To read this content please select one of the options below:

Human aspects of information security: An empirical study of intentional versus actual behavior

Ayako Komatsu (Security Economics Laboratory, Information‐Technology Promotion Agency, Tokyo, Japan)
Daisuke Takagi (Graduate School of Humanities and Sociology, The University of Tokyo, Tokyo, Japan)
Toshihiko Takemura (Research Institute for Socio‐Network Strategies, Kansai University, Osaka, Japan)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 15 March 2013




A significant amount of empirical research has been conducted on the socio‐economic (sociological, psychological, economic) aspects of information security, such as the phenomenon of individuals who are willing to take security measures, but often do not. There is a growing body of research relating to individual behaviour and decision making and the purpose of this paper is to analyze a survey on the behaviour of individuals who implement information security measures.


To promote effective information security measures, this paper refers to research on the psychology of persuasion from the field of social psychology. A survey was conducted into determinants for changing attitudes through persuasive messages, and the results were analysed. A questionnaire was used and the authors built a demonstrative experimental environment, which analysed in detail attitudinal changes in an individuals' behaviour.


The authors found differences in behaviour regarding the intent to implement measures discovered from the responses to the questionnaire as well as from actual conduct in the demonstrative experiment.


It is original to adopt a model defined by social psychology, especially Protection Motivation Theory and Elaborative Likelihood Model. The authors conducted both questionnaire survey and the psychological experiment.



Komatsu, A., Takagi, D. and Takemura, T. (2013), "Human aspects of information security: An empirical study of intentional versus actual behavior", Information Management & Computer Security, Vol. 21 No. 1, pp. 5-15.



Emerald Group Publishing Limited

Copyright © 2013, Emerald Group Publishing Limited

Related articles