Search results

Employee security behaviors are the cornerstone for achieving holistic organizational information security. Recent studies in the information systems (IS) security literature have used neutralization and moral disengagement (MD) perspectives to examine employee rationalizations of noncompliant security behaviors. Extending this prior work, the purpose of this paper is to identify mechanisms of security education, training, and awareness (SETA) programs and deterrence as well as employees’ organizational commitment in influencing MD of security policy violations and develop a theoretical model to test the proposed relationships.

The authors validate and test the model using the data collected from six large multinational organizations in Korea using survey-based methodology. The model was empirically analyzed by structural equation modeling.

The results suggest that security policy awareness (PA) plays a central role in reducing MD of security policy violations and that the certainty of punishment and immediacy of enforcing penalties are instrumental toward reducing such MD; however, the higher severity of penalties does not have an influence. The findings also suggest that SETA programs are an important mechanism in creating security PA.

The paper expands the literature in IS security that has examined the role of moral evaluations. Drawing upon MD theory and social cognitive theory, the paper points to the central role of SETA and security PA in reducing MD of security policy violations, and ultimately the likelihood of this behavior. The paper not only contributes to theory but also provides important insights for practice.

Digital technologies have diffused into many personal life domains. This has created many new phenomena that require systematic theorizing, testing and understanding. Such phenomena have been studied under the Digitization of the Individual (DOTI) umbrella and have been discussed in the DOTI pre-International Conference on Information Systems workshop for the last three years (from 2015 to 2017). While prior years have focused on a variety of issues, this year (2018) we decided to put special emphasis on negative effects of the DOTI, i.e., “the dark side” of the DOTI.

This manuscript reports on a panel of three experts (in alphabetical order: John D’Arcy, Hamed Qahri-Saremi and Monideepa Tarafdar) who presented their past research in this domain, as well as their outlook for future research and methodologies in research on the DOTI.

The authors introduce the topic, chronicle the responses of the panelists to the questions the authors posed, and summarize and discuss their response, such that readers can develop a good idea regarding next steps in research on the dark side of the DOTI.

The authors introduce the topic of the dark sides of DOTI and point readers to promising research directions and methodologies for further exploring this relatively uncharted field of research.

The impact of stress on personal and work-related outcomes has been studied in the information systems (IS) literature across several professions. However, the cybersecurity profession has received little attention despite numerous reports suggesting stress is a leading cause of various adverse professional outcomes. Cybersecurity professionals work in a constantly changing adversarial threat landscape, are focused on enforcement rather than compliance, and are required to adhere to ever-changing industry mandates – a work environment that is stressful and has been likened to a war zone. Hence, this literature review aims to reveal gaps and trends in the current extant general workplace and IS-specific stress literature and illuminate potentially fruitful paths for future research focused on stress among cybersecurity professionals.

Using the systematic literature review process (Okoli and Schabram, 2010), the authors examined the current IS research that studies stress in organizations. A disciplinary corpus was generated from IS journals and conferences encompassing 30 years. The authors analyzed 293 articles from 21 journals and six conferences to retain 77 articles and four conference proceedings for literature review.

The findings reveal four key research opportunities. First, the demands experienced by cybersecurity professionals are distinct from the demands experienced by regular information technology (IT) professionals. Second, it is crucial to identify the appraisal process that cybersecurity professionals follow in assessing security demands. Third, there are many stress responses from cybersecurity professionals, not just negative responses. Fourth, future research should focus on stress-related outcomes such as employee productivity, job satisfaction, job turnover, etc., and not only security compliance among cybersecurity professionals.

This study is the first to provide a systematic synthesis of the IS stress literature to reveal gaps, trends and opportunities for future research focused on stress among cybersecurity professionals. The study presents several novel trends and research opportunities. It contends that the demands experienced by cybersecurity professionals are distinct from those experienced by regular IT professionals and scholars should seek to identify the key characteristics of these demands that influence their appraisal process. Also, there are many stress responses, not just negative responses, deserving increased attention and future research should focus on unexplored stress-related outcomes for cybersecurity professionals.

The design of bibliographic records for computer input is explored. The elements of a record provide bibliographic description, serve as retrieval keys, facilitate ordered filing, and indicate locations. The effect of each of these functions on the form of the record is discussed. Problems are raised that must be resolved before an optimal record can be designed.

The purpose of this paper is to examine the influence of security-related and employment relationship factors on employees’ security compliance decisions. A major challenge for organizations is encouraging employee compliance with security policies, procedures and guidelines. Specifically, we predict that security culture, job satisfaction and perceived organizational support have a positive effect on employees’ security compliance intentions.

This study used a survey approach for data collection. Data were collected using two online surveys that were administered at separate points in time.

Our results provide empirical support for security culture as a driver of employees’ security compliance in the workplace. Another finding is that an employee’s feeling of job satisfaction influences his/her security compliance intention, although this relationship appears to be contingent on the employee’s position, tenure and industry. Surprisingly, we also found a negative relationship between perceived organizational support and security compliance intention.

Our results provide one of the few empirical validations of security culture, and we recognize its multidimensional nature as conceptualized through top management commitment to security (TMCS), security communication and computer monitoring. We also extend security compliance research by considering the influence of employment relationship factors drawn from the organizational behavior literature.

This research provides accounting-ethics authors and administrators with a benchmark for accounting-ethics research. While Bernardi and Bean (2010) considered publications in business-ethics and accounting’s top-40 journals this study considers research in eight accounting-ethics and public-interest journals, as well as, 34 business-ethics journals. We analyzed the contents of our 42 journals for the 25-year period between 1991 through 2015. This research documents the continued growth (Bernardi & Bean, 2007) of accounting-ethics research in both accounting-ethics and business-ethics journals. We provide data on the top-10 ethics authors in each doctoral year group, the top-50 ethics authors over the most recent 10, 20, and 25 years, and a distribution among ethics scholars for these periods. For the 25-year timeframe, our data indicate that only 665 (274) of the 5,125 accounting PhDs/DBAs (13.0% and 5.4% respectively) in Canada and the United States had authored or co-authored one (more than one) ethics article.

Through a survey of 200 employees working in five of the thirty establishments analysed in previous research about the microeconomic effects of reducing the working time (Cahier 25), the consequences on employees of such a reduction can be assessed; and relevant attitudes and aspirations better known.

We learn with interest and pleasure that, by the unanimous vote of the Council, the position of Executive Officer to the Library Association has been given to Mr. Guy Keeling, B.A. We understand that over one hundred applicants were considered for the post, and that it was felt that by education and experience Mr. Keeling was eminently qualified for the work which lies ahead of the Association. Mr. Keeling is a Cambridge man, Still on the sunny side of forty, whose pleasing personality is known to many librarians who have met him at conferences of “Aslib” or at meetings of the London and Home Counties Branch. As for his work as secretary of Aslib, it has proved him to be a man of most efficient organizing capacity. We offer him a welcome to the larger sphere of librarianship and we feel sure that all our readers will do the same, and, what is better, will support him in all his efforts in it.

Presents a case study on union‐based research and education activity generated in response to restructuring in the Canadian telecommunications industry and workplace reorganization. Findings suggest that an education/research/policy dynamic rooted in the union local helps to build the potential for workplace democracy and organizational capacity in the labour movement.