Show simple item record

dc.contributor.authorSiponen, Mikko
dc.contributor.authorPuhakainen, Petri
dc.contributor.authorVance, Anthony
dc.date.accessioned2019-10-17T08:22:50Z
dc.date.available2019-10-17T08:22:50Z
dc.date.issued2020
dc.identifier.citationSiponen, M., Puhakainen, P., & Vance, A. (2020). Can Individuals’ Neutralization Techniques Be Overcome? : A Field Experiment on Password Policy. <i>Computers and Security</i>, <i>88</i>, Article 101617. <a href="https://doi.org/10.1016/j.cose.2019.101617" target="_blank">https://doi.org/10.1016/j.cose.2019.101617</a>
dc.identifier.otherCONVID_33002860
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/65920
dc.description.abstractIndividuals’ lack of adherence to password security policy is a persistent problem for organizations. This problem is especially worrisome because passwords remain the primary authentication mechanism for information systems, and the number of passwords has been increasing. For these reasons, determining methods to improve individuals’ adherence to password-security policies constitutes an important issue for organizations. Extant research has shown that individuals use neutralization techniques, i.e., types of rationalizations, to disregard organizational information-security policies. What has not been determined from extant information security research is whether these neutralizations can be changed through educational training interventions. We argue that training based on principles of cognitive dissonance theory is a promising method for reducing individuals’ use of neutralization techniques. We contribute by showing empirically that training based on cognitive dissonance theory can reduce the use of neutralization techniques when such training is designed to counter such techniques. Using a quasi-experimental design at an organization, individuals received training on neutralization techniques in the context of password security. Using a quasi-experimental design, we found that individuals who received our training treatment exhibited substantially less intent to use neutralization techniques and were significantly more likely to use secure passwords. Additionally, a follow-up measurement three weeks after the training session showed that the experimental treatment retained its effectiveness, i.e., the experimental group exhibited substantially less intent to use neutralization techniques and a greater likelihood of using strong passwords in the future. Additionally, intent was significantly greater in the experimental group. Implications for practice and future research are discussed.en
dc.format.mimetypeapplication/pdf
dc.languageeng
dc.language.isoeng
dc.publisherElsevier Advanced Technology
dc.relation.ispartofseriesComputers and Security
dc.rightsCC BY-NC-ND 4.0
dc.subject.otherinformation security policy
dc.subject.otherpasswords
dc.subject.otherneutralization
dc.subject.otherinformation security
dc.titleCan Individuals’ Neutralization Techniques Be Overcome? : A Field Experiment on Password Policy
dc.typearticle
dc.identifier.urnURN:NBN:fi:jyu-201910174492
dc.contributor.laitosInformaatioteknologian tiedekuntafi
dc.contributor.laitosFaculty of Information Technologyen
dc.contributor.oppiaineTietojärjestelmätiedefi
dc.contributor.oppiaineInformation Systems Scienceen
dc.type.urihttp://purl.org/eprint/type/JournalArticle
dc.description.reviewstatuspeerReviewed
dc.relation.issn0167-4048
dc.relation.volume88
dc.type.versionacceptedVersion
dc.rights.copyright© 2019 Elsevier Ltd.
dc.rights.accesslevelopenAccessfi
dc.relation.grantnumber1732/31/2015
dc.subject.ysotietoturva
dc.subject.ysohenkilöstökoulutus
dc.subject.ysotietoturvapolitiikka
dc.subject.ysosalasanat
dc.format.contentfulltext
jyx.subject.urihttp://www.yso.fi/onto/yso/p5479
jyx.subject.urihttp://www.yso.fi/onto/yso/p296
jyx.subject.urihttp://www.yso.fi/onto/yso/p25795
jyx.subject.urihttp://www.yso.fi/onto/yso/p21231
dc.rights.urlhttps://creativecommons.org/licenses/by-nc-nd/4.0/
dc.relation.doi10.1016/j.cose.2019.101617
dc.relation.funderTEKESfi
dc.relation.funderTEKESen
jyx.fundinginformationThe Finnish Funding Agency for Innovation (Business Finland) and several companies funded this study.


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record

CC BY-NC-ND 4.0
Except where otherwise noted, this item's license is described as CC BY-NC-ND 4.0