Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness

Bulğurcu, Burcu; Cavusoglu, Hasan; Benbasat, Izak

doi:10.2307/25750690

Cited by 1,260 publications

(1,405 citation statements)

References 83 publications

Supporting

Mentioning

1,202

Contrasting

Unclassified

Order By: Relevance

“…This is because such trainings are directed to broad audiences and the learners are mostly passive recipients [34]. Our finding is conflicting with Bulgurcu, Cavusoglu & Benbasat [33], who supported that there is no significant relationship between education level categories and computer technology usage. Similar findings were also reported by Mesko & Bernik [35].…”

Section: Computer Usage and Securitycontrasting

confidence: 83%

“…Rezgui & Marks [31] emphasized the role of training and education for keeping everyone up-to-date for IT threats. Bulgurcu, Cavusoglu & Benbasat [33] used another perspective and stated their belief that the level of education may influence compliance behavior for information security. All these may be an indication of the fact that information systems security constitutes a technologically complex field and needs comprehensive set of relevant competencies and skills, which can be better fulfilled with formal education.…”

Section: Computer Usage and Securitymentioning

confidence: 99%

See 1 more Smart Citation

Impact of education on security practices in ICT

Bostan

2015

Teh. vjesn.

View full text Add to dashboard Cite

Original scientific paperIn assuring the security in information technology, user awareness and acquired-user habits are inevitable components, yet they may be qualified as the feeblest ones. As the information technology tries to put its best in providing maximum security, user awareness plays a key-role. Additionally, although the literature provides studies on approaches for teaching information security, there are not many evidences on the impact of education level. Therefore, this study investigates the impact of the education level on user security awareness in using the Information and Communication Technology (ICT) products. For this purpose, a survey was conducted among 433 citizens from different layers of the society. Interestingly, the results indicated that education level has significant impact on all security issues included in the analysis regarding computer usage, web usage and e-mail usage. Keywords: Education and ICT security awareness, Education and ICT usage, E-mail security, Computer security, Web security Utjecaj obrazovanja na sigurnosne mjere u ICTIzvorni znanstveni članak U provođenju sigurnosnih mjera u informatičkoj tehnologiji, svijest i stečene radne navike korisnika neizbježne su komponente. Ipak, može ih se označiti i kao najslabije. Premda informatička tehnologija nastoji činiti najviše što može da bi osigurala maksimum sigurnosti, svijest korisnika o tome je ključna. Uz to, iako se u literaturi mogu naći radovi koji se bave načinima podučavanja sigurnosti u informatici, nema ih mnogo koji razmatraju utjecaj stupnja obrazovanja. Stoga se u ovom radu ispituje utjecaj stupnja obrazovanja na to koliko su korisnici svjesni potrebe primjene zaštitnih mjera pri korištenju proizvoda informatičke i komunikacijske tehnologije (ICT). U tu je svrhu provedeno ispitivanje na grupi od 433 građana, pripadnika raznih društvenih slojeva. Zanimljivo je da su rezultati pokazali kako nivo obrazovanja značajno utječe na pitanja vezana uz provođenje zaštitnih mjera kad se radi o uporabi računala, internetske mreže i e-pošte.

show abstract

Section: Computer Usage and Securitycontrasting

confidence: 83%

Section: Computer Usage and Securitymentioning

confidence: 99%

Impact of education on security practices in ICT

Bostan

2015

Teh. vjesn.

View full text Add to dashboard Cite

show abstract

“…The literature on compliance distinguishes between two broad types of theory, namely rationalist and normative approaches [3,6,9,20,21,39,40,41]. These theories provide distinct insights into compliance-related behavior and underlying motivations of states, firms and individuals.…”

Section: The Nature Of Compliancementioning

confidence: 99%

“…This can take a variety of forms, such as pay raises, promotions, awards, bonuses, days off and paid vacations [41,45]. An example of penalties for individuals is creating social disincentives.…”

Section: Examples Of Tactics Used In Compliance Managementmentioning

confidence: 99%

“…An example of penalties for individuals is creating social disincentives. As these tend to be intangible, they might take the form of reprimands, 'naming and shaming', suspension, unfavorable mention in oral or written assessments and the consequent loss of reputation and status [9,11,41]. Providing performance feedback is a proven and inexpensive management tactic for improving employee behavior [45,46].…”

Section: Examples Of Tactics Used In Compliance Managementmentioning

confidence: 99%

See 1 more Smart Citation

A Framework for Organizational Compliance Management Tactics

Foorthuis

Bos

2011

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Abstract. Organizational compliance with laws, industrial standards, procedures and enterprise architectures has become a highly relevant topic for both practitioners and academics. However, both the fundamental insights into compliance as a concept and the tactics for bringing an organization into a compliant state have been described in a fragmented manner. Using literature from various disciplines, this paper presents two contributions. First, it describes the fundamental concepts regarding compliance. Second, it presents a framework in which the various tactics for achieving organizational compliance can be positioned.

show abstract

e ‐Commerce and Online Security

Hanus

Kim

2015

The International Encyclopedia of Digital Communication and Society

View full text Add to dashboard Cite

This article provides an overview of the components and entities involved in the formation of electronic commerce information security: buyers, sellers, third parties, and technology. It discusses key characteristics of each entity and the interactions between these entities from the perspective of potential information security issues. In addition, it presents a mixture of possible results of such interrelationships and their impact on the consequences of e‐commerce transactions. Finally, the emerging threats of mobile electronic commerce are discussed, followed by a suggested research model.

show abstract

Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness

Cited by 1,260 publications

References 83 publications

Impact of education on security practices in ICT

Impact of education on security practices in ICT

A Framework for Organizational Compliance Management Tactics

e ‐Commerce and Online Security

Contact Info

Product

Resources

About