Understanding computer security behavioral intention in the workplace

Cheolho Yoon (Mokpo National University, Muan-gun, Chonnam, Korea)
Hyungon Kim (Mokpo National University, Muan-gun, Chonnam, Korea)

Information Technology & People

ISSN: 0959-3845

Publication date: 11 November 2013

Abstract

Purpose

In organizations today, protecting information and computer assets from attacks or disaster has become one of the top managerial issues. The purpose of this paper is to propose and empirically test a comprehensive model of computer security behaviors of individuals in the workplace.

Design/methodology/approach

The model was developed based on the reference disciplines of the theory of reasoned action, moral obligation, protection motivation theory (PMT), and organizational context factors. The measurements for the variables in the model, including computer security behavioral intention were adapted from prior studies, and their reliability and validity were verified by a confirmatory factor analysis. The model was empirically analyzed by structural equation modeling with respect to data from 162 employees in a number of organizations in Korea.

Findings

The results indicate that moral obligation and organizational norms along with attitude toward computer security behavior have significant impacts on employees’ behavioral intentions of computer security. In addition, perceived threat severity, response efficacy, and self-efficacy, which are drawn from the PMT, have significant impacts on employee attitude, whereas security policy has significant impacts on the organizational norms.

Originality/value

The paper provides a useful model for analyzing employees’ computer security behaviors in the workplace. Also, the paper reveals that moral obligation as well as attitude toward computer security behavior was a significant predictor of an individual employee's intention to practice computer security behavior.

Keywords

Citation

Yoon, C. and Kim, H. (2013), "Understanding computer security behavioral intention in the workplace", Information Technology & People, Vol. 26 No. 4, pp. 401-419. https://doi.org/10.1108/ITP-12-2012-0147

Download as .RIS

Publisher

:

Emerald Group Publishing Limited

Copyright © 2013, Emerald Group Publishing Limited

Please note you might not have access to this content

You may be able to access this content by login via Shibboleth, Open Athens or with your Emerald account.
If you would like to contact us about accessing this content, click the button and fill out the form.
To rent this content from Deepdyve, please click the button.