Botong Xue scite author profile

PurposeA growing number of studies have investigated the effect of ethical leadership on behavioral outcome of employees. However, considering the important role of ethics in IS security, the security literature lacks a theoretical and empirical investigation of the relationship between ethical leadership and employees' security behavior, such as information security policy (ISP) violation. Drawing on social learning and social exchange theories, this paper empirically tests the impact of ethical leadership on employees' ISP violation intention through both information security climate (i.e. from a moral manager's perspective) and affective commitment (i.e. from a moral person's perspective).Design/methodology/approachThe research was developed based on social learning theory and social exchange theory. To measure the variables in the model, the authors used and adapted measurement items from previous studies. The authors conducted a scenario-based survey with 339 valid responses to test and validate the research model.FindingsResults indicated that information security climate fully mediates the relationship between ethical leadership and ISP violation intention. The authors also found that information security climate enhances the negative effect of affective commitment on ISP violation intention.Originality/valueThis research contributes to the literature of information security by introducing the role of ethical leadership and integrating two theories into our research model. This study also calls attention to how information security climate and affective commitment mediate the relationship between ethical leadership and employees' ISP violation intention. The theory-driven study provides important pragmatic guidance for enhancing the understanding of the importance of ethical leadership in information systems security research.

show abstract

The Differential Effects of Interpersonal Justice and Injustice on Computer Abuse

Wang

Xue

2019

View full text Add to dashboard Cite

Insider employees have become one of the top security threats to organizations. In order to mitigate their detrimental security behaviors, it is important to understand the thought processes of these insider offenders. Recent security research has examined the role of perceptions of injustice in explaining employee security behaviors. However, there is a paucity of research investigating the differential effects of justice and injustice. Based on regulatory focus theory, this article examines the emotional and behavioral reactions to perceptions of interpersonal justice and injustice. The results show that perceptions of interpersonal injustice are more relevant to employee experiences of hostility than perceptions of interpersonal justice. In addition, the results show that promotion focus and prevention focus have asymmetric effects on the role of emotions in computer abuse. The results have important theoretical contributions to justice and security behavior research and provide critical guidance to organizational security management.

show abstract

Effects of Organizational Controls on Employees' Cyber-loafing

Luo

Zhang

et al. 2022

SIGMIS Database

View full text Add to dashboard Cite

Cyber-loafing is a workplace deviant behavior that may impose perennial losses and security threats to organizations. Due to the destructive impact, organizations take controls to manage employees' cyber-loafing behavior. While previous research concerning these cyber-loafing controls has yielded inconsistent results, this research further advances this line of research through two primarily adopted organizational controls: computer monitoring and Internet usage policy. We contend that the inconsistent results of the effects of computer monitoring and Internet usage policy on cyber-loafing behavior are due to ignoring the influence of individual differences. Motivated thus, we draw on pertaining literature of trait mindfulness to propose that trait mindfulness moderates the effect of perceived computer monitoring and perceived Internet usage policy on behavioral automaticity towards cyber-loafing, which leads to employees' cyber-loafing behavior. In essence, this paper sheds new light on the relationships amid organizational controls, cyber-loafing behavior, and the moderating effects of trait mindfulness. 450 responses were collected to test these hypotheses. Our results show that trait mindfulness enhances the negative effect of perceived Internet usage policy on behavioral automaticity towards cyber-loafing. In addition, we find out that trait mindfulness has an indirect effect on employees' cyber-loafing behavior by reducing behavioral automaticity.

show abstract

Toward an intellectual capital cyber security theory: insights from Lebanon

Balozian

Leidner

Xue

2021

JIC

View full text Add to dashboard Cite

Purpose Intellectual capital (IC) cyber security is a priority in all organizations. Because of the dearth in IC cyber security (ICCS) research theories and the constant call to theory building, this study proposes a theory of ICCS drawing upon tested empirical data of information systems security (ISS) theory in Lebanon. Design/methodology/approach After a pilot test, the authors tested the newly developed ISS theory using a field study consisting of 187 respondents, representing many industries, thus contributing to generalizability. ISS theory is used as a proxy for the development of ICCS theory. Findings Based on a review of the literature from the past three decades in the information systems (IS) discipline and a discovery of the partial yet significant relevance of ISS literature to ICCS, this study succinctly summarized the antecedents and independent variables impacting security compliance behavior, putting the variables into one comprehensive yet parsimonious theoretical model. This study shows the theoretical and practical relevancy of ISS theory to ICCS theory building. Practical implications This paper highlights the importance of ISS compliance in the context of ICCS, especially in the area of spoken knowledge in environments containing Internet-based security devices. Originality/value This research article is original, as it presents the theory of ICCS, which was developed by drawing upon a comprehensive literature review of the IS discipline and finding the bridges between the security of both IS and IC.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Botong Xue

Self-efficacy in Information Security: A Replication Study

Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths

The Differential Effects of Interpersonal Justice and Injustice on Computer Abuse

Effects of Organizational Controls on Employees' Cyber-loafing

Toward an intellectual capital cyber security theory: insights from Lebanon

Contact Info

Product

Resources

About