Influences of moral character on insider deviant behavior in information security
This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Insider threats has been a major challenge for organizations. Leaking sensitive information by insiders has become rampant in recent times and presents an important issue for both private and public organizations. Though prior research has indicated that the human is the weakest link in information security and has found that insiders are threats to leaking information, there is paucity of study on the characteristics of the insider that influences information leak behavior. This master’s thesis contributes to filling this important gap. Drawing on moral development and deterrence theories, this study examines the influence of an insider’s moral character on the insider’s ethical awareness on deterrence and views on leaking sensitive information. Results show that out of the four dimensions of moral character, only justice and utilitarianism dimensions directly influence an insider’s view on leaking sensitive information. However, only the justice dimension influences the insider’s ethical awareness on deterrence. Taken together, the results show that an individual with high ethical views on justice is more likely to heed to deterrence polices; however, such individual is highly likely to leak information when heeding to deterrence policies contradicts his/her ethical views on justice. Also, contrary to the notion that personal interest (i.e., egoism) is a fundamental determinant of an insider’s view on leaking information, this study shows that an individual’s view of public interest is a stronger determinant of his/her view on leaking infor-mation. The several implications for research and practice deduced from the results are discussed. This research contributes generally to research on infor-mation systems security and specifically to the importance of moral development theory and deterrence theory in explaining insider information leak behavior. ...
MetadataShow full item record
- Pro gradu -tutkielmat 
Showing items with similar title or keywords.
Kinnunen, Sanna (2016)Aim: The aim was to introduce new explanatory construct, namely illegitimate tasks from Stress-as-Offense-to-Self Theory (SOS), to better understand information security behavior (ISB). In addition, more commonly used ...
Kuhalampi, Mikko (2017)Peloteteoria (Deterrence theory) on alun perin psykologiassa ja kriminologiassa käytetty termi, ja sen mukaan rangaistuksen pelko estää yksilöä toimimasta vastoin lakia ja sääntöjä. Digitalisoituvassa maailmassa on viimeisen ...
Mohammadnazar, Hojat; Ghanbari, Hadi; Siponen, Mikko (Association for Information Systems, 2019)Activities that undermine information security such as noncompliance with information security policies raise moral concerns since they can expose valuable information assets. Existing research shows that moral reflection ...
Karjalainen, Mari; Siponen, Mikko; Sarker, Suprateek (Elsevier, 2020)Existing behavioral information security research proposes continuum or non-stage models that focus on finding static determinants for information security behavior (ISB) that remains unchanged. Such models cannot explain ...
Common Misunderstandings of Deterrence Theory in Information Systems Research and Future Research Directions Siponen, Mikko; Soliman, Wael; Vance, Anthony (ACM, 2022)In the 1980s, information systems (IS) borrowed deterrence theory (DT) from the field of criminology to explain information security behaviors (or intention). Today, DT is among the most commonly used theories in IS security ...