Moral sensitivity in information security dilemmas

Mohammadnazar, Hojat; Ghanbari, Hadi; Siponen, Mikko

dc.contributor.author	Mohammadnazar, Hojat
dc.contributor.author	Ghanbari, Hadi
dc.contributor.author	Siponen, Mikko
dc.date.accessioned	2019-06-07T11:23:13Z
dc.date.available	2019-06-07T11:23:13Z
dc.date.issued	2019
dc.identifier.citation	Mohammadnazar, H., Ghanbari, H., & Siponen, M. (2019). Moral sensitivity in information security dilemmas. In <i>ECIS 2019 : Proceedings of the 27th European Conference on Information Systems, Stockholm & Uppsala, Sweden, June 8-14, 2019</i>. Association for Information Systems. <a href="https://aisel.aisnet.org/ecis2019_rip/44" target="_blank">https://aisel.aisnet.org/ecis2019_rip/44</a>
dc.identifier.other	CONVID_30875955
dc.identifier.other	TUTKAID_81547
dc.identifier.uri	https://jyx.jyu.fi/handle/123456789/64431
dc.description.abstract	Activities that undermine information security such as noncompliance with information security policies raise moral concerns since they can expose valuable information assets. Existing research shows that moral reflection could play an inhibitory role in one’s decision to undermine information security. However, it is not clear whether users interpret such decisions from a moral standpoint to engage in moral reflection in the first place. Users have to be morally sensitive before they engage in moral reflection. Moral sensitivity involves perceiving a situation as morally relevant, identifying the parties involved and perceiving possible courses of action. We examine moral sensitivity in security dilemmas in a Finnish university setting. We develop audio records of conversations about two policy compliance scenarios, each involving moral concerns. After playing back these audio records to participants, we pose probing questions to examine their moral sensitivity. Our preliminary results indicate that users may not be sensitive towards the moral concerns raised by security dilemmas. Based on our findings, we suggest providing users with information regarding those affected by security decisions, IT capabilities in an organization and the possible consequences of different courses of action in security education programs rather than directives about morally right or wrong behavior.	fi
dc.format.mimetype	application/pdf
dc.language.iso	eng
dc.publisher	Association for Information Systems
dc.relation.ispartof	ECIS 2019 : Proceedings of the 27th European Conference on Information Systems, Stockholm & Uppsala, Sweden, June 8-14, 2019
dc.relation.uri	https://aisel.aisnet.org/ecis2019_rip/44
dc.rights	In Copyright
dc.subject.other	information security
dc.subject.other	information security policy compliance
dc.subject.other	moral sensitivity
dc.subject.other	moral behavior
dc.title	Moral sensitivity in information security dilemmas
dc.type	conferenceObject
dc.identifier.urn	URN:NBN:fi:jyu-201906032898
dc.contributor.laitos	Informaatioteknologian tiedekunta	fi
dc.contributor.laitos	Faculty of Information Technology	en
dc.contributor.oppiaine	Tietojärjestelmätiede	fi
dc.contributor.oppiaine	Information Systems Science	en
dc.type.uri	http://purl.org/eprint/type/ConferencePaper
dc.date.updated	2019-06-03T15:15:06Z
dc.relation.isbn	978-1-7336325-0-8
dc.description.reviewstatus	peerReviewed
dc.type.version	acceptedVersion
dc.rights.copyright	© The Authors, 2019.
dc.rights.accesslevel	openAccess	fi
dc.relation.conference	European Conference on Information Systems
dc.subject.yso	tietoturva
dc.subject.yso	tietoturvapolitiikka
dc.subject.yso	moraali
dc.format.content	fulltext
jyx.subject.uri	http://www.yso.fi/onto/yso/p5479
jyx.subject.uri	http://www.yso.fi/onto/yso/p25795
jyx.subject.uri	http://www.yso.fi/onto/yso/p861
dc.rights.url	http://rightsstatements.org/page/InC/1.0/?language=en

Aineistoon kuuluvat tiedostot

Nimi:: moralsensitivity.pdf
Koko:: 436.2Kb
Tiedostomuoto:: PDF
Kuvaus:: Final Draft

Katso/Avaa

Aineisto kuuluu seuraaviin kokoelmiin

Informaatioteknologian tiedekunta [2127]

Näytä suppeat kuvailutiedot

Moral sensitivity in information security dilemmas

Aineistoon kuuluvat tiedostot

Aineisto kuuluu seuraaviin kokoelmiin

Samankaltainen aineisto

Influence of Organizational Culture on Employees Information Security Policy Compliance in Ethiopian Companies ﻿

Investigating the Impact of Organizational Culture on Information Security Policy Compliance : The Case of Ethiopia ﻿

Effects of Sanctions, Moral Beliefs, and Neutralization on Information Security Policy Violations Across Cultures ﻿

Toward a stage theory of the development of employees' information security behavior ﻿

Review of the methods for the development of information security policies at organizations ﻿

Influence of Organizational Culture on Employees Information Security Policy Compliance in Ethiopian Companies

Investigating the Impact of Organizational Culture on Information Security Policy Compliance : The Case of Ethiopia

Effects of Sanctions, Moral Beliefs, and Neutralization on Information Security Policy Violations Across Cultures

Toward a stage theory of the development of employees' information security behavior

Review of the methods for the development of information security policies at organizations