What influences information security behavior? A study with brazilian users

• Autores: Rodrigo Hickmann Klein, Edimara Mezzomo Luciano
• Localización: JISTEM - Journal of Information Systems and Technology Management, ISSN-e 1807-1775, Vol. 13, Nº. 3, 2016, págs. 479-496
• Idioma: inglés
• Enlaces
  • Texto completo (pdf)
• Dialnet Métricas: 2 Citas
• Resumen

  • ABSTRACT The popularization of software to mitigate Information Security threats can produce an exaggerated notion about its full effectiveness in the elimination of any threat. This situation can result reckless users behavior, increasing vulnerability. Based on behavioral theories, a theoretical model and hypotheses were developed to understand the extent to which human perception of threat, control and disgruntlement can induce responsible behavior. A self-administered questionnaire was created and validated. The data were collected in Brazil, and complementary results regarding similar studies conducted in USA were found. The results show that there is an influence of information security orientations provided by organizations in the perception about severity of the threat. The relationship between threat, effort, control and disgruntlement, and the responsible behavior towards information security was verified through linear regression. The results also point out the significant influence of the analyzed construct on Safe Behavior. The contributions involve relatively new concepts in the field and a new research instrument as well. For the practitioners, this study highlights the importance of Perceived Severity and Perceived Susceptibility in the formulation of the content of Information Security awareness guidelines within organizations. Moreover, users' disgruntlement with the organization, colleagues or superiors is a factor to be considered in the awareness programs.