Browse > Article
http://dx.doi.org/10.9723/jksiis.2021.26.2.027

The Influence of Individual's Coping Style and Organizational Culture on Information Security of Employee  

Hwang, Inho (국민대학교 교양대학)
Publication Information
Journal of Korea Society of Industrial Information Systems / v.26, no.2, 2021 , pp. 27-41 More about this Journal
Abstract
The purpose of this study is to prove the relationship of the influence of individual behavior style and organizational culture structure on the information security cognitive factors of employees. The study conducts cross-design by dividing individual characteristics into task coping and emotion coping, and organizational culture into collectivism and individualism. Information security factors consisted of information security awareness, perceived vulnerability, response efficacy, and compliance behavior. As a result of the study, it was confirmed that both personal coping style and organizational culture had an influence on the all cognitive factors of information security. In addition, information security awareness was found to influence compliance behavior through perceived vulnerability and response efficacy. The implications of the study were to confirm the difference in the impact on the compliance behavior according to the individual coping style and organizational culture, and to present the precedent factors for improving the compliance behavior. In other words, the research suggests the information security strategy direction for each individual-organizational dimension.
Keywords
Coping; Organizational Culture; Security Awareness; Perceived Vulnerability; Response Efficacy; Compliance Behavior;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Jung, H. S. and Yoon, H. H. (2015). Understanding Regulatory Focuses: The Role of Employees' Regulatory Focus in Stress Coping Styles, and Turnover Intent to a Five-star Hotel, International Journal of Contemporary Hospitality Management, 27(2), 283-307. DOI : 10.1108/IJCHM-07-2013-0288.   DOI
2 Kim, J., Kim. K. and Park, H. (2018). The Impact of Family-Friendly Corporate Culture on Employees' Behavior, Journal of the Korea Industrial Information Systems Research. 23(2), 75-92. DOI : 10.9723/jksiis.2018.23.2.075.   DOI
3 Loch, K. D., Carr, H. H. and Warkentin, M. E. (1992). Threats to Information Systems: Today's Reality, Yesterday's Understanding, MIS Quarterly, 16(2), 173-186. DOI : 10.2307/249574.   DOI
4 Grand View Research. (2020). Cyber Security Market Size, Share & Trends Analysis Report By Component, By Security Type, By Solution, By Service, By Deployment, By Organization, By Application, By Region, And Segment Forecasts, 2020 - 2027.
5 Triandis, H. C. (1995). Individualism and Collectivism, Boulder, CO: Westview Press.
6 Hu, Q., Dinev, T., Hart, P. and Cooke, D. (2012). Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture, Decision Sciences, 43(4), 615-660. DOI : 10.1111/j.1540-5915.2012.00361.x.   DOI
7 Higgins, J. E. and Endler, N. S. (1995). Coping, Life Stress, and Psychological and Somatic Distress, European Journal of Personality, 9(4), 253-270.   DOI
8 Mamonov, S. and Benbunan-Fich, R. (2018). The Impact of Information Security Threat Awareness on Privacy-Protective Behaviors, Computers in Human Behavior, 83, 32-44. DOI : 10.1016/j.chb.2018.01.028.   DOI
9 Mannix, E. A., Neale, M. A. and Northcraft, G. B. (1995). Equity, Equality, or Need? The Effects of Organizational Culture on the Allocation of Benefits and Burdens, Organizational Behavior and Human Decision Processes, 63(3), 276-286. DOI : 10.1006/obhd.1995.1079.   DOI
10 Markus, H. R. and Kitayama, S. (1991). Culture and the Self: Implications for Cognition, Emotion, and Motivation, Psychological Review, 98(2), 224-253. DOI : 10.1037/0033-295X.98.2.224.   DOI
11 Medvene, L. J., Teal, C. R. and Slavich, S. (2000). Including the Other in Self: Implications for Judgments of Equity and Satisfaction in Close Relationships, Journal of Social and Clinical Psychology, 19(3), 396-419. DOI : 10.1521/jscp.2000.19.3.396.   DOI
12 Park, K. (2019). A Study on the Influence of the Perception of Personal Information Security of Youth on Security Attitude and Security Behavior, Journal of the Korea Industrial Information Systems Research, 24(4), 79-98. DOI : 10.9723/jksiis.2019.24.4.079.   DOI
13 Merhi, M. I. and Ahluwalia, P. (2019). Examining the Impact of Deterrence Factors and Norms on Resistance to Information Systems Security, Computers in Human Behavior, 92, 37-46. DOI : 10.1016/j.chb.2018.10.031.   DOI
14 Nunnally. J. C. (1978). Psychometric Theory (2nd ed.). New York: McGraw-Hill.
15 Park, E. H., Kim, J. and Park, Y. S. (2017). The Role of Information Security Learning and Individual Factors in Disclosing Patients' Health Information, Computers & Security, 65, 64-76. DOI :10.1016/j.cose.2016.10.011.   DOI
16 Posey, C., Roberts, T. L. and Lowry, P. B. (2015). The Impact of Organizational Commitment on Insiders' Motivation to Protect Organizational Information Assets. Journal of Management Information Systems, 32(4), 179-214. DOI : 10.1080/07421222.2015.1138374   DOI
17 Safa, N. S., Maple, C., Furnell, S., Azad, M. A., Perera, C., Dabbagh, M., & Sookhak, M. (2019). Deterrence and Prevention-based Model to Mitigate Information Security Insider Threats in Organisations, Future Generation Computer Systems, 97, 587-597. DOI : 10.1016/j.future.2019.03.024.   DOI
18 Siponen, M., Mahmood, M. A. and Pahnila, S. (2014). Employees' Adherence to Information Security Policies: An Exploratory Field Study, Information & Management, 51(2), 217-224. DOI : 10.1016/j.im.2013.08.006.   DOI
19 Ahmad, Z., Ong, T. S., Liew, T. H. and Norhashim, M. (2019). Security Monitoring and Information Security Assurance Behaviour among Employees, Information & Computer Security. 27(2), 165-188. DOI : 10.1108/ICS-10-2017-0073   DOI
20 Kim, S. S. and Kim, Y. J. (2017). The Effect of Compliance Knowledge and Compliance Support Systems on Information Security Compliance Behavior, Journal of Knowledge Management. 21(4), 986-1010. DOI : 10.1108/JKM-08-2016-0353.   DOI
21 Ifinedo, P. (2012). Understanding Information Systems Security Policy Compliance: An Integration of the Theory of Planned Behavior and the Protection Motivation Theory, Computers & Security, 31(1), 83-95. DOI : 10.1016/j.cose.2011.10.007.   DOI
22 Soh, H. and Kim, J. (2017). Influence of Information Security Activities of Financial Companies on Information Security Awareness and Information Security Self Confidence : Focusing on the Mediating Effect of Information Security Awareness, Journal of the Korea Industrial Information Systems Research, 22(4), 45-64. DOI : 10.9723/jksiis.2017.22.4.045   DOI
23 Sommestad, T., Karlzen, H. and Hallberg, J. (2015). The Sufficiency of the Theory of Planned Behavior for Explaining Information Security Policy Compliance, Information & Computer Security. 23(2), 200-217. DOI : 10.1108/ICS-04-2014-0025.   DOI
24 Vance, A., Siponen, M. and Pahnila, S. (2012). Motivating IS Security compliance: Insights from Habit and Protection Motivation Theory, Information & Management, 49(3-4), 190-198. DOI : 10.1016/j.im.2012.04.002.   DOI
25 Boss, S., Galletta, D., Lowry, P. B., Moody, G. D. and Polak, P. (2015). What Do Systems Users have to Fear? Using Fear Appeals to Engender Threats and Fear that Motivate Protective Security Behaviors, MIS Quarterly, 39(4), 837-864.   DOI
26 Bulgurcu, B., Cavusoglu, H. and Benbasat, I. (2010). Information Security Policy Compliance: An Empirical Study of Rationality-based Beliefs and Information Security Awareness, MIS Quarterly, 34(3), 523-548.   DOI
27 Chou, H. L. and Chou, C. (2016). An Analysis of Multiple Factors Relating to Teachers' Problematic Information Security Behavior, Computers in Human Behavior, 65, 334-345. DOI : 10.1016/j.chb.2016.08.034.   DOI
28 Endler, N. S. and Parker, J. D. (1994). Assessment of Multidimensional Coping: Task, Emotion, and Avoidance Strategies, Psychological Assessment, 6(1), 50-60.   DOI
29 Flores, W. R. and Ekstedt, M. (2016). Shaping Intention to Resist Social Engineering through Transformational Leadership, Information Security Culture and Awareness, Computers & Security, 59, 26-44. DOI :10.1016/j.cose.2016.01.004.   DOI
30 Folkman, S. and Lazarus, R. S. (1985). If It Changes It Must Be a Process: Study of Emotion and Coping during Three Stages of a College Examination, Journal of Personality and Social Psychology, 48(1), 150-170.   DOI
31 Verizon. (2020). Data Breach Investigations Report.
32 West, R. (2008). The Psychology of Security, Communications of the ACM, 51(4), 34-40. DOI : 10.1145/1330311.1330320.   DOI
33 Yazdanmehr, A. and Wang, J. (2016). Employees' Information Security Policy Compliance: A Norm Activation Perspective, Decision Support Systems, 92, 36-46. DOI : 10.1016/j.dss.2016.09.009.   DOI
34 Guo, K. H., Yuan, Y., Archer, N. P. and Connelly, C. E. (2011). Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model, Journal of Management Information Systems, 28(2), 203-236. DOI : 10.2753/MIS0742-1222280208.   DOI
35 Da Veiga, A. and Martins, N. (2017). Defining and Identifying Dominant Information Security Cultures and Subcultures, Computers & Security, 70, 72-94. DOI : 10.1016/j.cose.2017.05.002.   DOI
36 Galluch, P. S., Grover, V. and Thatcher, J. B. (2015). Interrupting the Workplace: Examining Stressors in an Information Technology Context, Journal of the Association for Information Systems, 16(1), 1-47. DOI : 10.17705/1jais.00387.   DOI