Näytä suppeat kuvailutiedot

dc.contributor.authorKarjalainen, Mari
dc.contributor.authorSiponen, Mikko
dc.contributor.authorSarker, Suprateek
dc.date.accessioned2020-04-15T07:05:50Z
dc.date.available2020-04-15T07:05:50Z
dc.date.issued2020
dc.identifier.citationKarjalainen, M., Siponen, M., & Sarker, S. (2020). Toward a stage theory of the development of employees' information security behavior. <i>Computers and Security</i>, <i>93</i>, 101782. <a href="https://doi.org/10.1016/j.cose.2020.101782" target="_blank">https://doi.org/10.1016/j.cose.2020.101782</a>
dc.identifier.otherCONVID_34957381
dc.identifier.urihttps://jyx.jyu.fi/handle/123456789/68531
dc.description.abstractExisting behavioral information security research proposes continuum or non-stage models that focus on finding static determinants for information security behavior (ISB) that remains unchanged. Such models cannot explain a case where the reasons for ISB change. However, the underlying reasons and motives for users’ ISB are not static but may change over time. To understand the change in reasoning between different antecedents, we examine stage theorizing in other fields and develop the requirements for an emergent theory of the development of employees’ ISB: (1) the content of stages based on the stage elements and their stage-specific attributes; (2) the stage-independent element explaining the instability of ISB; and (3) the temporal order of stages based on developmental progression. To illustrate the stage theory requirements in an information security context, we suggest four stages: intuitive thinking, declarative thinking, agency-related thinking, and routine-related thinking. We propose that learning is a key driver of change between the stages. According to our theorizing, employees start with intuitive beliefs and later develop routine-related thinking. Furthermore, using interview data collected from employees in a multinational company, we illustrate the differences in the stages. For future information security research, we conceptualize ISB change in terms of stages and contribute a theoretical framework that can be empirically validated. In relation to practice, understanding the differences between the stages offers a foundation for identifying the stage-specific challenges that lead to non-compliance and the corresponding information security training aimed at tackling these challenges. Given that users’ ISB follows stages, although not in a specific order, identifying such stages can improve the effectiveness of information security training interventions within organizations.en
dc.format.mimetypeapplication/pdf
dc.languageeng
dc.language.isoeng
dc.publisherElsevier
dc.relation.ispartofseriesComputers and Security
dc.rightsCC BY-NC-ND 4.0
dc.subject.otherinformation security
dc.subject.otherinformation security behavior
dc.subject.othercompliance with information security policies
dc.subject.otherstage theory
dc.subject.otherlearning
dc.titleToward a stage theory of the development of employees' information security behavior
dc.typeresearch article
dc.identifier.urnURN:NBN:fi:jyu-202004152753
dc.contributor.laitosInformaatioteknologian tiedekuntafi
dc.contributor.laitosFaculty of Information Technologyen
dc.type.urihttp://purl.org/eprint/type/JournalArticle
dc.type.coarhttp://purl.org/coar/resource_type/c_2df8fbb1
dc.description.reviewstatuspeerReviewed
dc.format.pagerange101782
dc.relation.issn0167-4048
dc.relation.volume93
dc.type.versionpublishedVersion
dc.rights.copyright© 2020 The Authors
dc.rights.accesslevelopenAccessfi
dc.type.publicationarticle
dc.subject.ysooppiminen
dc.subject.ysoorganisaatiokäyttäytyminen
dc.subject.ysotietoturvapolitiikka
dc.subject.ysoinformaatiokäyttäytyminen
dc.subject.ysotietoturva
dc.format.contentfulltext
jyx.subject.urihttp://www.yso.fi/onto/yso/p2945
jyx.subject.urihttp://www.yso.fi/onto/yso/p17597
jyx.subject.urihttp://www.yso.fi/onto/yso/p25795
jyx.subject.urihttp://www.yso.fi/onto/yso/p24916
jyx.subject.urihttp://www.yso.fi/onto/yso/p5479
dc.rights.urlhttps://creativecommons.org/licenses/by-nc-nd/4.0/
dc.relation.doi10.1016/j.cose.2020.101782
jyx.fundinginformationNo funding information.
dc.type.okmA1


Aineistoon kuuluvat tiedostot

Thumbnail

Aineisto kuuluu seuraaviin kokoelmiin

Näytä suppeat kuvailutiedot

CC BY-NC-ND 4.0
Ellei muuten mainita, aineiston lisenssi on CC BY-NC-ND 4.0