Reducing Insider Computer Abuse: Influence of contextual events
Type
applied research project
Start Date
February 1, 2016
End Date
January 31, 2019
Status
ongoing
Keywords
Insider computer abuse
Health Belief Model
Warnings
organisational IT security
information security
Employee compliance
Description
Emotions, disgruntlement as result of organizational injustice and ignorance of warning communication, to the best of our knowledge, have not been yet addressed in the IS security literature. Indeed, numerous studies have focused on the security behavior of employees, but little attention has been paid to the phenomena which temporally precedes insider computer abuse. These contextual events represent an important area where new theoretical insights are needed to understand how we can influence the efficacy of deterrence safeguards and consequently, improve employee’s compliance.
Overall, this research proposal seeks to study the three contextual events (ignorance of warning communication, emotions, and disgruntlement), using theory-based methods, and measuring their effects on employee’s behavior.
Finally, based on theories of communication and persuasion, such as the Health Beliefs Model, or Equity and Appraisal Theories, this study proposes that employees who pay attention to contextual events may be more persuaded to behave securely which would reduce the insider computer abuse. Thus, this leads to our research questions:
RQ1. How different forms of employee computer abuse that result from different forms of injustice, will be equally deferrable?
RQ2. How is the insider computer abuse phenomenon influenced by strong emotions?
RQ3. Do emotions moderate the threat of sanctions created by IS security deterrent safeguards?
RQ4. How may warning message content, based on theory, affect adherence especially when users pay attention to the content of the warning message?
RQ5. What communication and persuasion triggers are positively associated with user’s intention to be compliant?
RQ6. How can warnings lead to a higher effectiveness of sanction threats when it comes to the progression, reduction in frequency and decrease in duration of the security incident.
RQ7. Which textual treatments are effective in eliciting user compliance?
RQ8. Which motivational cues affect individuals the most in their decision making process?
Overall, this research proposal seeks to study the three contextual events (ignorance of warning communication, emotions, and disgruntlement), using theory-based methods, and measuring their effects on employee’s behavior.
Finally, based on theories of communication and persuasion, such as the Health Beliefs Model, or Equity and Appraisal Theories, this study proposes that employees who pay attention to contextual events may be more persuaded to behave securely which would reduce the insider computer abuse. Thus, this leads to our research questions:
RQ1. How different forms of employee computer abuse that result from different forms of injustice, will be equally deferrable?
RQ2. How is the insider computer abuse phenomenon influenced by strong emotions?
RQ3. Do emotions moderate the threat of sanctions created by IS security deterrent safeguards?
RQ4. How may warning message content, based on theory, affect adherence especially when users pay attention to the content of the warning message?
RQ5. What communication and persuasion triggers are positively associated with user’s intention to be compliant?
RQ6. How can warnings lead to a higher effectiveness of sanction threats when it comes to the progression, reduction in frequency and decrease in duration of the security incident.
RQ7. Which textual treatments are effective in eliciting user compliance?
RQ8. Which motivational cues affect individuals the most in their decision making process?
Leader contributor(s)
Funder
Range
Institute/School
Range (De)
Institut/School
Division(s)
Eprints ID
247333
Funding code
2200381
results