifinedo. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51(1), 69-79. DOI : 10.1016/j.im.2013.10.001   DOI
15 A. E. Howe, I. Ray, M. Roberts, M. Urbanska & Z. Byrne, (2012). The psychology of security for the home computer user. IEEE.
16 P. Ifinedo. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers & Security, 31(1), 83-95. DOI : 10.1016/j.cose.2011.10.007   DOI
17 I. H. Hwang & S. H. Hu. (2018). A Study on the Influence of Information Security Compliance Intention of Employee: Theory of Planned Behavior, Justice Theory, and Motivation Theory Applied. Journal of Digital Convergence, 16(3), 225-236. DOI : 10.14400/JDC.2018.16.3.225   DOI
18 I. H. Hwang & S. H. Hu. (2020). A study on the information security compliance and non-compliance causes of organization employees. Journal of the Korea Convergence Society, 11(9), 229-242. DOI : 10.15207/JKCS.2020.11.9.229   DOI
19 R. W. Lee, I. H. Hwang & S. H. Hu. (2017). Exploratory research of information security strategy focused on human factors. The Journal of General Education, 6, 103-124.   DOI
20 S. H. Hu. (2020). Analysis of the impact of military organization's safety culture on safety behavior: Focusing on the mediating effect of safety leadership. Journal of Advances in Military Studies, 3(2), 63-81. DOI : 10.37944/jams.v3i2.70   DOI
21 H. Lee & J. Kim. (2018). A convergence study on the structural relationships among emotional labor and work performance of information security professionals. Journal of the Korea Convergence Society, 9(1), 67-74. DOI : 10.15207/JKCS.2018.9.1.067.   DOI
22 J. D-Arcy & P. L. Teh. (2019). Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress, emotions, and neutralization. Information & Management, 56(7), 103151. DOI : 10.1016/j.im.2019.02.006.   DOI
23 I. Hwang, R. Wakefield, S. Kim & T. Kim. (2019). Security awareness: The first step in information security compliance behavior. Journal of Computer Information Systems, 1-12. DOI: 10.1080/08874417.2019.1650676   DOI