TY - JOUR
T1 - Security Awareness
T2 - The First Step in Information Security Compliance Behavior
AU - Hwang, Inho
AU - Wakefield, Robin
AU - Kim, Sanghyun
AU - Kim, Taeha
N1 - Publisher Copyright:
© 2019 International Association for Computer Information Systems.
PY - 2021
Y1 - 2021
N2 - In this study, we use the attentional phase of social learning theory to link workplace security-related experiences and observations to employees’ security awareness. The responses of 398 organizational employees serve to test our research model using structural equational modeling with AMOS 22.0. The results show security awareness arises from both explicit and subjective security experiences in the workplace. Our respondents indicate knowledge of a physical system has little, if any, effect on security awareness. However, security education, policy, visibility and managerial security participation are important for producing security awareness. Furthermore, managerial participation strengthens the links between organizational security efforts and security awareness. We discuss the implications of our study for future security compliance research and practice.
AB - In this study, we use the attentional phase of social learning theory to link workplace security-related experiences and observations to employees’ security awareness. The responses of 398 organizational employees serve to test our research model using structural equational modeling with AMOS 22.0. The results show security awareness arises from both explicit and subjective security experiences in the workplace. Our respondents indicate knowledge of a physical system has little, if any, effect on security awareness. However, security education, policy, visibility and managerial security participation are important for producing security awareness. Furthermore, managerial participation strengthens the links between organizational security efforts and security awareness. We discuss the implications of our study for future security compliance research and practice.
KW - awareness
KW - compliance intention
KW - information security
KW - management participation
KW - security policy
KW - security visibility
KW - social learning theory
KW - Word
UR - http://www.scopus.com/inward/record.url?scp=85070878569&partnerID=8YFLogxK
U2 - 10.1080/08874417.2019.1650676
DO - 10.1080/08874417.2019.1650676
M3 - Article
AN - SCOPUS:85070878569
SN - 0887-4417
VL - 61
SP - 345
EP - 356
JO - Journal of Computer Information Systems
JF - Journal of Computer Information Systems
IS - 4
ER -