• Journal of the Korea Convergence Society
• /
• v.12 no.2
• /
• pp.247-258
• /
• 2021

Recently, organizations are demanding strict information security behavior from their employees. Strict information security policies and techniques can cause information security related stress. The purpose of this study is to present the negative effects of information security related techno stress and role stress that reduce knowledge sharing behavior and person-organization fit. The survey was conducted to people working in organizations with information security policies and system, and the research hypothesis was verified by structural equation modeling using 309 samples. As a result of the study, person-organization fit had a positive effect on knowledge sharing behavior, but role stress had a negative effect. And, techno-stress negatively affected the person-organization fit. Additionally, role ambiguity had a moderating effect between person-organization fit and knowledge sharing behavior. The implications of the study were to confirm the negative effects of information security related techno stress and role stress, and to suggest directions for minimizing negative behavior of insiders.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.11
• /
• pp.87-98
• /
• 2019

In recent years, many organizations protect their information resources by investing in information security technology. However, information security threats from insiders have not been reduced. This study proposes a method for reducing information security threats within an organization by mitigating negative information security behaviors of employees. Specifically, the study finds a relationship between information security related role stress and negative behavior and suggests whether organizational justice mitigates role stress. That is, the purpose of the study is to suggest a mechanism between organizational justice, information security related role stress, and negative behavior. Negative behavior consist of avoidance behavior and deviant behavior, and security related role stress consist of role conflict and role ambiguity. Organizational justice consist of distributional justice, procedural justice, and informational justice. The research model is verified through structural equation modeling. After establishing a research model and hypothesis, we develop a survey questionnaire and collect data from 383 employees whose organizations have already implemented security policies. The findings appear that security related role stress increases negative behavior and that organizational justice mitigates role stress. The results of the analysis suggest the direction of organizational strategy for minimizing insider's security-related negative behaviors.

• Journal of Convergence for Information Technology
• /
• v.10 no.9
• /
• pp.123-135
• /
• 2020

Recently organizations are implementing strict security policies and technologies to minimize security incidents. However, strict information security can cause work stress of employees and can make it difficult to achieve security goals. The purpose of this study is to present the preconditions for mitigating the negative impact of security-related work stress. We conducted a questionnaire survey of employees working in the financial industry and secured a total of 266 samples. The test of the research hypothesis was carried out by structural equation modeling. As a result, work stress had a negative effect on compliance intention, and value congruence reduced work stress. Also, security feedback had a moderating effect on the relationship between research factors. The results have theoretical and practical implications for mitigating work stress of employees.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.16 no.5
• /
• pp.931-940
• /
• 2021

As information security(IS) is recognized as a critical success factor for organizational growth, organizations are increasing their investment in adopting and operating strict IS policies and technologies. However, when strict IS technology is adopted, IS-related techno-stress may occur in the employees who apply IS technology to their tasks. This study proposes the effect of IS-related techno-stress formed in individuals on IS policy resistance through IS strain and proves that task-technology fit mitigates the negative effect of techno-stress. Research models and hypotheses were presented through previous studies, and the secured samples were used, and structural equation modeling was applied to verify hypothesis. As a result of the study, it was confirmed that IS-related techno-stress (overload, complexity) affected IS policy resistance through IS strain (anxiety, fatigue), and that task-technology fit moderated the relationship between techno-stress and strain. This study suggests a strategic direction for improving the level of internal IS from the viewpoint of suggesting ways to mitigate the stress of employees that may occur when IS policies and technologies are adopted.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.18 no.6
• /
• pp.1177-1188
• /
• 2023

Socially, organizations are required to maintain strict management of their information resources and invest in the adoption of information security (IS) technologies and policies. However, the ongoing threat of information exposure by employees persists within the organization. This study aims to identify the role stress that employees may experience due to strict IS policies and propose methods for reducing its negative impact. Specifically, our study suggests a mechanism for mitigating role stress by incorporating factors related to IS policy goal setting and work regulatory focus. We conducted a survey among workers in the financial industry, where IS policies are rigorously enforced, and tested our research hypotheses using a sample of 309 participants. The results indicate that increasing the difficulty and specificity of IS policy goals reduces role stress (conflict and ambiguity) and positively influences employees' intention to comply with IS policies. Furthermore, individual work promotion focus moderated the relationship between role stress and IS compliance intention. These findings have important implications for organizations seeking to strengthen their IS compliance among employees and inform the development of effective IS strategies.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.19 no.2
• /
• pp.427-436
• /
• 2024

Recently, the importance of information security (IS) has been socially recognized, leading organizations to adopt IS policies, secure specialized personnel, and demand IS compliance from employees. However, the implementation of these policies can disrupt existing work processes, causing resistance among employees. This study aims to elucidate the mechanism linking work stress, caused by IS policies that do not consider the work system, to individual job burnout and IS policy resistance. We established a research model and hypotheses based on previous studies and utilized structural equation modeling with data collected from organization members of companies that have implemented IS policies. The results of the structural equation modeling confirmed that work ambiguity and work impediment are linked to IS policy resistance through job burnout, characterized by emotional exhaustion and disengagement. Our findings suggest that the swift implementation of IS policies can provoke a backlash from employees, with stress being the primary cause. This paradoxically indicates the need for the development of organization-specific IS policies.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.4
• /
• pp.649-662
• /
• 2022

As information security(IS) is recognized as an organization's core value, organizations are making efforts to adopt strict IS policies and technologies. However, strict IS policies can cause negative behavior for employees of organizations who need to apply IS to their work. This study confirms that IS can express the role stress of employees, and suggests a way to mitigate the IS role stress. Specifically, we confirm that organization justice and individual social identity can reduce IS role stress, which reduces IS voice behavior. In the study, we surveyed workers of organizations that applied IS policies to their work and obtained 318 samples. Also, we tested the hypothesis by applying the structural equation model. As a result, IS organization justice increased IS voice behavior through social identity and partially reduced IS voice behavior by mitigating IS role stress. In addition, social identity moderated the relationship between IS role stress and IS voice behavior. This study suggests strategies for achieving internal IS goals by suggesting conditions for mitigating IS role stress from an organizational and individual perspective.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.575-590
• /
• 2022

Recently, organizations are increasing their investment to protect information resources from information security(IS) threats through the adoption of IS policies and technologies. However, IS incidents occur in a variety of ways, such as intrusions from outside the organization and exposure to the inside. Our study presented the negative effects of IS role stress on organizational insiders and suggested factors from the organizational and individual perspectives for mitigating IS role stress. We conducted a survey on employees of companies that introduced and applied IS policies to their work and tested the hypothesis using 329 samples. As a result, IS organization justice reduced IS role stress and strengthened IS positive psychological capital, thereby affecting the IS compliance intention of employees. Also, IS positive psychological capital moderated the relationship between IS stress and IS compliance intention. This study contributes to the achievement of internal IS goals by suggesting the conditions that affect the IS compliance behavior of employees in terms of the organizational environment and individual characteristics

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.41-49
• /
• 2016

The need for protecting computerized medical information has been growing as information and communication technology has rapidly been developed. Government is also promoting institutional improvement measures for the information protection of medical institutions. With more emphasis upon the efforts to enhance the information protection capability of the medical institution, however, it could increase stress to the hospital workers and cause a reduction in the quality of essential medical services of medical institutions. Therefore, it is necessary to research the stress from hospital workers to strengthen the protection of information that medical institutions to manage and its antecedents. Based on the results of relevant researches, this study selected several factors that affect the security stress, including work overload, invasion of privacy and work uncertainty. The sample for this study was 123 hospital workers who were surveyed by questionnaire. The factor analysis and multiple regression method were employed for the analysis of this study. The results of this study showed that work overload, invasion of privacy and some of work uncertainty were the main factors positively influencing the security stress.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.17 no.1
• /
• pp.1-12
• /
• 2022

An insider's information security incidents continue to occur, there is a growing demand for strengthening information security within the organization. However, when strict information security policies and rules are applied to employees of the organization, it can result as an information security stress and resistance behavior. The purpose of this study is to suggest the causes of insiders' negative information security behavior and factors that mitigate the cause. In particular, the study identifies how the mutual influence of individual (psychological empowerment) and organizational (justice climate) factors mitigates negative behavior. In this study, a sample was obtained by surveying workers of organizations that reflect information security policies to insiders, and hypothesis testing was performed by structural equation modeling. As a result of the analysis, role stress had a partial mediating effect on the effect of psychological empowerment on security policy resistance, and the justice climate strengthened the effect of psychological empowerment. Our results suggest a direction for reducing insider information security policy resistance, so it helps to establish a strategy for achieving internal information security goals.