Abstract
The body of research that focuses on employees’ information Security Policy compliance is problematic as it treats compliance as a single behavior. This study explored the underlying behavioral context of information security in the workplace, exploring how individual and organizational factors influence the interplay of the motivations and barriers of security behaviors. Investigating factors that had previously been explored in security research, 20 employees from two organizations were interviewed and the data was analyzed using framework analysis. The analysis indicated that there were seven themes pertinent to information security: Response Evaluation, Threat Evaluation, Knowledge, Experience, Security Responsibility, Personal and Work Boundaries, and Security Behavior. The findings suggest that these differ by security behavior and by the nature of the behavior (e.g. on- and offline). Conclusions are discussed highlighting barriers to security actions and implications for future research and workplace practice.
| Original language | English |
|---|---|
| Title of host publication | SOUPS 2015 - Proceedings of the 11th Symposium on Usable Privacy and Security |
| Place of Publication | Berkeley |
| Publisher | USENIX Association |
| Pages | 103-122 |
| Number of pages | 20 |
| ISBN (Electronic) | 9781931971249 |
| Publication status | Published - 22 Jul 2015 |
| Event | 11th Symposium on Usable Privacy and Security, SOUPS 2015 - Ottawa, Canada Duration: 22 Jul 2015 → 24 Jul 2015 |
Conference
| Conference | 11th Symposium on Usable Privacy and Security, SOUPS 2015 |
|---|---|
| Country/Territory | Canada |
| City | Ottawa |
| Period | 22/07/15 → 24/07/15 |