• Journal of Digital Convergence
• /
• v.19 no.12
• /
• pp.125-132
• /
• 2021

This study analyzed the multi-mediating effects of information security, personal information infringement, personal experience, and information security intention in the relationship between personal information protection and information security attitude. For this purpose, a survey was conducted on 221 students from G University. First, information security, personal information infringement, and information security awareness had a simple mediating effect. Second, information security, personal information infringement, personal experience, and information security consciousness had parallel multi- mediation effects. Third, personal information infringement and information security awareness had a simple mediating effect in the parallel multiple mediation state. Fourth, information security had a simple mediating effect, but it was found that there was no simple mediating effect in the parallel multiple mediation state. This study is meaningful in that it empirically compared the simple and multi-mediation effects.

• The Journal of Information Systems
• /
• v.17 no.3
• /
• pp.153-174
• /
• 2008

Mobile commerce is defined as any direct or indirect transaction conducted and facilitated through a wireless telecommunication network such as payment, ticketing, auction and mobile banking. Despite the importance of mobile commerce, there have not been so many academic studies on the unique characteristics of mobile commerce environments. In this study, our research model is developed based on TAM(Technology Acceptance Model) to investigate the user's technology acceptance process in mobile commerce environment. The factors, such as ubiquity, compatibility, perceived usefulness, perceived ease of use, cost, security, attitude and behavior intention for mobile commerce were selected from pier study in information systems area. The data for empirical analysis of the research model is collected online-questionnaire of 167 mobile commerce users in South Korea. The hypotheses were analyzed using SPSS 15.0 and AMOS 7.0. The results of our study show that: (1) compatibility, perceived usefulness and security had influences on the attitude whereas perceived ease of use and cost did not have any significant impact on the attitude, (2) compatibility influenced perceived usefulness whereas perceived ease of use did not, and finally (3) ubiquity, perceived usefulness and attitude had considerable influences on intention for mobile commerce. Therefore, practitioners should focus on enhancing security, quality of contents and services as well as offering what mobile commerce users want. The results of this study may useful for academicians and practitioners alike.

• Journal of the Korean Society of Clothing and Textiles
• /
• v.27 no.2
• /
• pp.177-187
• /
• 2003

The purpose of this study was to investigate the effects of clothing involvement and internet usage on internet shopping attitude and internet purchase of clothing products. The subjects used for the study were 210 male and 338 female college students. The clothing involvement consisted of pleasure/interest, symbolism/expression, and perceived risk factors. The internet usage consisted of information and entertainment uses. The internet shopping attitude had convenience and security factors. The results showed that there were positive relationships between clothing involvement factors and internet shopping attitude factors. Regarding the relationship between internet usage and internet shopping attitude, there was a positive relationship between internet information use and internet attitude for convenience while there was a positive relationship between internet entertainment use and internet attitude for security. According to clothing involvement and internet usage, the respondents were segmented by four groups. The results showed that these segmented groups were different in regard to internet shopping attitude, internet purchase, and demographics. For example, symbolishm/internet information use group considered internet shopping more convenient and purchased clothing more frequently through internet than did other groups. The implications of the study were discussed.

• The Journal of Information Systems
• /
• v.24 no.3
• /
• pp.1-19
• /
• 2015

Purpose This study discusses the contradictory behavior of smart-phone users who consider security is important, but they do not follow the security recommendations. We found through literature research that this contradictory behavior is resulted from a low level of efficacy. Design/methodology/approach Research hypotheses were set based on Extended Parallel Process Model, Control Theory, and Self Efficacy Mechanism. The data were collected from undergraduate students. Total of 178 data were used for the analysis. Findings Results of the analysis, first, showed that the relationship between threat and security attitude varies with the level of coping efficacy. Second, showed that the relationship between threat and fear does not vary with the level of coping efficacy. Both the groups with high coping efficacy and low coping efficacy had a statistically significant effect on the relationship between threat and fear.

• Journal of the Korean Society of Industry Convergence
• /
• v.24 no.4_2
• /
• pp.421-434
• /
• 2021

The expansion of information sharing activities using online can increase the threat of information exposure by increasing the diversity of approaches to information within an organization. The purpose of this study is to present conditions for improving the information security compliance intention of insiders to improve the level of information security within the organization. In detail, the study applies the theory of planned behavior that clearly explains the cause of an individual's behavior and proposes a way to increase the compliance intention by integrating the social control theory and goal-setting theory. The study presented research models and hypotheses based on previous studies, collected samples by applying a questionnaire technique, and tested hypotheses through structural equation modeling. As a result, information security attitude, subjective norms, and self-efficacy had a positive influence on the intention to comply. Also, attachment, commitment, and involvement, which are the factors of social control theory, formed a positive attitude toward information security. Goal difficulty and goal specificity, which are the factors of goal setting theory, formed a positive self-efficacy. The study presents academic and practical implications in terms of suggesting a method of improving the information security compliance intention of employees.

• Information Systems Review
• /
• v.22 no.3
• /
• pp.31-58
• /
• 2020

Based on the social control theory, this study intends to find out the influential factors of organizational members' information security policy compliance (ISPC). Survey data from 195 military officers were analyzed to examine the effect of ethical disposition (morality, responsibility, the perceived value of ethical education) and perceived work environment (relationships with supervisors, overwork, and pay satisfaction) on ISPC attitude, ISPC intention, and turnover intention. The results of partial least squares structural equation modeling (PLS-SEM) show that ethical dispositions affect ISPC attitude and that work environments (except for pay satisfaction) affect turnover intention. In addition, ISPC attitude significantly mediates relations between ethical disposition and ISPC intention, between relationships with supervisors and ISPC intention, and between turnover intention and ISPC intention. These findings suggest that ethical disposition factors can predict an individual's security awareness level, and the ISPC attitude is a significant variable in the organizational security context.

• Journal of Information Technology Applications and Management
• /
• v.25 no.4
• /
• pp.1-21
• /
• 2018

Due to the increase in the use of the Internet, it is becoming more common to provide or use a social login for registering for services. Herein, the purpose of this study is to analyze the influence of security, individual innovativeness, ubiquity and brand awareness on the use of social log-in service through the individuals' attitude who have memorized various IDs and passwords by using Technology Acceptance Model (TAM). In addition, the effect of individual innovativeness on the relationship between social login characteristic factors and attitudes toward social login services are examined. Based on the statistical results, it is found that the significant factors affecting the attitude toward the social login service are the security, ubiquity, brand awareness and perceived usefulness. Moreover, the individual innovativeness is found to have the moderating effects in the relationship between the three factors (the perceived usefulness, and perceived ease of use, and security) and attitude toward the social login service. Positive attitudes increase with the usefulness, ease of using social login serive when individual innovativeness is high. On the other hand, when individual innovativeness is low, the stronger the effect of security on attitude toward the social login services. In accordance with these results, the implications and limitations of this study are discussed.

• Journal of Information Technology Applications and Management
• /
• v.26 no.2
• /
• pp.27-40
• /
• 2019

As reliance on information and communication becomes widespread, a variety of information dysfunctions such as hacking, viruses, and the infringement of personal information are also occurring. Korean adolescents are especially exposed to an environment in which they are experiencing information dysfunction. In addition, youth cybercrimes are steadily occurring. To prevent cybercrime and the damage caused by information dysfunction, information security practices are essential. Accordingly, the purpose of this study is to discuss the factors affecting the information security practices of Korean youths, considering information security education, perceived severity, and perceived vulnerability as leading factors of the theory of planned behavior. A questionnaire survey was administered to 118 middle and high school students. Results of the hypothesis test show that information security education affects perceived behavior control, and perceived severity affects attitude. Subjective norms, information security attitudes, and perceived behavioral control were found to influence adolescents' practices of information security. However, perceived vulnerabilities did not affect youths' information security attitudes. This study confirms that information security education can help youths to practice information security. In other words, information security education is important, and it is a necessary element in the information curriculum of contemporary youth. However, perceived vulnerability to youth information security threats did not affect information security attitudes. Consequently, we suggest that it is necessary to strengthen the contents of the information security education for Korean youths.

• Journal of Korea Society of Industrial Information Systems
• /
• v.24 no.4
• /
• pp.79-98
• /
• 2019

In this paper, the security behaviors and attitudes related with the personal information of teenagers were investigated using empirical data based on rational behavior theory and protection motivation theory. An experiment for teenagers was conducted on Excel and the statistical packages (i.e., SPSS 21.0 and SmartPLS2.0.M3) to see how self-efficiency, security attitude, security intention and individual innovation affect their security behaviors. The experimental results showed that the security behaviors and attitudes of teenagers between internet and information devices are closely related, and the social influences can affect personal self-efficacy and security attitudes. Finally, we can know that teenagers should recognize the importance of security and protect their personal information safely through continuous education and training so that they can be linked to security behaviors.

• Korean Security Journal
• /
• no.56
• /
• pp.145-163
• /
• 2018

Recently, security behavior of members of organizations has been recognized as a critical part of information security at the corporate level. Leakage of customers' information brings more attention to information security behavior of organizations and the importance of a task force. Research on information breach and information security is actively conducted of personal behavior toward security threats or members of organizations who use security technology. This study aims to identify factors of influence on information security behavior of members of organizations and to empirically find out how these factors affect information security behavior through behavior toward attitude, subjective norm and perceived behavior control. On the basis of the research, this study will present effective and efficient ways to foster information security activities of members of organizations. To this end, the study presented a research model that applied significant variables based on integration of Theory of Planned Behavior (TPB) and Theory of Protection Motivation (TPM). To empirically verify this research model, the study conducted a survey of members of organizations who had security-related work experience at companies. So, it is critical for members of organizations to encourage positive word of mouth (WOM) about information security behavior. Results show that based on the integration of TPM and TPB, perceived vulnerability, perceived severity, perceived efficiency and perceived barriers of information security behavior of members of organizations had significant influences on mediating variables such as behavior toward attitude, subjective norm, perceived behavior control and intention. They also had significant influences on organization information security behavior which is a dependent variable. This study indicates companies should introduce various security solutions so that members of the organizations can prevent and respond to potential internal and external security risks. In addition, they will have to take actions to inspect vulnerability of information system and to meet security requirements such as security patches.