Employee security behaviour: The importance of education and policies in organisational settings

Lena Y. Connolly; Michael Lang; Doug J. Tygar

doi:10.1007/978-3-319-74817-7_6

Employee security behaviour: The importance of education and policies in organisational settings

Lena Y. Connolly
, Michael Lang
, Doug J. Tygar

Business Information Systems

Research output: Chapter in Book or Conference Publication/Proceeding › Chapter › peer-review

9 Citations (Scopus)

Abstract

The growing number of information security breaches in organisations presents a serious risk to the confidentiality of personal and commercially sensitive data. Current research studies indicate that humans are the weakest link in the information security chain and the root cause of numerous security incidents in organisations. Based on literature gaps, this study investigates how procedural security countermeasures tend to affect employee security behaviour. Data for this study was collected in organisations located in the United States and Ireland. Results suggest that procedural security countermeasures are inclined to promote security-cautious behaviour, while their absence tends to lead to non-compliant behaviour.

Original language	English
Title of host publication	Lecture Notes in Information Systems and Organisation
Publisher	SPRINGER HEIDELBERG
Pages	79-96
Number of pages	18
DOIs	https://doi.org/10.1007/978-3-319-74817-7_6
Publication status	Published - 2018

Publication series

Name	Lecture Notes in Information Systems and Organisation
Volume	26
ISSN (Print)	2195-4968
ISSN (Electronic)	2195-4976

Keywords

Employee security behaviour
Information security policy
Procedural security countermeasures
Security education

Access to Document

10.1007/978-3-319-74817-7_6

Cite this

@inbook{5c86212111244ef093925293967ff8c4,

title = "Employee security behaviour: The importance of education and policies in organisational settings",

abstract = "The growing number of information security breaches in organisations presents a serious risk to the confidentiality of personal and commercially sensitive data. Current research studies indicate that humans are the weakest link in the information security chain and the root cause of numerous security incidents in organisations. Based on literature gaps, this study investigates how procedural security countermeasures tend to affect employee security behaviour. Data for this study was collected in organisations located in the United States and Ireland. Results suggest that procedural security countermeasures are inclined to promote security-cautious behaviour, while their absence tends to lead to non-compliant behaviour.",

keywords = "Employee security behaviour, Information security policy, Procedural security countermeasures, Security education",

author = "Connolly, \{Lena Y.\} and Michael Lang and Tygar, \{Doug J.\}",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG, part of Springer Nature 2018.",

year = "2018",

doi = "10.1007/978-3-319-74817-7\_6",

language = "English",

series = "Lecture Notes in Information Systems and Organisation",

publisher = "SPRINGER HEIDELBERG",

pages = "79--96",

booktitle = "Lecture Notes in Information Systems and Organisation",

}

Employee security behaviour: The importance of education and policies in organisational settings. / Connolly, Lena Y.; Lang, Michael; Tygar, Doug J.
Lecture Notes in Information Systems and Organisation. SPRINGER HEIDELBERG, 2018. p. 79-96 (Lecture Notes in Information Systems and Organisation; Vol. 26).

Research output: Chapter in Book or Conference Publication/Proceeding › Chapter › peer-review

TY - CHAP

T1 - Employee security behaviour

T2 - The importance of education and policies in organisational settings

AU - Connolly, Lena Y.

AU - Lang, Michael

AU - Tygar, Doug J.

N1 - Publisher Copyright: © Springer International Publishing AG, part of Springer Nature 2018.

PY - 2018

Y1 - 2018

N2 - The growing number of information security breaches in organisations presents a serious risk to the confidentiality of personal and commercially sensitive data. Current research studies indicate that humans are the weakest link in the information security chain and the root cause of numerous security incidents in organisations. Based on literature gaps, this study investigates how procedural security countermeasures tend to affect employee security behaviour. Data for this study was collected in organisations located in the United States and Ireland. Results suggest that procedural security countermeasures are inclined to promote security-cautious behaviour, while their absence tends to lead to non-compliant behaviour.

AB - The growing number of information security breaches in organisations presents a serious risk to the confidentiality of personal and commercially sensitive data. Current research studies indicate that humans are the weakest link in the information security chain and the root cause of numerous security incidents in organisations. Based on literature gaps, this study investigates how procedural security countermeasures tend to affect employee security behaviour. Data for this study was collected in organisations located in the United States and Ireland. Results suggest that procedural security countermeasures are inclined to promote security-cautious behaviour, while their absence tends to lead to non-compliant behaviour.

KW - Employee security behaviour

KW - Information security policy

KW - Procedural security countermeasures

KW - Security education

UR - https://www.scopus.com/pages/publications/85047987382

U2 - 10.1007/978-3-319-74817-7_6

DO - 10.1007/978-3-319-74817-7_6

M3 - Chapter

AN - SCOPUS:85047987382

T3 - Lecture Notes in Information Systems and Organisation

SP - 79

EP - 96

BT - Lecture Notes in Information Systems and Organisation

PB - SPRINGER HEIDELBERG

ER -

Employee security behaviour: The importance of education and policies in organisational settings

Abstract

Publication series

Keywords

Access to Document

Other files and links

Fingerprint

Cite this