• Information Systems Review
• /
• v.25 no.4
• /
• pp.233-248
• /
• 2023

The increasing integration of intelligent information technologies within organizational systems has amplified the risk to personal information security. This escalation, in turn, has fueled growing apprehension about an organization's capabilities in safeguarding user data. While Internet users adopt a multifaceted approach in assessing a company's information security, existing research on the multiple dimensions of information security is decidedly sparse. Moreover, there is a conspicuous gap in investigations exploring whether users' evaluations of organizational information security differ across industry types. With an aim to bridge these gaps, our study strives to identify which information security attributes users perceive as most critical and to delve deeper into potential variations in these attributes across different industry sectors. To this end, we conducted a structured survey involving 498 users and utilized the analytic hierarchy process (AHP) to determine the relative significance of various information security attributes. Our results indicate that users place the greatest importance on the technological dimension of information security, followed closely by transparency. In the technological arena, banks and domestic portal providers earned high ratings, while for transparency, banks and governmental agencies stood out. Contrarily, social media providers received the lowest evaluations in both domains. By introducing a multidimensional model of information security attributes and highlighting the relative importance of each in the realm of information security research, this study provides a significant theoretical contribution. Moreover, the practical implications are noteworthy: our findings serve as a foundational resource for Internet service companies to discern the security attributes that demand their attention, thereby facilitating an enhancement of their information security measures.