Browse > Article
http://dx.doi.org/10.5762/KAIS.2016.17.5.538

An empirical study on the relationship of personal optimistic bias and information security awareness and behavior in the activity of information ethics  

Choi, Jong-Geun (Division of Management Information, Seoul Venture University)
Che, Myung-Shin (Division of Fusion Industry, Seoul Venture University)
Publication Information
Journal of the Korea Academia-Industrial cooperation Society / v.17, no.5, 2016 , pp. 538-547 More about this Journal
Abstract
With respect to the factors affecting information security awareness and behavior, the study of the relevance of the concept of optimistic bias is actively used in psychology. In other words, this study examines whether the optimistic bias of individuals affects information security in the field. In this sense, this study attempted to demonstrate the relevance of optimistic bias in information security behavior and awareness. A questionnaire survey was conducted targeting 111 people engaged in domestic private enterprises. The survey results showed that this personalized optimistic bias exists because of empirical factors related to personal security. Optimistic bias affects the security awareness information. The greater the optimistic bias, the lower the awareness and recognition of information security. In other words, optimistic bias affects information security awareness. Reducing the effects of optimistic bias is expected to reduce information security incidents, such as information leakages. However, the variety of information related ethical activities of a company did not have any effect on the information security awareness. Most previous studies have only examined the effect optimistic bias in the field of health. Therefore, this study fills an important gap in research in IT.
Keywords
Information Ethics; Information Security; Information Security Activisity; Information Security Awareness; Optimistic Bias;
Citations & Related Records
연도 인용수 순위
  • Reference
1 N. D. T. Weinstein and Klein, D. J."Effects of Mood on High Elaboration Attitude Change: The Mediating Role of Likelihood Judgments. European Journal of Social Psychology, Vol. 24, No. 2, pp. 25-43, 1994.   DOI
2 K. D. Loch, H. C. Houston and E. W. Merrill. "Threats to Information Systems: Today's Reality, Yesterday's Understanding." Mis Quarterly, Vol. 16, No. 2, pp. 173-186, 1992.   DOI
3 The Federation of Korean Information Industries. Information Ethics andDigital Socity, 2005
4 M. J. Back, "A Study on the Effect of Information Ethics on the Performance of Information Security in Organization", 2010 Information Policy, 2010
5 M. Kabay, "Psychosocial Factors in the Implementation of Information Security Policy." EDPACS: The EDP Audit, Control, and Security Newsletter, Vol. 21. No. 10, pp. 1-10, 1994.   DOI
6 S.J.Lee and M. J. Lee "An Exploratory Study on the Information Security Culture Indicator", Information Policy Vol. 15, No. 3, pp. 100-119, 2008.
7 N. Choi, D. Kim, and A. Whitmore, Knowing Is Doing, Information Management & Computer Security, Vol. 16, No. 5, pp. 484-501, 2008.   DOI
8 E. Berkman, "How to Staff Up for Security." CIO Magazine, Vol. 15, 2002.
9 J. G. Kim and D. Y. Kang, "The Effects of Security Policies, Security Awareness and Indivisual Characterics on Password Security Effctiveness." Institute of Security & Cryptolog, Vol. 18, No. 4, pp.123-133. 2008.
10 M. A. Pierce and J. W. Henry. "Computer ethics: The Role of Personal, Informal, and Formal Codes." Journal of Business Ethics, Vol. 15, No. 4, pp. 425-437, 1996.   DOI
11 E. Cohen and L. Cornwell. "College Students Believe Piracy Is Acceptable." CIS Educator Forum. Vol. 1. No. 3. 1989.
12 K. H. Hong and J. D. Kim. "National Standard on Information Security in ISO." Institute of Security & Cryptolog Vol. 14.No. 2 pp. 1-5, 2004
13 J. Park, B. Kim and S. Joo, "Primary factors affecting corporate employees' attitudes toward information security," The Studies of Management Vol. 40, No. 4, pp. 955-985, 2011년.
14 N. D. T. Weinstein, "Unrealistic Optimism about Future Life Events," Journal of Personality and Social Psychology, Vol. 39, No. 5, pp. 806-820, 1980.   DOI
15 M.J. Han "Optimistic Bias on the Crisis of Smoking healthy," Korean Association for Broadcasting & Telecommunication Studies, 1999.
16 V. Hoorens "Self-favoring Biases for Positive and Negative Characteristics: Independent Phenomena?." Journal of Social and Clinical Psychology Vol. 15, No. 1 pp. 53, 1996.   DOI
17 B.C.Kim and D.G. Lee. "Optimistic Bias in Crisis of Company," Core Association for AD & PR, Vol. 8, No. 2, pp. 82-105. 2006.
18 J. R. Chapin, Optimistic Bias Regarding Campus Violence, Current Research in Social Psychology, Vol. 6, No. 16, pp. 237-251, 2000.
19 C. T. Salmon, H. S. Park, and B. J. Wrigley. "Optimistic Bias and Perceptions of Bioterrorism in Michigan Corporate Spokespersons, Fall 2001." Journal of Health Communication, Vol. 8. No. 1, pp. 130-143, 2003.   DOI
20 A. Acquisti "Privacy in Electronic Commerce and the Economics of Immediate Gratification," Proceedings of the 5th ACM conference on Electronic commerce, New York, NY. pp. 21-29. 2004.
21 H. S. Rhee, Y. Ryu, and C. T. Kim. "I Am Fine but You Are Not: Optimistic Bias and Illusion of Control on Information Security." ICIS 2005 Proceedings, 2005.
22 L. S. Perloff, Social Comparison and Illusion of Invulnerability to Negative Life Events, In Snyder. C. R. and Ford, C., Coping with Negative Life Effects: Clinical and Social Psychological Perspectves on Negative Life Event. Plenum Press. 1987
23 L. Sjoberg, and J. Fromm, "Information Technology Risks as Seen by the Public" Risk Analysis. Vol. 21. No. 3, pp. 427-441, 2001.   DOI
24 Ernst & Young "Global Information Security Service," White Paper, Ernst & Young, 2004
25 T. Layton, Information Security Awareness: the Psychology Behind the Technology, Author House, 2005.
26 AOL/NCSA. "AOL/NCSA Online Safe Study" Research Report, American Online and the National Cyber Security Alliance, October, 2004
27 L. C. Schaupp and L. Carter " The impact of trust, risk and optimism bias on E-file adoption" Informatio" Information Systems Frontiers, Volume 12, Issue 3, pp299-309, 2010,   DOI
28 C. H. Lim. "The method of Effective Information Security Awarness," Institute of Security & Cryptolog, Vol. 16, No. 2, pp. 30-35. 2006.