The Assumptions and Profiles Behind IT Security Behavior

Among the major IT security challenges facing organizations is non-malicious employee behavior that nevertheless poses significant threats to an organization’s IT security. Using a grounded theory methodology, this paper finds that organizational security behaviors are inherently related to employee assumptions regarding the importance of IT security policy compliance and regarding the reason why IT security measures are implemented. Analyzing these assumptions uncovers four profiles of perspectives concerning IT security: the IT Security Indulgence, the IT Security Overindulgence, the IT Knows Best and the IT Security Disconnect profiles. These profiles are useful in understanding employee IT security behaviors and may help IT departments in developing more effective strategies designed to ensure policy compliance

An Adversarial Dance: Toward an Understanding of Insiders’ Responses to Organizational Information Security Measures

Despite the increased focus on organizational security policies and programs, some employees continue to engage in maladaptive responses to security measures (i.e., behaviors other than those recommended, intended, or prescribed). To help shed light on insiders’ adaptive and maladaptive responses to IS security measures, we conducted a case study of an organization at the forefront of security policy initiatives. Drawing on the beliefs-actions-outcomes (BAO) model to analyze our case data, we uncover a potentially nonvirtuous cycle consisting of security-related beliefs, actions, and outcomes, which we refer to as an “adversarial dance.” Explaining our results, we describe a novel belief framework that identifies four security belief profiles and uncovers an underexplored outcome of IS security: insiders’ lived security experiences. We find that individuals’ unfavorable lived security experiences produce counterproductive security-related beliefs that, in turn, lead to maladaptive behaviors. Maladaptive behaviors create new potential for security risk, leading to increased organizational security measures to counter them. Thus, the adversarial dance continues, as the new security measures have the potential to reinforce counterproductive security-related beliefs about the importance and risk of IS security and lead to new maladaptive behaviors. To help situate our findings within the current security literature, we integrate the results with prior research based on extant theories. While this paper is not the first to suggest that security measures can elicit maladaptive behaviors, the emergent belief framework and expanded BAO model of IS security constitute an important contribution to the behavioral IS security literature

Tablet Image: Visibility Feature Designs Increase Tablet Use

The functionality and performance of technology has consistently predicted technology use. However, there are other reasons related to social and psychological forces influencing technology use. This study investigates the social drivers of tablet technology use. In particular, the study focuses on the image associated with tablet technology and the influence of this image on Tablet Use. Using a survey of 157 tablet users, the study discovers that tablet image is a driving force behind the use of some of the functions in tablets. The results suggest that designing tablet functions that are socially visible to the public cognition may be an important reason behind tablet adoption and use, on the backdrop of a Tablet Image. The results have theoretical implications for IT adoption theories and practical implications for the design and upgrade of the next generations of tablets

The downsides of information systems security policy compliance efforts : toward a Theory of Unintended Reversed Security Action and Productivity (TURSAP).

Modern organizations face significant information security violations from inside the organizations to which they respond with various managerial techniques. It is widely believed in IS security literature that enforcing IS security policy compliance on employees through various means is the solution for security effectiveness. Nevertheless, this dissertation challenges that notion and advances a stream of research that suggests increasing security measures may lead to decrease in user productivity, increased user mistrust toward the IT department, increased user frustration, increased user technology avoidance, increased non-malicious volitional security violations and overall may lead to increased security risk, instead of decreasing it. This dissertation explores the how and why of these mechanisms and suggests what to do about this phenomenon. Following a grounded theory methodology, this dissertation develops the Theory of Unintended Reversed Security Action and Productivity (TURSAP), the first of its kind in exploring the downsides of IS security measures

IS Security Menace: When Security Creates Insecurity

Modern organizations face significant information security violations from inside the organizations to which they respond with various managerial techniques. It is widely believed in IS security literature that enforcing IS security policy compliance on employees through various means is the solution for security effectiveness. Nevertheless, this manuscript challenges that notion and advances a stream of research that suggests increasing security measures may lead to decrease in user productivity, increased user mistrust in the IT department, increased user frustration, increased user technology avoidance, increased non-malicious volitional security violations and overall may lead to increased security risk, instead of decreasing it. This manuscript explores the how and the why of these mechanisms and suggests what to do about this phenomenon. Following a grounded theory methodology, this study develops the theory of Information System Security Menace (TISSM), a process model that explores the downsides of IS security measures

The Impact of Ethical Leadership, Commitment and Healthy/Safe Workplace Practices toward Employee Attitude to COVID-19 Vaccination/Implantation in the Banking Sector in Lebanon

This study investigates the effect of ethical leadership, commitment and healthy/safe workplace practices toward employee COVID-19 vaccination. In addition, this study examines the perception of employees from technological intrusive vaccination of chips or quantum dot. In our research, we adopted the social exchange theory as its theoretical framework. Moreover, an online questionnaire was distributed to employees working in the banking sector in Lebanon during the COVID-19 pandemic. In total, 244 bankers completed the survey. Data was analyzed by SPSS statistical software version 26 and SmartPLS to test the relationship between the variables. The results generated showed a positive relationship between ethical leadership, commitment, and safety influencing employees to accept vaccination but not necessarily technological intrusive vaccination (chip or quantum dot). We suggest that organizations should influence leaders to enhance proper behaviors and attitudes to create a healthy, safe, and ethical culture that consequently increases employees’ commitment. Finally, this study recommends future researchers to investigate the topic of COVID-19 vaccination and test other employees’ perception from different industries and countries