User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach

John D'Arcy
John D'Arcy
[email protected]
Mendoza College of Business, University of Notre Dame, Notre Dame, Indiana 46556
Search for more papers by this author
,
Anat Hovav
Anat Hovav
[email protected]
Korea University Business School, Seoul 136-701 Korea
Search for more papers by this author
,
Dennis Galletta
Dennis Galletta
[email protected]
Katz Graduate School of Business, University of Pittsburgh, Pittsburgh, Pennsylvania 15260
Search for more papers by this author

John D'Arcy

[email protected]

Mendoza College of Business, University of Notre Dame, Notre Dame, Indiana 46556

Search for more papers by this author

Anat Hovav

[email protected]

Korea University Business School, Seoul 136-701 Korea

Search for more papers by this author

Dennis Galletta

[email protected]

Katz Graduate School of Business, University of Pittsburgh, Pittsburgh, Pennsylvania 15260

Search for more papers by this author

Published Online:1 Mar 2009https://doi.org/10.1287/isre.1070.0160

References

Ajzen I.Attitudes, Personality, and Behavior (1988) (Dorsey Press, Chicago) Google Scholar
Alder G. S., Noel T. W., Ambrose M. L. Clarifying the effects of Internet monitoring on job attitudes: The mediating role of employee trust. Inform. Management (2006) 43(7):894–903Crossref, Google Scholar
Alm J., McKee M. Audit certainty, audit productivity, and taxpayer compliance. National Tax J. (2006) 59(4):801–816Crossref, Google Scholar
AMA 2005 Electronic monitoring and surveillance survey. (2005) (American Management Association, New York) Google Scholar
Anderson J. C., Gerbing D. W. Structural equation modeling in practice: A review and recommended two-step approach. Psych. Bull. (1988) 103(3):411–423Crossref, Google Scholar
Armstrong J. S., Overton T. S. Estimating nonresponse bias in mail surveys. J. Marketing Res. (1977) 14):396–402Crossref, Google Scholar
Bachman R., Paternoster R., Ward S. The rationality of sexual offending: Testing a deterrence/rational choice conception of sexual assault. Law Soc. Rev. (1992) 26(2):343–372Crossref, Google Scholar
Banerjee D., Cronan T. P., Jones T. W. Modeling IT ethics: A study in situational ethics. MIS Quart. (1998) 22(1):31–60Crossref, Google Scholar
Baskerville R., Siponen M. An information security meta-policy for emergent organizations. Logist. Inform. Management (2002) 15(5/6):337–346Crossref, Google Scholar
Berinato S. The global state of information security 2005. CIO Magazine (2005) 15(September):60–72Google Scholar
BSA Second annual BSA and IDC global software piracy study. (2005) (Business Software Alliance, Washington, D.C.) Google Scholar
Carnes G. A., Englebrecht T. D. An investigation of the effect of detection risk perceptions, penalty sanctions, and income visibility on tax compliance. J. Amer. Taxation Assoc. (1995) 17(1):26–41Google Scholar
Chin W., Marcoulides G. A. The partial least squares approach to structural equation modeling. Modern Methods For Business Research (1998) (Lawrence Erlbaum Associates, Mahwah, NJ) 295–336Google Scholar
Chin W., Marcolin B. L., Newsted P. R. A partial least squares latent variable modeling approach for measuring interaction effects: Results from a Monte Carlo simulation study and an electronic mail emotion/adoption study. Inform. Systems Res. (2003) 14(2):189–217Link, Google Scholar
Christensen A., Eining M. M. Instructional case: Software piracy—Who does it impact? Issues Accounting Ed. (1994) 9(1):151–159Google Scholar
Cole C. A. Deterrence and consumer fraud. J. Retailing (1989) 65(1):107–120Google Scholar
Compeau D. R., Higgins C. A. Computer self-efficacy: Development of a measure and initial test. MIS Quart. (1995) 19(2):189–211Crossref, Google Scholar
DeloitteGlobal Security Survey (2005) (New York)Google Scholar
Dhillon G. Managing and controlling computer misuse. Inform. Management Comput. Security (1999) 7(4):171–175Crossref, Google Scholar
Diamantopoulos A., Winklhofer H. M. Index construction with formative indicators: An alternative to scale development. J. Marketing Res. (2001) 38):269–277Crossref, Google Scholar
Dubin J. A., Graetz M. J., Wilde L. L. The effect of audit rates on the federal individual income tax, 1977–1986. National Tax J. (1990) 43(4):395–409Google Scholar
Ernst and YoungGlobal Information Security Survey (2003) (New York)Google Scholar
Falk R. F., Miller N. B.A Primer for Soft Modeling (1992) (University of Akron Press, Akron, OH) Google Scholar
Ferguson M., Sheehan M., Davey J., Watson B.Drink Driving Rehabilitation: The Present Context—A Road Safety Research Report (1999) (Centre for Accident Research and Road Safety, Brisbane, Australia) . Available online at: http://www.atsb.gov.au/publications/1999/pdf/Alc_Rehab_2.pdfGoogle Scholar
Finch J. The vignette technique in survey research. Sociology (1987) 21(1):105–114Crossref, Google Scholar
Finch J. H., Furnell S. M., Dowland P. S. Assessing IT security culture: System administrator and end-user. Proc. ISOneWorld Conf. (2003) Las Vegas, NV:16–20Google Scholar
Foltz C. B. The impact of deterrent countermeasures upon individual intent to commit misuse: A behavioral approach. (2000) . Unpublished doctoral dissertation, University of Arkansas, FayettevilleGoogle Scholar
Forcht K. A.Computer Security Management (1994) (Boyd & Fraser, Danvers, MA) Google Scholar
Fornell C., Larcker D. F. Evaluating structural equation models with unobservable variables and measurement error. J. Marketing Res. (1981) 18(1):39–50Crossref, Google Scholar
Forrester ResearchThe State of Data Security in North America (2007) (Cambridge, MA)Google Scholar
Fotiva, Inc. Risky business: New survey shows almost 70 percent of e-mail-using employees have sent or received e-mail that may pose a threat to businesses. (2005) . Available online at: http://www.harrisinteractive.com/news/newsletters/clientnews/Fortiva2005.pdfGoogle Scholar
Freeman J., Watson B. An application of Stafford and Warr's reconceptualisation of deterrence to a group of recidivist drink drivers. Accident Anal. Prevention (2006) 38):462–471Crossref, Google Scholar
Furnell S. M., Gennatou M., Dowland P. S. A prototype tool for information security awareness and training. Logist. Inform. Management (2002) 15(5/6):352–357Crossref, Google Scholar
Furnell S. M., Dowland P. S., Illingworth H. M., Reynolds P. L. Authentication and supervision: A survey of user attitudes. Comput. Security (2000) 19(6):529–539Crossref, Google Scholar
Gaston S. J.Information Security: Strategies for Successful Management (1996) (CICA Publishing, Toronto) Google Scholar
Gattiker U. E., Kelley H. Morality and computers: Attitudes and differences in moral judgments. Inform. Systems Res. (1999) 10(3):233–254Link, Google Scholar
Gefen D., Straub D. A practical guide to factorial validity using PLS-graph: Tutorial and annotated example. Comm. AIS (2005) 16(5):91–109Google Scholar
George J. F. Computer-based monitoring: Common perceptions and empirical results. MIS Quart. (1996) 20(4):459–480Crossref, Google Scholar
Gibbs J. P.Crime, Punishment, and Deterrence (1975) (Elsevier, New York) Google Scholar
Glenn D., Browne G. J., Wetherbe J. C. Why do Internet users stick with a specific web site? A relationship perspective. Internat. J. Electronic Commerce (2006) 10(4):105–141Crossref, Google Scholar
Gopal R. D., Sanders G. L. Preventative and deterrent controls for software piracy. J. Management Inform. Systems (1997) 13(4):29–47Crossref, Google Scholar
Grasmick H. G., Bryjak G. J. The deterrent effect of perceived severity of punishment. Soc. Forces (1980) 59(2):471–491Crossref, Google Scholar
Grasmick H. G., Green D. E. Deterrence and the morally committed. Sociol. Quart. (1981) 22):1–14Crossref, Google Scholar
Hair J. F., Anderson R. E., Tatham R. L., Black W. C.Multivariate Data Analysis (1998) (Prentice Hall, Englewood Cliffs, NJ) Google Scholar
Hansche S. Designing a security awareness program: Part 1. Inform. Systems Security (2001) 9(6):14–22Crossref, Google Scholar
Harrington S. J. The effect of codes of ethics and personal denial of responsibility on computer abuse judgments and intentions. MIS Quart. (1996) 20(3):257–278Crossref, Google Scholar
Hoffer J. A., Straub D. W. The 9 to 5 underground: Are you policing computer crimes? Sloan Management Rev. (1989) 30(4):35–43Google Scholar
Hollinger R. C., Clark J. P. Deterrence in the workplace: Perceived certainty, perceived severity, and employee theft. Soc. Forces (1983) 62(2):398–418Crossref, Google Scholar
InformationWeek U.S. Information Security Research Report 2005. (2005) . United Business Media, LondonGoogle Scholar
Jarvis C. B., Mackenzie P. M., Podsakoff P. M. A critical review of construct indicators and measurement model misspecification in marketing and consumer research. J. Consumer Res. (2003) 30(2):199–218Crossref, Google Scholar
Kankanhalli A., Teo H.-H., Tan B. C. Y., Wei K.-K. An integrative study of information systems security effectiveness. Internat. J. Inform. Management (2003) 23(2):139–154Crossref, Google Scholar
Keil M., Tan B., Wei K. K., Saarinen V., Tuunainen V., Wassenaar A. A cross-cultural study of escalation of commitment in software projects. MIS Quart. (2000) 24(2):299–325Crossref, Google Scholar
Kerlinger F. N.Foundations of Behavioral Research (1986) 3rd ed.(Holt, Rinehart & Winston, New York) Google Scholar
Kinsey K. A., Slemrod J. Deterrence and alienation effects of IRS enforcement: An analysis of survey data. Why People Pay Taxes (1992) (University of Michigan Press, Ann Arbor) 259–285Google Scholar
Klepper S., Nagin D. The deterrent effect of perceived certainty and severity of punishment revisited. Criminology (1989) 27(4):721–746Crossref, Google Scholar
Kohlberg L., Lickona T. Moral stages and moralization: The cognitive-developmental approach. Moral Development and Behavior (1976) (Holt, Rinehart, and Winston, New York) 31–53Google Scholar
Lee J., Lee Y. A holistic model of computer abuse within organizations. Inform. Management Comput. Security (2002) 10(2):57–63Crossref, Google Scholar
Lee S. M., Lee S.-G., Yoo S. An integrative model of computer abuse based on social control and general deterrence theories. Inform. Management (2004) 41(6):707–718Crossref, Google Scholar
Leonard L. N. K., Cronan T. P. Illegal, inappropriate, and unethical behavior in an information technology context: A study to explain influences. J. Assoc. Inform. Systems (2001) 1(12):1–31Google Scholar
Leonard L. N. K., Cronan T. P., Kreie J. What influences IT ethical behavior intentions—Planned behavior, reasoned action, perceived importance, individual characteristics? Inform. Management (2004) 42(1):143–158Crossref, Google Scholar
Lin T.-C., Hsu M.-H., Kuo F.-Y., Sun P.-C. An intention model-based study of software piracy. Proc. 32nd Hawaii Internat. Conf. System Sci. (1999) (IEEE Computer Society, Maui, HI) Google Scholar
Lindell M. K., Whitney D. J. Accounting for common method variance in cross-sectional research designs. J. Appl. Psych. (2001) 86(1):114–121Crossref, Google Scholar
Loch K. D., Straub D., Kamel S. Diffusing the Internet in the Arab world: The role of social norms and techological culturation. IEEE Trans. Engrg. Management (2003) 50(1):45–63Crossref, Google Scholar
MacCoun R. J. Drugs and the law: A psychological analysis of drug prohibition. Psych. Bull. (1993) 113(3):497–512Crossref, Google Scholar
MacMath B., Prentice-Dunn S. Protection motivation theory and skin cancer risk: The role of individual differences in response to persuasive appeals. J. Appl. Soc. Psych. (2005) 35(3):621–643Crossref, Google Scholar
Magklaras G. B., Furnell S. M. Insider threat prediction tool: Evaluating the probability of IT misuse. Comput. Security (2002) 21(1):62–73Crossref, Google Scholar
Malhotra N. K., Kim S. S., Patil A. Common method variance in IS research: A comparison of alternative approaches and a reanalysis of past research. Management Sci. (2006) 52(12):1865–1883Link, Google Scholar
Mason R. Four ethical issues of the information age. MIS Quart. (1986) 10(1):4–12Crossref, Google Scholar
McNees M. P., Egli D. S., Marshall R. S., Schnelle J. F., Risley T. R. Shoplifting prevention: Providing information through signs. J. Appl. Behav. Anal. (1976) 9(4):399–405Crossref, Google Scholar
Nagin D. S., Pogarsky G. Integrating celerity, impulsivity, and extralegal sanction threats into a model of general deterrence and evidence. Criminology (2001) 39(4):865–891Crossref, Google Scholar
Nienstedt B. C. Testing deterrence: The effects of a DWI law and publicity campaigns. (1985) . Unpublished doctoral dissertation, Arizona State University, TempeGoogle Scholar
Panko R. R., Beh H. G. Monitoring for pornography and sexual harassment. Comm. ACM (2002) 45(1):84–87Crossref, Google Scholar
Paradice D. B. Ethical attitudes of entry-level MIS personnel. Inform. Management (1990) 18(3):143–151Crossref, Google Scholar
Parker D. B.Fighting Computer Crime (1998) (John Wiley & Sons, New York) Google Scholar
Paternoster R. The deterrent effect of the perceived certainty and severity of punishment: A review of the evidence and issues. Justice Quart. (1987) 4(2):173–217Crossref, Google Scholar
Paternoster R. Decision to participate in and desist from four types of common delinquency: Deterrence and the rational choice perspective. Law Soc. Rev. (1989) 23(1):7–40Crossref, Google Scholar
Patnayakuni R., Rai A., Seth N. Relational antecedents of information flow integration for supply chain coordination. J. Management Inform. Systems (2006) 23(1):13–49Crossref, Google Scholar
Peace A. G., Galletta D. F., Thong J. Y. L. Software piracy in the workplace: A model and empirical test. J. Management Inform. Systems (2003) 20(1):153–177Crossref, Google Scholar
Pechmann C., Zhao G., Goldberg M., Reibling E. What to convey in antismoking advertisements for adolescents: The use of protection motivation theory to identify effective message themes. J. Marketing (2003) 67(2):1–18Crossref, Google Scholar
Peltier T. R. Implementing an information security awareness program. Inform. Systems Security (2005) 14(2):37–49Crossref, Google Scholar
Pierce M. A., Henry J. W. Judgments about computer ethics: Do individual, co-worker, and company judgments differ? J. Bus. Ethics (2000) 28(4):307–322Crossref, Google Scholar
Podsakoff P. M., Mackenzie S. B., Lee J. Y., Podsakoff N. P. Common method biases in behavioral research: A critical review of the literature and recommended remedies. J. Appl. Psych. (2003) 88(5):879–903Crossref, Google Scholar
Quazi M. M. Effective drug-free workplace plan uses worker testing as a deterrent. Occupational Health Safety (1993) 62(6):26–31Google Scholar
Richardson R.CSI/FBI Computer Crime and Security Survey (2007) (Computer Security Institute, San Francisco) Google Scholar
Rogers R., Cacioppo J., Petty R. Cognitive and physiological processes in fear-based attitude change: A revised theory of protection motivation. Social Psychophysiology: A Sourcebook (1983) (Guilford, New York) 153–176Google Scholar
Sacco V. F. Shoplifting prevention: The role of communication-based intervention strategies. Canadian J. Criminology (1985) 27(1):15–29Google Scholar
Silberman M. Toward a theory of criminal deterrence. Amer. Sociol. Rev. (1976) 41(3):442–461Crossref, Google Scholar
Skinner W. F., Fream A. M. A social learning theory analysis of computer crime among college students. J. Res. Crime Delinquency (1997) 34(4):495–518Crossref, Google Scholar
Spitzmuller C., Stanton J. M. Examining employee compliance with organizational surveillance and monitoring. J. Occupational Organ. Psych. (2006) 79):245–272Crossref, Google Scholar
Standage T. The weakest link. Economist (2002) 365(8296):11–16Google Scholar
Stanton J. M., Weiss E. M. Electronic monitoring in their own words: An exploratory study of employees' experiences with new types of surveillance. Comput. Human Behav. (2000) 16(4):423–440Crossref, Google Scholar
Stanton J. M., Stam K. R., Mastrangelo P. R., Jolton J. An analysis of end user security behaviors. Comput. Security (2005) 24(2):124–133Crossref, Google Scholar
Straub D. W. Effective IS security: An empirical study. Inform. Systems Res. (1990) 1(3):255–276Link, Google Scholar
Straub D. W., Nance W. D. Discovering and disciplining computer abuse in organizations: A field study. MIS Quart. (1990) 14(1):45–60Crossref, Google Scholar
Straub D. W., Welke R. J. Coping with systems risk: Security planning models for management decision making. MIS Quart. (1998) 22(4):441–469Crossref, Google Scholar
Strelan P., Boeckmann R. J. Why drug testing in elite sport does not work: Perceptual deterrence theory and the role of personal moral beliefs. J. Appl. Soc. Psych. (2006) 36(12):2909–2934Crossref, Google Scholar
Theoharidou M., Kokolakis S., Karyda M., Kiountouzis E. The insider threat to information systems and the effectiveness of ISO17799. Comput. Security (2005) 24(6):472–484Crossref, Google Scholar
Tittle C. R.Sanctions and Social Deviance: The Question of Deterrence (1980) (Praeger, New York) Google Scholar
United Nations Conference on Trade and Development, Information Economy Report. (2005) Geneva, Switzerland http://www.unctad.org/en/docs/sdteecb20051overview_en.pdfGoogle Scholar
Urbaczewski A., Jessup L. M. Does electronic monitoring of employee Internet usage work? Comm. ACM (2002) 45(1):80–83Crossref, Google Scholar
Verespej M. A. Inappropriate Internet surfing. Indust. Week (2000) 29(3):59–64Google Scholar
von Hirsch A., Bottoms A. E., Burney E., Wikstrom P. O.Criminal Deterrence and Sentence Severity: An Analysis of Recent Research (1999) (Oxford Publishing, Oxford, UK) Google Scholar
von Solms R., von Solms B. From policies to culture. Comput. Security (2004) 23(4):275–279Crossref, Google Scholar
Wentzel M. The social side of sanctions: Personal and social norms as moderators of deterrence. Law Human Behav. (2004) 28(5):547–567Crossref, Google Scholar
Whitman M. E. Enemy at the gate: Threats to information security. Comm. ACM (2003) 46(8):91–95Crossref, Google Scholar
Whitman M. E. In defense of the realm: Understanding the threats to information security. Internat. J. Inform. Management (2004) 24(1):43–57Crossref, Google Scholar
Whitman M. E., Mattord H.Principles of Information Security (2005) (Course Technology, Boston) Google Scholar
Whitman M. E., Townsend A. M., Alberts R. J., Khosrowpour M. Information systems security and the need for policy. Information Security Management: Global Challenges in the New Millennium (2001) (Idea Group Publishing, Hershey, PA) 9–18Crossref, Google Scholar
Wiant T. L. Policy and its impact on medical record security. (2003) . Unpublished doctoral dissertation, University of Kentucky, LexingtonGoogle Scholar
Witte D., Woodbury D. The effect of tax laws and tax administration on tax compliance: The case of the U.S. individual income tax. National Tax J. (1985) 38(1):1–13Google Scholar
Workman M., Gathegi J. Punishment and ethics deterrents: A study of insider security contravention. J. Amer. Soc. Inform. Sci. Tech. (2007) 58(2):212–222Crossref, Google Scholar
Wybo M. D., Straub D. W. Protecting organizational information resources. Inform. Resources Management J. (1989) 2(4):1–15Crossref, Google Scholar

Cited by
- Trust to threat: the dynamics of insider risk in network security ecosystems
  13 May 2026 | Security Journal, Vol. 39, No. 1
- The power of persuasive messaging on improving password-change behavior in university information systems: Evidence from a large-scale field experiment
  Computers & Security, Vol. 169
- Defensive cybersecurity behavior in hospitals: The role of leadership, human-centric capabilities, and compliance
  Computers & Security, Vol. 169
- Psychological drivers of compliance intention–The roles of professionals’ motivational profiles and personality traits in following information systems security policies at work
  Computers & Security, Vol. 168
- An integrated framework for information security risk management: A mixed-methods systematic literature review
  Computers & Security, Vol. 168
- Behavioral trajectories of phishing victims on Ethereum: Evidence of escalation and adaptive scam strategies
  Decision Support Systems, Vol. 207
- Leadership styles and information security policy compliance intentions: the mediating role of psychological empowerment
  2 June 2026 | Information & Computer Security, Vol. 26
- Lost at the cyber-crossing? Understanding individuals’ internet security threat ambivalence and its impact on threat avoidance and approach behavior
  Information & Management, Vol. 63, No. 4
- Is cybersecurity outsourcing always effective? Strategic organisational insights and knowledge in the era of digitalisation
  Journal of Innovation & Knowledge, Vol. 14
- Whistleblowing Costs and ISP Violation Reporting Intentions
  25 May 2026 | Journal of Computer Information Systems, Vol. 11
- Promotion Complexity and Consumer Confusion: Evidence of the Dark Side of Online Sales Events
  29 March 2026 | International Journal of Consumer Studies, Vol. 50, No. 3
- Know your scientist: KYC as biosecurity infrastructure
  29 April 2026 | Frontiers in Microbiology, Vol. 17
- Towards a model for understanding failures in health data protection: a mixed-methods study
  4 September 2025 | Behaviour & Information Technology, Vol. 45, No. 7
- Managing intellectual property leakage in the digital era: An integrated process model
  International Journal of Information Management, Vol. 87
- Cybersecurity Risks and Mitigation Strategies in Digital Transformation of Travel Agencies
- Cybersecurity, Privacy and Ethics in Smart Travel
- Impact of Information security policy compliance on protecting patient privacy: mediating role of SETA program
  6 August 2025 | Information Security Journal: A Global Perspective, Vol. 35, No. 2
- Non-technical determinants of information security policy compliance: An integrated PMT-TPB model with psychological ownership, trust, and social influence
  Computers in Human Behavior Reports, Vol. 21
- Examining business students’ intentions to misuse ChatGPT through the lens of deterrence and neutralisation theories
  3 July 2025 | Behaviour & Information Technology, Vol. 45, No. 4
- Data Donations: Data Disclosure for the Common Good
  12 February 2026 | Business & Information Systems Engineering, Vol. 58
- Protecting data intangibly: How does control culture influence data breach risks?
  16 September 2025 | Decision Sciences, Vol. 57, No. 1
- Industry sector matters: mapping industry-specific cyber vulnerabilities through rational choice theory analysis
  14 January 2026 | Information & Computer Security, Vol. 94
- Integrating Cybersecurity into Accounting Systems: Evidence from Portuguese SMEs
  2 January 2026
- An Interdisciplinary Approach to Tackling the Field of Human Factors in the Cybersecurity of Financial Organizations: Concepts, Strategies and Recommendations
  1 April 2026
- Boosting employee information security compliance: the contingent roles of task–technology and person–organization fits
  24 April 2025 | Humanities and Social Sciences Communications, Vol. 12, No. 1
- Artificial Intelligence-Driven User Interaction with Smart Homes: Architecture Proposal and Case Study
  6 December 2025 | Energies, Vol. 18, No. 24
- Exploring the Drivers of Content Entrepreneurs’ Compliance with Generative AI Policies: A Mixed-Methods Approach
  13 October 2025 | Journal of Theoretical and Applied Electronic Commerce Research, Vol. 20, No. 4
- Internal audit and cybersecurity : an empirical analysis of Moroccan firms listed on the Casablanca stock exchange
- Unpacking the complexities of health record misuse: insights from Australian health services
  2 July 2024 | Information Technology & People, Vol. 38, No. 5
- A structured review of insider cybersecurity behaviour studies
  4 September 2025 | Information Security Journal: A Global Perspective, Vol. 34, No. 6
- Dataveillance Duality: Navigating Employee Accountability and Privacy Concerns in the Digital Age
  25 September 2025 | Journal of Information Systems, Vol. 39, No. 3
- Beyond the direct impact of sanctions and subjective norms in cybersecurity
  24 June 2025 | Information & Computer Security, Vol. 33, No. 5
- Toward Artificial Intelligence Compliance: Impacts and Mechanisms of Performance Feedback
  Shaobo Wei,
  Yuanyuan Zhang,
  John Qi Dong
  18 August 2025 | Information Systems Research, Vol. 0, No. 0
- Bridging Policy and Practice: Integrated Model for Investigating Behavioral Influences on Information Security Policy Compliance
  27 July 2025 | Systems, Vol. 13, No. 8
- Dual Routes of Training on Information Security Policy Compliance
  5 January 2024 | Journal of Computer Information Systems, Vol. 65, No. 4
- A field experiment on ISP training designs for enhancing employee information security compliance
  3 June 2024 | European Journal of Information Systems, Vol. 34, No. 4
- Achieving strategic alignment between business and information technology with information technology governance: the role of commitment to principles and Top Leadership Support
  4 September 2024 | European Journal of Information Systems, Vol. 34, No. 4
- From cyber benign to cyber malicious: unveiling the evolution of insider cyber maliciousness from a stage theory perspective
  7 October 2024 | European Journal of Information Systems, Vol. 34, No. 4
- Risk of Cyberattacks Arising from Strategic Alliances with Big Tech
  24 August 2025 | Journal of Management Information Systems, Vol. 42, No. 3
- Motivating innovative energy-saving behavior among factory workers: The role of enterprise climates and rewards
  Energy, Vol. 326
- Testing a comprehensive model of employee IS misuse in a developing economy context
  21 April 2025 | Journal of Knowledge Management, Vol. 29, No. 6
- Le nuage cache-t-il les coûts informatiques ? Les coûts cachés du shadow IT de type cloud
  Systèmes d'information & management, Vol. Volume 30, No. 1
- Addressing organisational, individual and technological aspects and challenges in information security management: applying a framework in workplace and teleworking
  11 June 2025 | Organizational Cybersecurity Journal: Practice, Process and People, Vol. 20
- The role of collectivism, power distance, and neutralization techniques on deviant information security behavior
  Technology in Society, Vol. 81
- Social Norm Awareness and Norm Compliance in Online Games
  1 June 2025 | MIS Quarterly, Vol. 49, No. 2
- Regulating Information and Network Security: Review and Challenges
  24 January 2025 | ACM Computing Surveys, Vol. 57, No. 5
- Intrinsic Motivation and ISP Compliance: A Factor Analytic Study in Remote Work Using Self-Determination Theory
- The Impact of Perceived Competence on ISP Compliance in Flexible Work Settings: Strengthening Employee Security Behavior
- Transforming threats into opportunities: The role of human factors in enhancing cybersecurity
  Journal of Innovation & Knowledge, Vol. 10, No. 3
- Expressing opinions about information security in an organization: the spiral of silence theory perspective
  23 July 2024 | Information & Computer Security, Vol. 33, No. 2
- Comparing experts’ and users’ perspectives on the use of password workarounds and the risk of data breaches
  16 July 2024 | Information & Computer Security, Vol. 33, No. 2
- Beyond Deterrence: A Systematic Review of the Role of Autonomous Motivation in Organizational Security Behavior Studies
  25 April 2025
- Understanding physicians' noncompliance use of AI-aided diagnosis—A mixed-methods approach
  Decision Support Systems, Vol. 191
- Cultural drivers behind employees neutralizing deviant information systems security behaviors
  10 February 2025 | Journal of Knowledge Management, Vol. 29, No. 4
- The effect of blockability affordance on confrontation against cyberbullying on social networking sites: theoretical and methodological implications
  27 August 2024 | Internet Research, Vol. 35, No. 2
- Cyberattack, cyber risk mitigation capabilities, and firm productivity in Kenya
  5 July 2024 | Small Business Economics, Vol. 64, No. 3
- Reconsidering neutralization techniques in behavioral cybersecurity as cybersecurity hygiene discounting
  Computers & Security, Vol. 150
- The thrust and drag forces affecting norm violation in live streaming eCommerce
  Electronic Commerce Research and Applications, Vol. 70
- Promoting employees’ information security vigilance by enhancing awareness: the roles of organizational climate and deterrence measures
  6 January 2025 | Security Journal, Vol. 38, No. 1
- Interplay of rationality and morality in using ChatGPT for academic misconduct
  29 February 2024 | Behaviour & Information Technology, Vol. 44, No. 3
- Information security policy effectiveness: a managerial perspective of the financial industry in Vietnam
  30 April 2024 | Information & Computer Security, Vol. 33, No. 1
- Consumer perceptions of personal cyber awareness, knowledge, and risk
  1 December 2025 | Journal of Cybersecurity, Vol. 11, No. 1
- From awareness to behaviour: understanding cybersecurity compliance in Vietnam
  7 May 2024 | International Journal of Organizational Analysis, Vol. 33, No. 1
- Information Security Policy Compliance
  10 May 2025
- End-User Compliance with Information Security Policy Framework for Government Departments in South Africa
  13 March 2025
- Bring Your Own Device
  30 March 2025
- Theoretical Framework and Hypotheses Development
  30 March 2025
- Research Methodology
  30 March 2025
- Results and Discussion
  30 March 2025
- The Artificial Intelligence Revolution: Will Your Policy Leave Your Employees Behind?
  28 July 2025
- A phishing attack awareness framework for a South African University of Technology
  15 July 2025 | South African journal of information management, Vol. 27, No. 1
- Factors Affecting Information Security Awareness Among Generation Z: Evidence From India
- Exploring Contrasting Effects of Trust in Organizational Security Practices and Protective Structures on Employees’ Security-Related Precaution Taking
  Malte Greulich; ,
  Sebastian Lins; ,
  Daniel Pienta; ,
  Jason Bennett Thatcher; ; ,
  Ali Sunyaev;
  8 January 2024 | Information Systems Research, Vol. 35, No. 4
- Exploring the factors influencing information security policy compliance and violations: A systematic literature review
  Computers & Security, Vol. 147
- Data protection and information security in biomedical research: A sequential explanatory mixed study
  International Journal of Medical Informatics, Vol. 192
- The whole of cyber defense: Syncing practice and theory
  The Journal of Strategic Information Systems, Vol. 33, No. 4
- Adoption of Information Security Strategies by Small and Medium- Sized in the City of Mbombela
- Unraveling influential factors shaping employee cybersecurity behaviors: an empirical investigation of public servants in Vietnam
  6 June 2024 | Journal of Asia Business Studies, Vol. 18, No. 6
- Park smart or face the music: Understanding users’ orderly parking behavior of dockless shared bikes from the perspective of deterrence theory
  Transportation Research Part F: Traffic Psychology and Behaviour, Vol. 107
- An Empirical Comparison of Malicious Insiders and Benign Insiders
  11 September 2023 | Journal of Computer Information Systems, Vol. 64, No. 6
- Examining formation and alleviation of information security fatigue by using job demands–resources theory
  17 April 2024 | Information Systems Journal, Vol. 34, No. 6
- Financial information security behavior in online banking
  5 January 2023 | Information Development, Vol. 40, No. 4
- How About Enhancing Organizational Security
  Journal of Global Information Management, Vol. 32, No. 1
- Employees as a Source of Security Issues in Times of Change and Stress: A Longitudinal Examination of Employees’ Security Violations during the COVID-19 Pandemic
  28 October 2023 | Journal of Business and Psychology, Vol. 39, No. 5
- Synthesizing Information Security Policy Compliance And Non-compliance: A Comprehensive Study And Unified Framework
  24 July 2024 | Journal of Organizational Computing and Electronic Commerce, Vol. 34, No. 4
- Using the theory of interpersonal behaviour to explain employees’ cybercrime preventative behaviour during the pandemic
  3 April 2024 | Information & Computer Security, Vol. 32, No. 4
- Employee behavior: the psychological gateway for cyberattacks
  30 May 2024 | Organizational Cybersecurity Journal: Practice, Process and People, Vol. 4, No. 1
- Employees are not the weakest link: an occupational safety view of information security
  21 June 2024 | Organizational Cybersecurity Journal: Practice, Process and People, Vol. 4, No. 1
- The relationship between the dark triad personality and cybersecurity
  12 September 2024
- Understanding employees' responses to information security management practices: a person-environment fit perspective
  19 October 2023 | Behaviour & Information Technology, Vol. 43, No. 12
- Predicting Compliance of Security Policies: Norms and Sanctions
  7 August 2023 | Journal of Computer Information Systems, Vol. 64, No. 5
- The Impacts of Internet Monitoring on Employees’ Cyberloafing and Organizational Citizenship Behavior: A Longitudinal Field Quasi-Experiment
  Hemin Jiang,
  Mikko Siponen,
  Zhenhui (Jack) Jiang,
  Aggeliki Tsohou
  11 October 2023 | Information Systems Research, Vol. 35, No. 3
- Reducing fraud in organizations through information security policy compliance: An information security controls perspective
  Computers & Security, Vol. 144
- Cyberbullying perpetration on social media: A situational action perspective
  Information & Management, Vol. 61, No. 6
- Bureaucracies in information securing: Transitioning from iron cages to iron shields
  Information and Organization, Vol. 34, No. 3
- How external monitoring can mitigate cyberloafing: understanding the mediating and moderating roles of employees’ self-control
  28 August 2023 | Behaviour & Information Technology, Vol. 43, No. 11
- How should regulatory schemes be optimized to enhance deterrence against medical insurance fraud by enrollees? Evidence from a discrete choice experiment in China
  Social Science & Medicine, Vol. 354
- Information Security Research in the Information Systems Discipline: A Thematic Review and Future Research Directions
  31 July 2024 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 55, No. 3
- Information Security Awareness in the Insurance Sector: Cognitive and Internal Factors and Combined Recommendations
  21 August 2024 | Information, Vol. 15, No. 8
- Towards a cybercontextual transmission model for online scamming
  8 May 2023 | European Journal of Information Systems, Vol. 33, No. 4
- Use of Body Worn Camera (BWC) In Gray Scenarios: a Law Enforcement Officers’ Perspective
  15 May 2023 | European Journal of Information Systems, Vol. 33, No. 4
- Driving behaviour change with cybersecurity awareness
  Computers & Security, Vol. 142
- The defining features of a robust information security climate
  Computers & Security, Vol. 142
- Fostering information security compliance as organizational citizenship behavior
  Information & Management, Vol. 61, No. 5
- The antecedents of employees' proactive information security behaviour: The perspective of proactive motivation
  22 November 2023 | Information Systems Journal, Vol. 34, No. 4
- Integrating IoT security and sustainable energy solutions for enhanced reliability in autism-friendly schools
  20 November 2024 | STUDIES IN ENGINEERING AND EXACT SCIENCES, Vol. 5, No. 2
- Awareness and Compliance of Information Security Policy in Libyan Organizations
  14 June 2024 | مجلة العلوم والدراسات الإنسانية - كلية الآداب والعلوم – المرج, No. 76
- The behavioral contagion effect of tourists’ risk decision-making
  Journal of Hospitality and Tourism Management, Vol. 59
- Informational inequality: the role of resources and attributes in information security awareness
  9 November 2023 | Information & Computer Security, Vol. 32, No. 2
- Fostering information security policies compliance with ISA-95-based framework: an empirical study of oil and gas employees
  8 December 2023 | International Journal of Information Security, Vol. 23, No. 2
- To alert or alleviate? A natural experiment on the effect of anti-phishing laws on corporate IT and security investments
  Decision Support Systems, Vol. 179
- Understanding employees' perceptions of SETA events: the role of pedagogical and communication approaches
  24 May 2023 | Internet Research, Vol. 34, No. 2
- Shedding Light on the Dark: The Impact of Legal Enforcement on Darknet Transactions
  Jason Chan,
  Shu He,
  Dandan Qiao,
  Andrew Whinston
  4 May 2023 | Information Systems Research, Vol. 35, No. 1
- Trust in Data Security Protocols and Knowledge of Privacy and Security Technology
  IEEE Security & Privacy, Vol. 22, No. 2
- Time Will Tell: The Case for an Idiographic Approach to Behavioral Cybersecurity Research
  1 March 2024 | MIS Quarterly, Vol. 48, No. 1
- Situational support and information security behavioural intention: a comparative study using conservation of resources theory
  15 February 2023 | Behaviour & Information Technology, Vol. 43, No. 3
- A systematic analysis of failures in protecting personal health data: A scoping review
  International Journal of Information Management, Vol. 74
- Understanding the deterrence effect of punishment for marine information security policies non-compliance
  Journal of Ocean Engineering and Science, Vol. 9, No. 1
- Organizational cybersecurity readiness in the ICT sector: a quanti-qualitative assessment
  20 July 2023 | Information & Computer Security, Vol. 32, No. 1
- Critical success factors for Security Education, Training and Awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
  1 August 2023 | Information & Computer Security, Vol. 32, No. 1
- Human and contextual factors influencing cyber-security in organizations, and implications for higher education institutions: a systematic review
  17 May 2022 | Global Knowledge, Memory and Communication, Vol. 73, No. 1/2
- Employees’ BYOD Security Policy Compliance in the Public Sector
  3 March 2023 | Journal of Computer Information Systems, Vol. 64, No. 1
- An Investigation of the Factors That Influence Information Security Culture in Government Organizations in Bhutan
  27 January 2024 | Journal of Global Information Technology Management, Vol. 27, No. 1
- Cybersecurity at the Core: A Study on IT Experts’ Policy Adherence
  20 February 2024
- Cost-Effective Cybersecurity Framework for Small and Medium-Sized Enterprises
  18 September 2024
- Facilitating and impeding factors to insiders’ prosocial rule breaking in South Korea
  Computers & Security, Vol. 136
- How to keep your information secure? Toward a better understanding of users security behavior
  Technological Forecasting and Social Change, Vol. 198
- Information Security Maturity Model for Healthcare Organizations in the United States
  IEEE Transactions on Engineering Management, Vol. 71
- Do hospital data breaches affect health information technology investment?
  3 January 2024 | DIGITAL HEALTH, Vol. 10
- Analysis of Antecedent Factors that Lead to Cyberloafing and Deviant Behavior in Response to the Announcement of Formal Controls
  1 January 2024 | Organizações & Sociedade, Vol. 31, No. 108
- Análise dos Fatores Antecedentes que Levam ao Cyberloafing e Comportamento Desviante em Relação ao Anúncio de Controles Formais
  1 January 2024 | Organizações & Sociedade, Vol. 31, No. 108
- A model on workarounds and information security integrity
  30 August 2024 | South African Journal of Information Management, Vol. 26, No. 1
- The critical success factors for Security Education, Training and Awareness (SETA) program effectiveness: a lifecycle model
  30 March 2023 | Information Technology & People, Vol. 36, No. 8
- Exploring the role of gamified information security education systems on information security awareness and protection behavioral intention
  3 May 2023 | Education and Information Technologies, Vol. 28, No. 12
- Understanding Online Music Piracy Behavior via Private Communication Channels
  3 December 2022 | Information Systems Frontiers, Vol. 25, No. 6
- The Determinants of Risky Cybersecurity Behaviour: A Case Study Among Employees in Water Sector in Malaysia
  27 December 2023 | Journal of Law and Sustainable Development, Vol. 11, No. 12
- The impact of ignorance and bias on information security protection motivation: a case of e-waste handling
  30 December 2022 | Internet Research, Vol. 33, No. 6
- Smart home cybersecurity awareness and behavioral incentives
  2 June 2023 | Information & Computer Security, Vol. 31, No. 5
- A Framework for Analyzing and Improving ISP Compliance
  17 January 2023 | Journal of Computer Information Systems, Vol. 63, No. 6
- Does stress reduce violation intention? Insights from eustress and distress processes on employee reaction to information security policies
  22 July 2022 | European Journal of Information Systems, Vol. 32, No. 6
- The influence of familiarity with Information Technology on the effects of deterrence
  23 November 2022 | Current Psychology, Vol. 42, No. 33
- The mediating role of security anxiety in internet threat avoidance behavior
  Computers & Security, Vol. 134
- ‘What a waste of time’: An examination of cybersecurity legitimacy
  19 July 2023 | Information Systems Journal, Vol. 33, No. 6
- A Taxonomy of SETA Methods and Linkage to Delivery Preferences
  30 October 2023 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 54, No. 4
- The Managerial Ethical and Operational Challenges of Hospital Cybersecurity
- Understanding employee's emotional reactions to ISSP compliance: focus on frustration from security requirements
  11 August 2022 | Behaviour & Information Technology, Vol. 42, No. 13
- Exploring Personal and Environmental Factors that Can Reduce Nonmalicious Information Security Violations
  11 October 2022 | Information Systems Management, Vol. 40, No. 4
- Employees' in-role and extra-role information security behaviors from the P-E fit perspective
  Computers & Security, Vol. 133
- Faced with digital bureaucrats: A scenario-based survey analysis of how clients perceive automation in street-level decision-making
  Government Information Quarterly, Vol. 40, No. 4
- Understanding extra-role security behaviors: An integration of self-determination theory and construal level theory
  Computers & Security, Vol. 132
- Workarounds as generative mechanisms for bottom‐up process innovation—Insights from a multiple case study
  22 April 2023 | Information Systems Journal, Vol. 33, No. 5
- An Empirical Study of SETA Program Sustaining Educational Sector’s Information Security vs. Information Systems Misuse
  22 August 2023 | Sustainability, Vol. 15, No. 17
- Resistance to information security due to users’ information safety behaviors: Empirical research on the emerging markets
  Computers in Human Behavior, Vol. 145
- Designing an incentive mechanism for information security policy compliance: An experiment
  Journal of Economic Behavior & Organization, Vol. 212
- Nudge to Promote Employees' Information Security Compliance Behavior: A Field Study
- IT assimilation: construct, measurement, and implications in cybersecurity
  16 March 2022 | Enterprise Information Systems, Vol. 17, No. 7
- The impact of work pressure and work completion justification on intentional nonmalicious information security policy violation intention
  Computers & Security, Vol. 130
- The effects of knowledge mechanisms on employees' information security threat construal
  9 January 2023 | Information Systems Journal, Vol. 33, No. 4
- The role of collectivism and moderating effect of IT proficiency on intention to disclose protected health information
  16 March 2022 | Information Technology and Management, Vol. 24, No. 2
- Information security policies compliance in a global setting: An employee's perspective
  Computers & Security, Vol. 129
- Tell me a story: The effects that narratives exert on meaningful-engagement outcomes in antiphishing training
  Computers & Security, Vol. 129
- The influence of organizational values on employee attitude and information security behavior: the mediating role of psychological capital
  15 May 2023 | Information & Computer Security, Vol. 31, No. 2
- “Unus pro omnibus, omnes pro uno”: understanding unauthorised file sharing in online communities from a public goods contribution perspective
  6 July 2022 | Internet Research, Vol. 33, No. 3
- Motivation and Demotivation of Hackers in Selecting a Hacking Task
  14 June 2022 | Journal of Computer Information Systems, Vol. 63, No. 3
- Can peers help reduce violations of information security policies? The role of peer monitoring
  21 September 2021 | European Journal of Information Systems, Vol. 32, No. 3
- Why cyberloafing can be socially learned in the workplace: the role of employees' perceived certainty of formal and informal sanctions
  12 July 2022 | Information Technology & People, Vol. 36, No. 4
- “Generic and unusable”1: Understanding employee perceptions of cybersecurity training and measuring advice fatigue
  Computers & Security, Vol. 128
- Where authorities fail and experts excel: Influencing internet users’ compliance intentions
  Computers & Security, Vol. 128
- A cognitive approach to the decision to trust or distrust phishing emails
  9 March 2021 | International Transactions in Operational Research, Vol. 30, No. 3
- Cybersecurity Research in Accounting Information Systems: A Review and Framework
  22 May 2023 | Journal of Emerging Technologies in Accounting, Vol. 20, No. 1
- What are the trend and core knowledge of information security? A citation and co-citation analysis
  Information & Management, Vol. 60, No. 3
- An Evolutionary Game Theoretic Analysis of Cybersecurity Investment Strategies for Smart-Home Users against Cyberattacks
  6 April 2023 | Applied Sciences, Vol. 13, No. 7
- Effects of Security Knowledge, Self-Control, and Countermeasures on Cybersecurity Behaviors
  20 April 2022 | Journal of Computer Information Systems, Vol. 63, No. 2
- The effects of cyber regulations and security policies on organizational outcomes: a knowledge management perspective
  4 April 2021 | European Journal of Information Systems, Vol. 32, No. 2
- Becoming a blockchain user: understanding consumers’ benefits realisation to use blockchain-based applications
  8 July 2021 | European Journal of Information Systems, Vol. 32, No. 2
- Augmenting Password Strength Meter Design Using the Elaboration Likelihood Model: Evidence from Randomized Experiments
  Warut Khern-am-nuai,
  Matthew J. Hashim,
  Alain Pinsonneault,
  Weining Yang,
  Ninghui Li
  23 March 2022 | Information Systems Research, Vol. 34, No. 1
- Going Beyond Deterrence: A Middle-Range Theory of Motives and Controls for Insider Computer Abuse
  A. J. Burns,
  Tom L. Roberts,
  Clay Posey,
  Paul Benjamin Lowry,
  Bryan Fuller
  10 May 2022 | Information Systems Research, Vol. 34, No. 1
- Moving beyond cyber security awareness and training to engendering security knowledge sharing
  12 October 2022 | Information Systems and e-Business Management, Vol. 21, No. 1
- AIoT-enabled smart surveillance for personal data digitalization: Contextual personalization-privacy paradox in smart home
  Information & Management, Vol. 60, No. 2
- Information security ignorance: An exploration of the concept and its antecedents
  Information & Management, Vol. 60, No. 2
- Where is IT in Information Security? The Interrelationship among IT Investment, Security Awareness, and Data Breaches
  1 March 2023 | MIS Quarterly, Vol. 47, No. 1
- Cyber Literacy Skills of Estonians: Activities and Policies For Encouraging Knowledge-Based Cyber Security Attitudes
  4 May 2023 | Information & Media, Vol. 96
- How to Compensate After a Data Breach?
  7 February 2023 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 54, No. 1
- Evaluating protection motivation based cybersecurity awareness training on Kirkpatrick's Model
  Computers & Security, Vol. 125
- Information Security: The Cornerstone for Surviving the Digital Wild
  29 October 2022
- Ubiquitous Technical Surveillance: A Ubiquitous Intelligence Community Issue
  12 August 2023
- I Just Want to Help: SMEs Engaging with Cybersecurity Technology
  9 July 2023
- A Qualitative Study of the Effects of Socio—organizational Factors on the Information Security Culture of Employees in a Financial Institution
  24 September 2023
- The Influence of Interpersonal Factors on Telecommuting Employees’ Cybercrime Preventative Behaviours During the Pandemic
  26 July 2023
- Tell Me A Story: The Effects That Narratives Exert on Meaningful-Engagement Outcomes in Antiphishing Training
  1 January 2023 | SSRN Electronic Journal, Vol. 87
- Research on Personal Information Security Protection of Social Networks in the Era of Big Data
  26 July 2023
- Impact of regulatory focus on security technostress and organizational outcomes: the moderating effect of security technostress inhibitors
  19 October 2021 | Information Technology & People, Vol. 35, No. 7
- Do Leadership Styles Influence Employee Information Systems Security Intention? A Study of the Banking Industry
  25 October 2022 | Global Journal of Flexible Systems Management, Vol. 23, No. 4
- Administrator-users contribute more to online communities
  Information & Management, Vol. 59, No. 8
- Cyber-Resiliency for Digital Enterprises: A Strategic Leadership Perspective
  IEEE Transactions on Engineering Management, Vol. 69, No. 6
- Linking Cybersecurity and Accounting: An Event, Impact, Response Framework
  1 November 2021 | Accounting Horizons, Vol. 36, No. 4
- Analysis of the effects of privacy protection awareness, digital citizenship, and organizational rationality on privacy protection behavior in metaverse
  Journal of Digital Contents Society, Vol. 23, No. 11
- Understanding individual differences: factors affecting secure computer behaviour
  2 October 2021 | Behaviour & Information Technology, Vol. 41, No. 15
- A systematic framework to explore the determinants of information security policy development and outcomes
  8 February 2022 | Information & Computer Security, Vol. 30, No. 4
- The determinants of an information security policy compliance culture in organisations: the combined effects of organisational and behavioural factors
  23 March 2022 | Information & Computer Security, Vol. 30, No. 4
- Information Privacy Assimilation in IT Organizations
  22 June 2021 | Information Systems Frontiers, Vol. 24, No. 5
- Employees' intentions toward complying with information security controls in Saudi Arabia's public organisations
  Government Information Quarterly, Vol. 39, No. 4
- Toward an intellectual capital cyber security theory: insights from Lebanon
  30 August 2021 | Journal of Intellectual Capital, Vol. 23, No. 6
- A Theoretical Foundation for Explaining and Predicting the Effectiveness of a Bring Your Own Device Program in Organizations
  14 July 2022 | SN Computer Science, Vol. 3, No. 5
- The cybersecurity risk estimation engine: A tool for possibility based risk analysis
  Computers & Security, Vol. 120
- Development of methods for identifying an appropriate benchmarking peer to establish information security policy
  Expert Systems with Applications, Vol. 201
- Cultivating proactive information security behavior and individual creativity: The role of human relations culture and IT use governance
  Information & Management, Vol. 59, No. 6
- Cybersecurity Behavior among Government Employees: The Role of Protection Motivation Theory and Responsibility in Mitigating Cyberattacks
  31 August 2022 | Information, Vol. 13, No. 9
- Workplace Violence and Social Engineering Among Korean Employees
- Firm performance and information security technology intellectual property
  Technological Forecasting and Social Change, Vol. 181
- Should we wear a velvet glove to enforce Information security policies in higher education?
  25 April 2021 | Behaviour & Information Technology, Vol. 41, No. 10
- Effects of Personal Factors and Organizational Reinforcing Tools in Decreasing Employee Engagement in Unhygienic Cyber Practices
  Journal of Global Information Management, Vol. 30, No. 1
- Security Education, Training, and Awareness Programs: Literature Review
  5 May 2021 | Journal of Computer Information Systems, Vol. 62, No. 4
- Predictors of Success in Information Security Policy Compliance
  3 May 2022 | Journal of Computer Information Systems, Vol. 62, No. 4
- Peer privacy protection motivation and action on social networking sites: Privacy self-efficacy and information security as moderators
  Electronic Commerce Research and Applications, Vol. 54
- Enterprises’ energy-saving capability: Empirical study from a dynamic capability perspective
  Renewable and Sustainable Energy Reviews, Vol. 162
- Research for making smart city cybersecurity policy according to communication theory: Focus on the communication structure
  14 September 2022
- Blockchain adoption: A study of cognitive factors underpinning decision making
  Computers in Human Behavior, Vol. 131
- The effect of perceived organizational culture on employees’ information security compliance
  21 December 2021 | Information & Computer Security, Vol. 30, No. 3
- Believe It or Not
  Journal of Global Information Management, Vol. 29, No. 6
- Reactions to Abusive Supervision: Neutralization and IS Misuse
  17 June 2021 | Journal of Computer Information Systems, Vol. 62, No. 3
- A longitudinal study on improving employee information protective knowledge and behaviors
  Computers & Security, Vol. 116
- Predictors of Employees’ Mobile Security Practice: An Analysis of Personal and Work-Related Variables
  21 April 2022 | Applied Sciences, Vol. 12, No. 9
- The influence of hardiness and habit on security behaviour intention
  4 December 2020 | Behaviour & Information Technology, Vol. 41, No. 6
- The Critical Success Factors for Security Education, Training and Awareness (SETA) Programmes
- Data breach recovery areas: an exploration of organization's recovery strategies for surviving data breaches
  9 November 2021 | Organizational Cybersecurity Journal: Practice, Process and People, Vol. 2, No. 1
- Why Do Data Analysts Take IT-Mediated Shortcuts? An Ego-Depletion Perspective
  7 June 2022 | Journal of Management Information Systems, Vol. 39, No. 2
- Circumventing Circumvention: An Economic Analysis of the Role of Education and Enforcement
  Debabrata Dey,
  Abhijeet Ghoshal,
  Atanu Lahiri
  11 August 2021 | Management Science, Vol. 68, No. 4
- Theorizing the Behavioral Effects of Control Complementarity in Security Control Portfolios
  9 February 2021 | Information Systems Frontiers, Vol. 24, No. 2
- Ensuring employees' information security policy compliance by carrot and stick: the moderating roles of organizational commitment and gender
  12 March 2021 | Information Technology & People, Vol. 35, No. 2
- Investigating the critical human behaviour elements and their implications for knowledge management systems: A Literature Review
- The effects of antecedents and mediating factors on cybersecurity protection behavior
  Computers in Human Behavior Reports, Vol. 5
- Assessing Effects of Media Affordances and Information Security Awareness on Knowledge-Sharing in Global Software Development
  30 June 2021 | Journal of Information Systems, Vol. 36, No. 1
- Managing Collective Enterprise Information Systems Compliance: A Social and Performance Management Context Perspective
  1 March 2022 | MIS Quarterly, Vol. 46, No. 1
- Infrastructure Cyber-Attack Awareness Training
  International Journal of Information Security and Privacy, Vol. 16, No. 1
- Organizational science and cybersecurity: abundant opportunities for research at the interface
  4 February 2021 | Journal of Business and Psychology, Vol. 37, No. 1
- Voluntary and instrumental information security policy compliance: an integrated view of prosocial motivation, self-regulation and deterrence
  Computers & Security, Vol. 113
- How different rewards tend to influence employee non-compliance with information security policies
  9 August 2021 | Information & Computer Security, Vol. 30, No. 1
- Common Misunderstandings of Deterrence Theory in Information Systems Research and Future Research Directions
  24 January 2022 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 53, No. 1
- Effects of Organizational Controls on Employees' Cyber-loafing
  24 January 2022 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 53, No. 1
- Understanding employees' information security identities: an interpretive narrative approach
  16 February 2021 | Information Technology & People, Vol. 35, No. 1
- Motivating Information Security Policy Compliance: Insights from Perceived Organizational Formalization
  21 November 2019 | Journal of Computer Information Systems, Vol. 62, No. 1
- Optimistic Bias and Exposure Affect Security Incidents on Home Computer
  14 February 2020 | Journal of Computer Information Systems, Vol. 62, No. 1
- Use Public Wi-Fi? Fear Arouse and Avoidance Behavior
  13 February 2020 | Journal of Computer Information Systems, Vol. 62, No. 1
- Beyond technical measures: a value-focused thinking appraisal of strategic drivers in improving information security policy compliance
  21 September 2021 | European Journal of Information Systems, Vol. 31, No. 1
- Access to user data stored by organizations—divides surrounding information security professionals in Chinese IT organizations
  28 July 2021 | Chinese Journal of Communication, Vol. 15, No. 1
- A strategy to enhance consumer trust in the adoption of mobile banking applications
  31 December 2020 | African Journal of Science, Technology, Innovation and Development, Vol. 14, No. 1
- The Effectiveness of Outsourcing Cybersecurity Practices: A Study of the Italian Context
  25 October 2021
- Designing Information Security Culture Artifacts to Improve Security Behavior: An Evaluation in SMEs
  25 May 2022
- Investigating Differential Privacy Outcomes
  8 July 2022
- Applying PDCA to Security, Education, Training and Awareness Programs
  22 July 2022
- Unboxing Employees Perspectives on Factors Affecting Their Compliance to Organizational Information Security Policies
  27 May 2022
- A Configurational Analysis of the Causes of Consumer Indirect Misbehaviors in Access-Based Consumption
  6 October 2020 | Journal of Business Ethics, Vol. 175, No. 1
- Opportunities and Challenges of Cybersecurity for Undergraduate Information Systems Programs
- SETA and Security Behavior
- Factors Influencing Information Security Policy Compliance Behavior
- Model For Mitigating Smishing Attacks On Mobile Platforms
- The moderating effect of abusive supervision on information security policy compliance: Evidence from the hospitality industry
  Computers & Security, Vol. 111
- Protective behavior in ride-sharing through the lens of protection motivation theory and usage situation theory
  International Journal of Information Management, Vol. 61
- Internal and external drivers for compliance with the COVID-19 preventive measures in Slovenia: The view from general deterrence and protection motivation
  15 November 2021 | PLOS ONE, Vol. 16, No. 11
- Antecedents for enhanced level of cyber-security in organisations
  14 October 2020 | Journal of Enterprise Information Management, Vol. 34, No. 6
- Employees’ Behavior in Phishing Attacks: What Individual, Organizational, and Technological Factors Matter?
  29 October 2020 | Journal of Computer Information Systems, Vol. 61, No. 6
- Watchers, Watched, and Watching in the Digital Age: Reconceptualization of Information Technology Monitoring as Complex Action Nets
  Aljona Zorina,
  France Bélanger,
  Nanda Kumar,
  Stewart Clegg
  1 March 2021 | Organization Science, Vol. 32, No. 6
- Announcement of formal controls as phase-shifting perceptions: their determinants and moderating role in the context of mobile loafing
  6 July 2021 | Internet Research, Vol. 31, No. 5
- The relationship between organisational justice and police officer attitudes toward misconduct
  26 October 2020 | Policing and Society, Vol. 31, No. 9
- Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths
  2 August 2021 | Organizational Cybersecurity Journal: Practice, Process and People, Vol. 1, No. 1
- From awareness to influence: toward a model for improving employees’ security behaviour
  15 March 2021 | Personal and Ubiquitous Computing, Vol. 25, No. 5
- Exploring stewardship: A precursor to voluntary security behaviors
  Computers & Security, Vol. 109
- Impact of comprehensive information security awareness and cognitive characteristics on security incident management – an empirical study
  Computers & Security, Vol. 109
- The impact of SETA event attributes on employees’ security-related Intentions: An event system theory perspective
  Computers & Security, Vol. 109
- Factors Affecting Corporate Security Policy Effectiveness in Telecommuting
  Security and Communication Networks, Vol. 2021
- Understanding Inconsistent Employee Compliance with Information Security Policies Through the Lens of the Extended Parallel Process Model
  Yan Chen,
  Dennis F. Galletta,
  Paul Benjamin Lowry,
  Xin (Robert) Luo,
  Gregory D. Moody,
  Robert Willison
  24 May 2021 | Information Systems Research, Vol. 32, No. 3
- Failures of Fairness in Automation Require a Deeper Understanding of Human–ML Augmentation
  1 September 2021 | MIS Quarterly, Vol. 45, No. 3
- Misuse of Police Information Systems: Predicting Perceived Likelihood of Misuse among Unsworn Police Employees
  7 May 2019 | Policing: A Journal of Policy and Practice, Vol. 15, No. 2
- The “Right” recipes for security culture: a competing values model perspective
  18 September 2020 | Information Technology & People, Vol. 34, No. 5
- After the disclosure: measuring the short-term and long-term impacts of data breach disclosures on the financial performance of organizations
  8 April 2021 | Information & Computer Security, Vol. 29, No. 3
- “SME executives’ perceptions and the information security preparedness model”
  29 March 2021 | Information & Computer Security, Vol. 29, No. 2
- Can It Clean Up Your Inbox? Evidence from South Korean Anti‐spam Legislation
  1 August 2021 | Production and Operations Management, Vol. 30, No. 8
- How protection motivation and social bond factors influence information security behavior
  Systèmes d'information & management, Vol. Volume 26, No. 2
- Security Awareness: The First Step in Information Security Compliance Behavior
  13 August 2019 | Journal of Computer Information Systems, Vol. 61, No. 4
- Enhancing employees information security awareness in private and public organisations: A systematic literature review
  Computers & Security, Vol. 106
- A study of social networking site use from a three-pronged security and privacy threat assessment perspective
  Information & Management, Vol. 58, No. 5
- Do Deterrence Mechanisms Reduce Cyberloafing When It Is an Observed Workplace Norm? A Moderated Mediation Model
  23 June 2021 | International Journal of Environmental Research and Public Health, Vol. 18, No. 13
- Assessing the Moderating Effect of Security Technologies on Employees Compliance with Cybersecurity Control Procedures
  3 February 2021 | ACM Transactions on Management Information Systems, Vol. 12, No. 2
- Does Technostress Trigger Insider Threat? A Conceptual Model and Mitigation Solutions
- Can financial incentives help with the struggle for security policy compliance?
  Information & Management, Vol. 58, No. 4
- Deterrence and leadership factors: Which are important for information security policy compliance in the hotel industry
  Tourism Management, Vol. 84
- Exploring the Impact of Information Security Climate and Information Security Training on Cybersecurity Behavior: Based on Protection Motivation Theory
- The Effects of Information Security Organizational Injustice on Information Security Anxiety and Avoidance Behavior: Focusing on Moderation Effects of Victim Justice Sensitivity
  Journal of Digital Contents Society, Vol. 22, No. 5
- Cybersecurity Awareness and Skills of Senior Citizens: A Motivation Perspective
  21 March 2019 | Journal of Computer Information Systems, Vol. 61, No. 3
- Examining the role of stress and information security policy design in information security compliance behaviour: An experimental study of in-task behaviour
  Computers & Security, Vol. 104
- Eyes wide open: The role of situational information security awareness for security‐related behaviour
  17 December 2020 | Information Systems Journal, Vol. 31, No. 3
- Social Controls and Bonds of Public Information Consumer on Sustainable Utilization and Provision for Computing
  8 May 2021 | Sustainability, Vol. 13, No. 9
- Interrelationship between Bitcoin, Ransomware, and Terrorist Activities: Criminal Opportunity Assessment via Cyber-Routine Activities Theoretical Framework
  16 February 2021 | Victims & Offenders, Vol. 16, No. 3
- Insiders’ Adaptations to Security-Based Demands in the Workplace: An Examination of Security Behavioral Complexity
  7 September 2019 | Information Systems Frontiers, Vol. 23, No. 2
- The Utility of Information Security Training and Education on Cybersecurity Incidents: An empirical evidence
  11 December 2019 | Information Systems Frontiers, Vol. 23, No. 2
- The role of deterrability for the effect of multi-level sanctions on information security policy compliance: Results of a multigroup analysis
  Information & Management, Vol. 58, No. 3
- Curbing cyberloafing: studying general and specific deterrence effects with field evidence
  3 May 2020 | European Journal of Information Systems, Vol. 30, No. 2
- College students information security awareness: a comparison between smartphones and computers
  16 September 2020 | Education and Information Technologies, Vol. 26, No. 2
- When ignorance is bliss: The role of curiosity in online games adoption
  Entertainment Computing, Vol. 37
- Human factor, a critical weak point in the information security of an organization's Internet of things
  Heliyon, Vol. 7, No. 3
- Understanding cybersecurity behavioral habits: Insights from situational support
  Journal of Information Security and Applications, Vol. 57
- Analysis of the Effects of Information Security Sanction and Role Ambiguity on Compliance Intention: Focusing on Moderation Effects of Technical Support and Task Coping
  Journal of Digital Contents Society, Vol. 22, No. 2
- Information system security policy noncompliance: the role of situation-specific ethical orientation
  6 April 2020 | Information Technology & People, Vol. 34, No. 1
- The Roles of IT Strategies and Security Investments in Reducing Organizational Security Breaches
  2 April 2021 | Journal of Management Information Systems, Vol. 38, No. 1
- Researching Cybercrime in the European Union: Asking the Right Ethics Questions
  30 July 2021
- Mobile Multitasking in Urban Contexts: Habituation and Countermeasures
  3 July 2021
- Information Security Policy Compliance
  18 February 2021
- Keeping customers' data secure: A cross-cultural study of cybersecurity compliance among the Gen-Mobile workforce
  Computers in Human Behavior, Vol. 114
- Onlooker effect and affective responses in information security violation mitigation
  Computers & Security, Vol. 100
- Applying social marketing to evaluate current security education training and awareness programs in organisations
  Computers & Security, Vol. 100
- The Role of Employees’ Information Security Awareness on the Intention to Resist Social Engineering
  Procedia Computer Science, Vol. 181
- Identifying the Effect of Data Breach Publicity on Information Security Awareness Using Hierarchical Regression
  IEEE Access, Vol. 9
- Hospital Staff’s Adherence to Information Security Policy: A Quest for the Antecedents of Deterrence Variables
  7 July 2021 | INQUIRY: The Journal of Health Care Organization, Provision, and Financing, Vol. 58
- Encouraging Employee Engagement With Cybersecurity: How to Tackle Cyber Fatigue
  10 March 2021 | Sage Open, Vol. 11, No. 1
- Библиометрическое отображение исследования по подготовке пользователя для безопасного применения информационных систем
  Международный форум по информации, Vol. 46, No. 1
- An Overview of Recent Development in Privacy Regulations and Future Research Opportunities
- The Cultural Foundation of Information Security Behavior
- Promoting Cybersecurity Compliance
- Implement a Model for Describing and Maximising Security Knowledge Sharing
- The Influence of Professional Subculture on Information Security Policy Violations: A Field Study in a Healthcare Context
  Sumantra Sarkar,
  Anthony Vance,
  Balasubramaniam Ramesh,
  Menelaos Demestihas,
  Daniel Thomas Wu
  17 September 2020 | Information Systems Research, Vol. 31, No. 4
- Explaining the interactions of humans and artifacts in insider security behaviors: The mangle of practice perspective
  Computers & Security, Vol. 99
- Gender bias and the impact on managerial evaluation of insider security threats
  Computers & Security, Vol. 99
- Telemedicine adoption issues in the United States and Brazil: Perception of healthcare professionals
  19 February 2020 | Health Informatics Journal, Vol. 26, No. 4
- Non-Compliant Mobile Device Usage and Information Systems Security: A Bystander Theory Perspective
- Integrating elaboration likelihood model and herd theory in information security message persuasiveness
  Computers & Security, Vol. 98
- Deterrent effects of punishment and training on insider security threats: a field experiment on phishing attacks
  19 August 2019 | Behaviour & Information Technology, Vol. 39, No. 11
- Predicting communication constructs towards determining information security policies compliance
  12 October 2020 | SA Journal of Information Management, Vol. 22, No. 1
- A Cross Industry Study of Institutional Pressures on Organizational Effort to Raise Information Security Awareness
  27 May 2019 | Information Systems Frontiers, Vol. 22, No. 5
- WITHDRAWN: Time pressure in human cybersecurity behavior: Theoretical framework and countermeasures
  Computers & Security, Vol. 97
- Time pressure in human cybersecurity behavior: Theoretical framework and countermeasures
  Computers & Security, Vol. 97
- Motivating information security policy compliance: The critical role of supervisor-subordinate guanxi and organizational commitment
  International Journal of Information Management, Vol. 54
- Organizational Governance, Social Bonds and Information Security Policy Compliance: A Perspective towards Oil and Gas Employees
  16 October 2020 | Sustainability, Vol. 12, No. 20
- The Effect of Information Security Delivery Activities and Feedback on Work Impediment and Compliance Intention
  Journal of Digital Contents Society, Vol. 21, No. 9
- Implementing Data-Based Bank Loan Application via MS Access
  10 December 2020
- POSITIVE EMOTIONS AND EMPLOYEES’ PROTECTION-MOTIVATED BEHAVIOURS: A MODERATED MEDIATION MODEL
  Journal of Business Economics and Management, Vol. 21, No. 5
- Appealing to Sense and Sensibility: System 1 and System 2 Interventions for Fake News on Social Media
  Patricia L. Moravec,
  Antino Kim,
  Alan R. Dennis
  13 August 2020 | Information Systems Research, Vol. 31, No. 3
- A meta-analysis of the deterrence theory in security-compliant and security-risk behaviors
  Computers & Security, Vol. 96
- Peers matter: The moderating role of social influence on information security policy compliance
  7 February 2020 | Information Systems Journal, Vol. 30, No. 5
- An Overview of Recent Development in Privacy Regulations and Future Research Opportunities
- Exploring IS security themes: a literature analysis
  25 February 2021 | Journal of Decision Systems, Vol. 29, No. sup1
- Factors influencing the information security behaviour of IT employees
  29 May 2019 | Behaviour & Information Technology, Vol. 39, No. 8
- The Case against Commercial Antivirus Software: Risk Homeostasis and Information Problems in Cybersecurity
  22 June 2020 | Risk Analysis, Vol. 40, No. 8
- Understanding Security Vulnerability Awareness, Firm Incentives, and ICT Development in Pan-Asia
  18 November 2020 | Journal of Management Information Systems, Vol. 37, No. 3
- Centralized IT Decision Making and Cybersecurity Breaches: Evidence from U.S. Higher Education Institutions
  18 November 2020 | Journal of Management Information Systems, Vol. 37, No. 3
- Examining the side effects of organizational Internet monitoring on employees
  Internet Research, Vol. 30, No. 6
- Classification of malicious insiders and the association of the forms of attacks
  Journal of Criminal Psychology, Vol. 10, No. 3
- Toward a stage theory of the development of employees’ information security behavior
  Computers & Security, Vol. 93
- Effects of sanctions, moral beliefs, and neutralization on information security policy violations across cultures
  Information & Management, Vol. 57, No. 4
- An Analysis of Motive and Observable Behavioral Indicators Associated With Insider Cyber-Sabotage and Other Attacks
  IEEE Engineering Management Review, Vol. 48, No. 2
- Is Cybersecurity a Team Sport? A Multilevel Examination of Workgroup Information Security Effectiveness
  1 June 2020 | MIS Quarterly, Vol. 44, No. 2
- Executives' Commitment to Information Security
  18 May 2020 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 51, No. 2
- Exploring the role of intrinsic motivation in ISSP compliance: enterprise digital rights management system case
  Information Technology & People, Vol. 34, No. 2
- Information security awareness in a developing country context: insights from the government sector in Saudi Arabia
  Information Technology & People, Vol. 34, No. 2
- The role of abusive supervision and organizational commitment on employees' information security policy noncompliance intention
  Internet Research, Vol. 30, No. 5
- Empirical Study on the Influence of Security Control Management and Social Factors in Deterring Information Security Misbehaviour
  Journal of Physics: Conference Series, Vol. 1551, No. 1
- Cybersecurity compliance behavior: Exploring the influences of individual decision style and other antecedents
  International Journal of Information Management, Vol. 51
- Anger or fear? Effects of discrete emotions on employee’s computer-related deviant behavior
  Information & Management, Vol. 57, No. 3
- Organizational Information Security Management for Sustainable Information Systems: An Unethical Employee Information Security Behavior Perspective
  14 April 2020 | Sustainability, Vol. 12, No. 8
- The Cultural Foundation of Information Security Behavior
  Journal of Database Management, Vol. 31, No. 2
- An activity theory approach to information security non-compliance
  Information & Computer Security, Vol. 28, No. 4
- Employees’ behavioural intention to smartphone security: A gender-based, cross-national study
  Computers in Human Behavior, Vol. 104
- Information security policy noncompliance: An integrative social influence model
  13 August 2019 | Information Systems Journal, Vol. 30, No. 2
- The Impact of Awareness of Being Monitored on Computer Usage Policy Compliance: An Agency View
  29 August 2019 | Journal of Information Systems, Vol. 34, No. 1
- Impact of Deterrence and Inertia on Information Security Policy Changes
  5 March 2019 | Journal of Information Systems, Vol. 34, No. 1
- Integrating Cybersecurity Awareness and Access Control into Organizational IT Operations for Risk Reduction
  20 February 2020 | International Journal of Scientific Research in Computer Science Engineering and Information Technology
- Benchmarking Methodology for Information Security Policy (BMISP): Artifact Development and Evaluation
  9 May 2018 | Information Systems Frontiers, Vol. 22, No. 1
- Reconciliation of Privacy with Preventive Cybersecurity: The Bright Internet Approach
  22 January 2020 | Information Systems Frontiers, Vol. 22, No. 1
- Do Reputational Sanctions Deter Negligence in Information Security Management? A Field Quasi‐Experiment
  1 February 2020 | Production and Operations Management, Vol. 29, No. 2
- Information Disclosure and Privacy Paradox
  21 January 2020 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 51, No. 1
- Using Design-Science Based Gamification to Improve Organizational Security Training and Compliance
  1 March 2020 | Journal of Management Information Systems, Vol. 37, No. 1
- Organizational Citizenship Behavior Regarding Security: Leadership Approach Perspective
  7 December 2017 | Journal of Computer Information Systems, Vol. 60, No. 1
- Information Security Policy Compliance: Leadership, Trust, Role Values, and Awareness
  19 December 2019 | Journal of Computer Information Systems, Vol. 60, No. 1
- A Descriptive Review and Classification of Organizational Information Security Awareness Research
  8 March 2020
- A New Hope: Human-Centric Cybersecurity Research Embedded Within Organizations
  10 July 2020
- Security Education, Training, and Awareness: Incorporating a Social Marketing Approach for Behavioural Change
  19 December 2020
- Deterrence in Cyberspace: An Interdisciplinary Review of the Empirical Literature
  6 June 2020
- Deterrence in Cyberspace: An Interdisciplinary Review of the Empirical Literature
  29 December 2019
- Understanding users' information security awareness and intentions
- Can individuals’ neutralization techniques be overcome? A field experiment on password policy
  Computers & Security, Vol. 88
- Influencing factors of employees’ information systems security police compliance: An empirical research in China
  11 December 2020 | E3S Web of Conferences, Vol. 218
- Factors Influencing Players’ Susceptibility to Social Engineering in Social Gaming Networks
  IEEE Access, Vol. 8
- Where is IT in Information Security? The Interrelationship between IT Investment, Security Awareness, and Data Breaches
  SSRN Electronic Journal, Vol. 41
- Improving the Design of Information Security Messages by Leveraging the Effects of Temporal Distance and Argument Nature
  SSRN Electronic Journal, Vol. 34
- Good News and Bad News About Incentives to Violate the Health Insurance Portability and Accountability Act (HIPAA): Scenario-Based Questionnaire Study
  20 July 2020 | JMIR Medical Informatics, Vol. 8, No. 7
- Evaluating the Effectiveness of Deterrence Theory in Information Security Compliance
- Factors Influencing Information Security Policy Compliance Behavior
- Building an awareness-centered information security policy compliance model
  Industrial Management & Data Systems, Vol. 120, No. 1
- Protecting intellectual property from insider threats
  Journal of Intellectual Capital, Vol. 21, No. 2
- How Do EHRs and a Meaningful Use Initiative Affect Breaches of Patient Information?
  Seung Hyun Kim,
  Juhee Kwon
  19 July 2019 | Information Systems Research, Vol. 30, No. 4
- A Meta-Analysis of Deterrence Theory in Information Security Policy Compliance Research
  25 October 2019 | Information Systems Frontiers, Vol. 21, No. 6
- Seller's creditworthiness in the online service market: A study from the control perspective
  Decision Support Systems, Vol. 127
- Perceived argument quality's effect on threat and coping appraisals in fear appeals: An experiment and exploration of realism check heuristics
  Information & Management, Vol. 56, No. 8
- Leader power and employees’ information security policy compliance
  22 January 2019 | Security Journal, Vol. 32, No. 4
- Exploring Staff Perception of InfoSec Policy Compliance: Palestine Universities Empirical Study
- Deterrence approach on the compliance with electronic medical records privacy policy: the moderating role of computer monitoring
  4 December 2019 | BMC Medical Informatics and Decision Making, Vol. 19, No. 1
- Improving employees’ intellectual capacity for cybersecurity through evidence-based malware training
  Journal of Intellectual Capital, Vol. 21, No. 2
- Factors affecting intention to disclose patients’ health information
  Computers & Security, Vol. 87
- The rise of crypto-ransomware in a changing cybercrime landscape: Taxonomising countermeasures
  Computers & Security, Vol. 87
- Wishful Thinking and IT Threat Avoidance: An Extension to the Technology Threat Avoidance Theory
  IEEE Transactions on Engineering Management, Vol. 66, No. 4
- Security Organizing
  1 November 2019 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 50, No. 4
- Organizational practices as antecedents of the information security management performance
  Information Technology & People, Vol. 32, No. 5
- An Integrative Theory Addressing Cyberharassment in the Light of Technology-Based Opportunism
  9 October 2019 | Journal of Management Information Systems, Vol. 36, No. 4
- Security Policy Opt-in Decisions in Bring-Your-Own-Device (BYOD) – A Persuasion and Cognitive Elaboration Perspective
  18 July 2019 | Journal of Organizational Computing and Electronic Commerce, Vol. 29, No. 4
- The Use and Non-Use of Cybersecurity Tools Among Consumers
  26 September 2019
- Response awareness and instructional self-efficacy: influences on intent
  26 June 2019 | Information & Computer Security, Vol. 27, No. 4
- From hindrance to challenge
  Journal of Enterprise Information Management, Vol. 33, No. 1
- It ain’t my business: a coping perspective on employee effortful security behavior
  Journal of Enterprise Information Management, Vol. 32, No. 5
- Do employees in a “good” company comply better with information security policy? A corporate social responsibility perspective
  Information Technology & People, Vol. 32, No. 4
- The effects of moral disengagement and organizational ethical climate on insiders’ information security policy violation behavior
  Information Technology & People, Vol. 32, No. 4
- Reacting to the scope of a data breach: The differential role of fear and anger
  Journal of Business Research, Vol. 101
- Information protection behaviors: morality and organizational criticality
  Information & Computer Security, Vol. 27, No. 3
- From theory to practice: guidelines for enhancing information security management
  Information & Computer Security, Vol. 27, No. 3
- Investigating power styles and behavioural compliance for effective hospital administration
  International Journal of Health Care Quality Assurance, Vol. 32, No. 6
- Evaluating information security core human error causes (IS-CHEC) technique in public sector and comparison with the private sector
  International Journal of Medical Informatics, Vol. 127
- Encouraging recycling among households in Malaysia: Does deterrence matter?
  10 April 2019 | Waste Management & Research: The Journal for a Sustainable Circular Economy, Vol. 37, No. 7
- Organizational Control Policy, Information Security Deviance, and Moderating Effect of Power Distance Orientation
  International Journal of Cyber Behavior, Psychology and Learning, Vol. 9, No. 3
- The Differential Effects of Interpersonal Justice and Injustice on Computer Abuse
  Journal of Database Management, Vol. 30, No. 3
- Security monitoring and information security assurance behaviour among employees
  Information & Computer Security, Vol. 27, No. 2
- Information Securing in Organizations
  12 June 2019
- Organizational cloud security and control: a proactive approach
  Information Technology & People, Vol. 32, No. 3
- Audit Policies Under the Sentinel Effect: Deterrence-Driven Algorithms
  Lina Bouayad,
  Balaji Padmanabhan,
  Kaushal Chari
  23 May 2019 | Information Systems Research, Vol. 30, No. 2
- What Message Characteristics Make Social Engineering Successful on Facebook: The Role of Central Route, Peripheral Route, and Perceived Risk
  13 June 2019 | Information, Vol. 10, No. 6
- Information Systems Security: Challenges, Vulnerabilities and Tools
  24 April 2019
- Control of fraud on mobile money services in Ghana: an exploratory study
  Journal of Money Laundering Control, Vol. 22, No. 2
- Keeping secure to the end: a long-term perspective to understand employees’ consequence-delayed information security violation
  25 October 2018 | Behaviour & Information Technology, Vol. 38, No. 5
- Understanding commitment and apathy in is security extra-role behavior from a person-organization fit perspective
  25 October 2018 | Behaviour & Information Technology, Vol. 38, No. 5
- Information Security Policy Compliance: Leadership and Trust
  7 February 2019 | Journal of Computer Information Systems, Vol. 59, No. 3
- “This is the way ‘I’ create my passwords” ... does the endowment effect deter people from changing the way they create their passwords?
  Computers & Security, Vol. 82
- Cyberbullying on Social Networking Sites: The Crime Opportunity and Affordance Perspectives
  14 June 2019 | Journal of Management Information Systems, Vol. 36, No. 2
- The quest for complete security: An empirical analysis of users’ multi-layered protection from security threats
  3 April 2017 | Information Systems Frontiers, Vol. 21, No. 2
- Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior
  International Journal of Information Management, Vol. 45
- Information Security Policy Perceived Compliance Among Staff in Palestine universities: An Empirical Pilot study
- Informal IT and Routine Activity Theory -A Theoretical Review
- Speak their Language: Designing Effective Messages to Improve Employees’ Information Security Decision Making
  23 July 2018 | Decision Sciences, Vol. 50, No. 2
- Health Technology Assessment: The Role of Total Cost of Ownership
  9 May 2019 | Business Systems Research Journal, Vol. 10, No. 1
- Opportunities and Challenges of Cybersecurity for Undergraduate Information Systems Programs
  International Journal of Information and Communication Technology Education, Vol. 15, No. 2
- SETA and Security Behavior
  Journal of Global Information Management, Vol. 27, No. 2
- Effect of long-term orientation on voluntary security actions
  Information & Computer Security, Vol. 27, No. 1
- Mitigating cyber attacks through the measurement of non-IT professionals’ cybersecurity skills
  Information & Computer Security, Vol. 27, No. 1
- Examining the impact of deterrence factors and norms on resistance to Information Systems Security
  Computers in Human Behavior, Vol. 92
- The impact of leadership on employees' intended information security behaviour: An examination of the full‐range leadership theory
  24 May 2018 | Information Systems Journal, Vol. 29, No. 2
- Adoption of Identity Theft Countermeasures and its Short- and Long-Term Impact on Firm Value1
  1 March 2019 | MIS Quarterly, Vol. 43, No. 1
- Asking Sensitive Questions Using the Randomized Response Approach in Public Health Research: An Empirical Study on the Factors of Illegal Waste Disposal
  18 March 2019 | International Journal of Environmental Research and Public Health, Vol. 16, No. 6
- Promoting Cybersecurity Compliance
- Analysis of key Factors for Organization Information Security
- Marke forces, competitive strategies and small business performance: Evidence from Mexico`s low-income market
  26 September 2018 | Contaduría y Administración, Vol. 65, No. 1
- Cyber-Dependent Crimes: An Interdisciplinary Review
  Annual Review of Criminology, Vol. 2, No. 1
- Cybercrime: an emerging threat to the banking sector of Pakistan
  Journal of Financial Crime, Vol. 26, No. 1
- Violators versus non-violators of information security measures in organizations—A study of distinguishing factors
  17 February 2019 | Journal of Organizational Computing and Electronic Commerce, Vol. 29, No. 1
- A Critical Analysis of Requirements and Recommendations for Multi-modal Access Control in Hospitals
  29 January 2019
- Exploring the Impacts of Intrinsic Variables on Security Compliance Efficiency Using DEA and MARS
  26 April 2019
- The Influence of Organizational, Social and Personal Factors on Cybersecurity Awareness and Behavior of Home Computer Users
  5 June 2019
- Predicting Students’ Security Behavior Using Information-Motivation-Behavioral Skills Model
  5 June 2019
- Critical impact of organizational and individual inertia in explaining non-compliant security behavior in the Shadow IT context
  Computers & Security, Vol. 80
- Cognitive‐affective drivers of employees' daily compliance with information security policies: A multilevel, longitudinal study
  8 November 2017 | Information Systems Journal, Vol. 29, No. 1
- Why Employees (Still) Click on Phishing Links: An Investigation in Hospitals
  SSRN Electronic Journal, Vol. 50
- How Does Cybersecurity Legislation Influence Digitization?
  SSRN Electronic Journal, Vol. 41
- Shedding Light on the Dark: The Impact of Legal Enforcement on Darknet Transactions
  SSRN Electronic Journal, Vol. 72
- Causes and Impacts of Personal Health Information (PHI) Breaches: A Scoping Review and Thematic Analysis
  SSRN Electronic Journal, Vol. 21
- Proximity-Based Emergency Response Communities for Patients With Allergies Who Are at Risk of Anaphylaxis: Clustering Analysis and Scenario-Based Survey Study
  22 August 2019 | JMIR mHealth and uHealth, Vol. 7, No. 8
- Maturity in Health Organization Information Systems
- The Impact of Online Training on Facebook Privacy
- The Cyber Acumen
- Why We Disclose Personal Information Despite Cybersecurity Risks and Vulnerabilities
- Security and Privacy Issues in Cloud-Based E-Government
- Workplace Violence and Social Engineering Among Korean Employees
  International Journal of Asian Business and Information Management, Vol. 10, No. 1
- Sanction severity and employees’ information security policy compliance: Investigating mediating, moderating, and control variables
  Information & Management, Vol. 55, No. 8
- Intentions to Comply Versus Intentions to Protect: A VIE Theory Approach to Understanding the Influence of Insiders’ Awareness of Organizational SETA Efforts
  7 December 2017 | Decision Sciences, Vol. 49, No. 6
- Cybersecurity Research: A Review of Current Research Topics
  8 November 2018 | Journal of Industrial Integration and Management, Vol. 03, No. 04
- Information security: Listening to the perspective of organisational insiders
  4 January 2018 | Journal of Information Science, Vol. 44, No. 6
- Patients’ perception of the information security management in health centers: the role of organizational and human factors
  15 November 2018 | BMC Medical Informatics and Decision Making, Vol. 18, No. 1
- Students’ computers safety behaviors, under effects of cognition and socialization: when gender and job experience influence information security behaviors
- Examining employee security violations: moral disengagement and its environmental influences
  14 August 2018 | Information Technology & People, Vol. 31, No. 6
- Factors That Influence Employees’ Security Policy Compliance: An Awareness-Motivation-Capability Perspective
  27 December 2016 | Journal of Computer Information Systems, Vol. 58, No. 4
- Social control through deterrence on the compliance with information security policy
  3 July 2018 | Soft Computing, Vol. 22, No. 20
- Revealing the Misuse of Motorcycle Ride-sharing Applications using Extended Deterrence Theory Approach
- Why We Disclose Personal Information Despite Cybersecurity Risks and Vulnerabilities
  International Journal of Smart Education and Urban Society, Vol. 9, No. 4
- Are users competent to comply with information security policies? An analysis of professional competence models
  17 July 2018 | Information Technology & People, Vol. 31, No. 5
- Impact of employees’ demographic characteristics on the awareness and compliance of information security policy in organizations
  Telematics and Informatics, Vol. 35, No. 6
- Bayesian randomized response technique with multiple sensitive attributes: The case of information systems resource misuse
  The Annals of Applied Statistics, Vol. 12, No. 3
- Applying the Randomized Response Technique in Business Ethics Research: The Misuse of Information Systems Resources in the Workplace
  1 July 2016 | Journal of Business Ethics, Vol. 151, No. 1
- Integrating Behavioural Security Factors for Enhanced Protection of Organisational Information Technology Assets
- Rethinking the Prevailing Security Paradigm
  25 July 2018 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 49, No. 3
- Central Role of Moral Obligations in Determining Intentions to Engage in Digital Piracy
  26 October 2018 | Journal of Management Information Systems, Vol. 35, No. 3
- The Impact of Online Training on Facebook Privacy
  28 October 2016 | Journal of Computer Information Systems, Vol. 58, No. 3
- “Just how risky is it anyway?” The role of risk perception and trust on click-through intention
  29 May 2018 | Information Systems Management, Vol. 35, No. 3
- Finding the weakest links in the weakest link: How well do undergraduate students make cybersecurity judgment?
  Computers in Human Behavior, Vol. 84
- Strategic value alignment for information security management: a critical success factor analysis
  Information & Computer Security, Vol. 26, No. 2
- Value conflicts and non-compliance
  Information & Computer Security, Vol. 26, No. 2
- Exploring the Motives of Citizen Reporting Engagement: Self-Concern and Other-Orientation
  2 March 2018 | Business & Information Systems Engineering, Vol. 60, No. 3
- The impact of collectivism and psychological ownership on protection motivation: A cross-cultural examination
  Computers & Security, Vol. 75
- Impact of Perceived Risk, Perceived Controllability, and Security Self-Efficacy on Secure Intention from Social Comparison Theory Perspective
- Investigating Knowledge Flows between Information Systems and Other Disciplines:
  25 May 2018 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 49, No. 2
- “THAT’S HOW THEY TAUGHT US TO DO IT”: Learned Deviance and Inadequate Deterrents in Retail Banking
  28 February 2017 | Deviant Behavior, Vol. 39, No. 5
- Examining the antecedents of employee unauthorized computer access
  18 April 2018 | Journal of Statistics and Management Systems, Vol. 21, No. 3
- Information security policy compliance: Investigating the role of intrinsic motivation towards policy compliance in the organisation
- Three Essays on Information Security Risk Management
- Security on Autopilot
  25 April 2018 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 49, No. SI
- The Organization Man and the Innovator
  25 April 2018 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 49, No. SI
- Disentangling the Motivations for Organizational Insider Computer Abuse through the Rational Choice and Life Course Perspectives
  25 April 2018 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 49, No. SI
- Definition and Multidimensionality of Security Awareness
  25 April 2018 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 49, No. SI
- Towards a user-centric theory of value-driven information security compliance
  Information Technology & People, Vol. 31, No. 2
- Exploring the influence of flow and psychological ownership on security education, training and awareness effectiveness and security compliance
  Decision Support Systems, Vol. 108
- Promoting firms’ energy-saving behavior: The role of institutional pressures, top management support and financial slack
  Energy Policy, Vol. 115
- Self-control, organizational context, and rational choice in Internet abuses at work
  Information & Management, Vol. 55, No. 3
- Information Quality Awareness and Information Quality Practice
  29 May 2018 | Journal of Data and Information Quality, Vol. 10, No. 1
- Information security policy compliance: a higher education case study
  Information & Computer Security, Vol. 26, No. 1
- Examining employee computer abuse intentions: insights from justice, deterrence and neutralization perspectives
  2 December 2016 | Information Systems Journal, Vol. 28, No. 2
- Toward a Unified Model of Information Security Policy Compliance1
  1 March 2018 | MIS Quarterly, Vol. 42, No. 1
- In Defense of the Questionable: Defining the Basis of Research Scientists’ Engagement in Questionable Research Practices
  28 November 2017 | Journal of Empirical Research on Human Research Ethics, Vol. 13, No. 1
- An Examination of Workplace Cyberdeviance
- How senior management and workplace norms influence information security attitudes and self-efficacy
  16 November 2017 | Behaviour & Information Technology, Vol. 37, No. 1
- Human Factors in Information Security Culture: A Literature Review
  16 June 2017
- Health Belief Model and Organizational Employee Computer Abuse
  5 June 2018
- Datenschutz, Informationssicherheit und Copyright
  4 May 2018
- Social Media Information Security Threats: Anthropomorphic Emoji Analysis on Social Engineering
  5 September 2017
- Towards Comprehensive Information Security Awareness: A Systematic Classification of Concerns among University Students
- A Central Role of Moral Obligations in Determining Intentions to Engage in Digital Piracy
  SSRN Electronic Journal, Vol. 50
- Circumventing Circumvention: An Economic Analysis of the Role of Education and Enforcement
  SSRN Electronic Journal, Vol. 19
- A Picture is Not Worth 1,000 Words: Mitigating Treatment Recall Bias in Survey Experiments
  SSRN Electronic Journal, Vol. 33
- A Picture Is Not Worth 1,000 Words: Mitigating Treatment Recall Bias in Survey Experiments
  SSRN Electronic Journal, Vol. 33
- Information Security Policy Compliance
  SSRN Electronic Journal, Vol. 42
- Interrupting Interruptions: A Digital Experiment on Social Media and Performance
  SSRN Electronic Journal, Vol. 87
- Information Disclosure and Security Vulnerability Awareness: A Large-Scale Randomized Field Experiment in Pan-Asia
  SSRN Electronic Journal, Vol. 72
- Non-Compliant Mobile Device Usage and Information Systems Security: A Bystander Theory Perspective
  International Journal of Information Systems and Social Change, Vol. 9, No. 1
- Roles of Organizational Climate, Social Bonds, and Perceptions of Security Threats on IS Security Policy Compliance Intentions
  Information Resources Management Journal, Vol. 31, No. 1
- Beyond Cybersecurity Awareness
  28 December 2017
- Quantitative Assessment of Information Security Awareness on Informatics Students in a University
  27 December 2017
- A Deterrence Approach to Regulate Nurses’ Compliance with Electronic Medical Records Privacy Policy
  3 November 2017 | Journal of Medical Systems, Vol. 41, No. 12
- A new perspective on neutralization and deterrence: Predicting shadow IT usage
  Information & Management, Vol. 54, No. 8
- Workplace Cyberdeviance
  28 August 2017
- My computer is infected: the role of users’ sensation seeking and domain-specific risk perceptions and risk attitudes on computer harm
  11 March 2016 | Journal of Risk Research, Vol. 20, No. 11
- Determinants of early conformance with information security policies
  Information & Management, Vol. 54, No. 7
- An empirical study on the susceptibility to social engineering in social networking sites: the case of Facebook
  15 February 2018 | European Journal of Information Systems, Vol. 26, No. 6
- Which phish get caught? An exploratory study of individuals′ susceptibility to phishing
  15 February 2018 | European Journal of Information Systems, Vol. 26, No. 6
- Organizational information security policies: a review and research framework
  15 February 2018 | European Journal of Information Systems, Vol. 26, No. 6
- Why security and privacy research lies at the centre of the information systems (IS) artefact: proposing a bold research agenda
  15 February 2018 | European Journal of Information Systems, Vol. 26, No. 6
- Deterrence and punishment experience impacts on ISP compliance attitudes
  Information & Computer Security, Vol. 25, No. 4
- User Motivations in Protecting Information Security: Protection Motivation Theory Versus Self-Determination Theory
  2 January 2018 | Journal of Management Information Systems, Vol. 34, No. 4
- Analysis of Protective Behavior and Security Incidents for Home Computers
  1 November 2016 | Journal of Computer Information Systems, Vol. 57, No. 4
- Predicting information security policy compliance intentions and behavior for six employee-based risks
  29 January 2018 | Journal of Information Privacy and Security, Vol. 13, No. 4
- Information security awareness level measurement for employee: Case study at ministry of research, technology, and higher education
- Effect of Perceived Justice on Subcontractor Willingness to Cooperate: The Mediating Role of Relationship Value
  Journal of Construction Engineering and Management, Vol. 143, No. 9
- A generic framework for information security policy development
- When Do IT Security Investments Matter? Accounting for the Influence of Institutional Factors in the Context of Healthcare Data Breaches1
  1 September 2017 | MIS Quarterly, Vol. 41, No. 3
- Reliable Behavioural Factors in the Information Security Context
  29 August 2017
- Review of IS Security Policy Compliance
  2 August 2017 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 48, No. 3
- From Information Security Awareness to Reasoned Compliant Action
  2 August 2017 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 48, No. 3
- The effect of compliance knowledge and compliance support systems on information security compliance behavior
  Journal of Knowledge Management, Vol. 21, No. 4
- Exploring Organizational Culture for Information Security in Healthcare Organizations: A Literature Review
- Effects of Organization Insiders' Self-Control and Relevant Knowledge on Participation in Information Systems Security Deviant Behavior
  21 June 2017
- Organizational information security as a complex adaptive system: insights from three agent-based models
  4 November 2015 | Information Systems Frontiers, Vol. 19, No. 3
- Exploring behavioral information security networks in an organizational context: An empirical case study
  Journal of Information Security and Applications, Vol. 34
- Impact of Design Risk on the Performance of Design-Build Projects
  Journal of Construction Engineering and Management, Vol. 143, No. 6
- Behavior-intention analysis and human-aware computing: Case study and discussion
- Professional Virtue Reinforcements: A Necessary Complement to Technological and Policy Reforms
  1 January 2017 | Journal of Information Systems, Vol. 31, No. 2
- Cybercrime Deterrence and International Legislation: Evidence from Distributed Denial of Service Attacks1
  1 June 2017 | MIS Quarterly, Vol. 41, No. 2
- An integrative model of information security policy compliance with psychological contract: Examining a bilateral perspective
  Computers & Security, Vol. 66
- The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies
  Computers & Security, Vol. 66
- Familiarity with Internet threats: Beyond awareness
  Computers & Security, Vol. 66
- Privilege or procedure: Evaluating the effect of employee status on intent to comply with socially interactive information security threats and controls
  Computers & Security, Vol. 66
- The Effect of Procedural and Technological Security Countermeasures on the Propensity to Misuse Medical Data
  18 July 2017 | Journal of Information Privacy and Security, Vol. 13, No. 2
- Setting a knowledge boundary across teams: knowledge protection regulation for inter-team coordination and team performance
  Journal of Knowledge Management, Vol. 21, No. 2
- Cyber-rumor sharing under a homeland security threat in the context of government Internet surveillance: The case of South-North Korea conflict
  Government Information Quarterly, Vol. 34, No. 2
- Security behaviors of healthcare providers using HIT outside of work: A technology threat avoidance perspective
- The role of information security learning and individual factors in disclosing patients' health information
  Computers & Security, Vol. 65
- The paradoxical effects of legal intervention over unethical information technology use: A rational choice theory perspective
  The Journal of Strategic Information Systems, Vol. 26, No. 1
- Towards analysing the rationale of information security non-compliance: Devising a Value-Based Compliance analysis method
  The Journal of Strategic Information Systems, Vol. 26, No. 1
- Why not comply with information security? An empirical approach for the causes of non-compliance
  Online Information Review, Vol. 41, No. 1
- Market Reaction to Security Breach Announcements
  8 February 2017 | ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Vol. 48, No. 1
- Towards a conceptual framework for protection of personal information from the perspective of activity theory
  6 November 2017 | SA Journal of Information Management, Vol. 19, No. 1
- To Cyberloaf or Not to Cyberloaf: The Impact of the Announcement of Formal Organizational Controls
  20 April 2017 | Journal of Management Information Systems, Vol. 34, No. 1
- Herausforderung Korruptionsprävention in KMU meistern
  30 March 2017
- Behavior Change Interventions for Cybersecurity
- Examining the intended and unintended consequences of organisational privacy safeguards
  19 December 2017 | European Journal of Information Systems, Vol. 26, No. 1
- Information systems security policy implementation in practice: from best practices to situated practices
  19 December 2017 | European Journal of Information Systems, Vol. 26, No. 1
- Accounting for the Human User in Predictive Security Models
- Competing with Spams More Fiercely: An Empirical Study on the Effectiveness of Anti-Spam Legislation
  SSRN Electronic Journal, Vol. 50
- Deterrence-Driven Algorithms for Audit Under the Sentinel Effect
  SSRN Electronic Journal, Vol. 22
- The Impact of Online Training on Facebook Privacy
- An Exploration Regarding Issues in Insider Threat
- Strategic Approach towards Clinical Information Security
- The Information and Communication Technology User Role: Implications for the Work Role and Inter-Role Spillover
  27 December 2016 | Frontiers in Psychology, Vol. 7
- Employees' information security policy compliance: A norm activation perspective
  Decision Support Systems, Vol. 92
- Your memory is working against you: How eye tracking and memory explain habituation to security warnings
  Decision Support Systems, Vol. 92
- Resistance and power in a security certification scheme: The case of c:cure
  Decision Support Systems, Vol. 92
- How would information disclosure influence organizations’ outbound spam volume? Evidence from a field experiment
  26 December 2016 | Journal of Cybersecurity, Vol. 2, No. 1
- Information security policies: A review of challenges and influencing factors
- A theory-based review of information security behavior in the organization and home context
- Persuasive Technology for Improving Information Security Awareness and Behavior: Literature Review
- Internet aggression in online communities: a contemporary deterrence perspective
  28 May 2015 | Information Systems Journal, Vol. 26, No. 6
- “Cargo Cult” science in traditional organization and information systems survey research: A case for using nontraditional methods of data collection, including Mechanical Turk and online panels
  The Journal of Strategic Information Systems, Vol. 25, No. 3
- This is my device! Why should I follow your rules? Employees’ compliance with BYOD security policy
  Pervasive and Mobile Computing, Vol. 32
- A Study on the Effect of Learning Activities and Feedback Seeking Behavior toward the End Users' Faithful Appropriation of Information Security System
  The Journal of Information Systems, Vol. 25, No. 3
- The Effect of Information Security Certification Announcement on the Market Value of Firms
  Journal of the Korea society of IT services, Vol. 15, No. 3
- Curiosity Killed the Organization
  28 September 2016
- The Employee's Information Security Policy Compliance Intention : Theory of Planned Behavior, Goal Setting Theory, and Deterrence Theory Applied
  Journal of Digital Convergence, Vol. 14, No. 7
- Nontechnical Deterrence Effects of Mild and Severe Internet Use Policy Reminders in Reducing Employee Internet Abuse
  2 May 2016 | International Journal of Human-Computer Interaction, Vol. 32, No. 7
- The Effect of Organizational Information Security Environment on the Compliance Intention of Employee
  The Journal of Information Systems, Vol. 25, No. 2
- Shaping intention to resist social engineering through transformational leadership, information security culture and awareness
  Computers & Security, Vol. 59
- Information system security commitment: A study of external influences on senior management
  Computers & Security, Vol. 59
- Procedural justice to enhance compliance with non-work-related computing (NWRC) rules: Its determinants and interaction with privacy concerns
  International Journal of Information Management, Vol. 36, No. 3
- Factors Impacting the Intention to Use Emergency Notification Services in Campus Emergencies: An Empirical Investigation
  IEEE Transactions on Professional Communication, Vol. 59, No. 2
- An Integrated Approach to Information Systems Security Policy Violation
  9 May 2016
- Dispositional and situational factors: influences on information security policy violations
  19 December 2017 | European Journal of Information Systems, Vol. 25, No. 3
- Taking promotion and prevention mechanisms matter for information systems security policy in Chinese SMEs
- A Study on Employee's Compliance Behavior towards Information Security Policy : A Modified Triandis Model
  Journal of Digital Convergence, Vol. 14, No. 4
- The impact of attitudinal factors on intention to report workplace Internet abuse
  6 April 2016 | Journal of Information Privacy and Security, Vol. 12, No. 2
- A study on the antecedents of healthcare information protection intention
  14 September 2015 | Information Systems Frontiers, Vol. 18, No. 2
- SECURQUAL: An Instrument for Evaluating the Effectiveness of Enterprise Information Security Programs
  1 August 2015 | Journal of Information Systems, Vol. 30, No. 1
- The influence of information security on the adoption of web-based integrated information systems: an e-government study in Peru
  13 January 2015 | Information Technology for Development, Vol. 22, No. 1
- Impact of Network Structure on Malware Propagation: A Growth Curve Perspective
  17 June 2016 | Journal of Management Information Systems, Vol. 33, No. 1
- Critical Times for Organizations: What Should Be Done to Curb Workers’ Noncompliance With IS Security Policy Guidelines?
  30 November 2015 | Information Systems Management, Vol. 33, No. 1
- A Proposed Framework for Examining Information Systems Security Research: A Multilevel Perspective
  27 March 2016
- Developing a Human Activity Model for Insider IS Security Breaches Using Action Design Research
  11 May 2016
- Cyber Security Awareness and Its Impact on Employee’s Behavior
  18 November 2016
- Utilizing webcam-based proctoring to deter misconduct in online exams
  Computers & Education, Vol. 92-93
- A model of emotion and computer abuse
  Information & Management, Vol. 53, No. 1
- Toward an Ontology of Workarounds: A Literature Review on Existing Concepts
- Using Context-Based Password Strength Meter to Nudge Users' Password Generating Behavior: A Randomized Experiment
  SSRN Electronic Journal, Vol. 48
- IT Governance, Security Outsourcing, and Cybersecurity Breaches: Evidence from the U.S. Higher Education
  SSRN Electronic Journal, Vol. 2
- Security and Privacy Issues in Cloud-Based E-Government
- Strategic Approach towards Clinical Information Security
- An Ex Ante Evaluation Method for Assessing a Government Enforced Security Measure
  The Journal of Society for e-Business Studies, Vol. 20, No. 4
- A Privacy Preserving Context-Aware Insider Threat Prediction and Prevention Model Predicated on the Components of the Fraud Diamond
- The Effect of a Surveillance Banner in an Attacked Computer System
  13 June 2015 | Journal of Research in Crime and Delinquency, Vol. 52, No. 6
- The Impact of Organizational Commitment on Insiders’ Motivation to Protect Organizational Information Assets
  13 April 2016 | Journal of Management Information Systems, Vol. 32, No. 4
- Job Quitters, Information Security Awareness, and Knowledge Management Strategies
  22 December 2015 | Journal of Information Privacy and Security, Vol. 11, No. 4
- Research Note—An Exploration of Risk Characteristics of Information Security Threats and Related Public Information Search Behavior
  Jingguo Wang,
  Nan Xiao,
  H. Raghav Rao
  22 July 2015 | Information Systems Research, Vol. 26, No. 3
- Information Disclosure and the Diffusion of Information Security Attacks
  Sabyasachi Mitra,
  Sam Ransbotham
  18 August 2015 | Information Systems Research, Vol. 26, No. 3
- Relationships between need-pull/technology-push and information security management and the moderating role of regulatory pressure
  27 February 2015 | Information Technology and Management, Vol. 16, No. 3
- Proposing the control‐reactance compliance model (CRCM) to explain opposing motivations to comply with organisational information security policies
  8 July 2014 | Information Systems Journal, Vol. 25, No. 5
- Investigating of Psychological Factors Affecting Information Security Compliance Intention: Convergent Approach to Information Security and Organizational Citizenship Behavior
  Journal of Digital Convergence, Vol. 13, No. 8
- Does Device Matter? Understanding How User, Device, and Usage Characteristics Influence Risky IT Behaviors of Individuals
- Analyzing the role of cognitive and cultural biases in the internalization of information security policies: Recommendations for information security awareness programs
  Computers & Security, Vol. 52
- Cracks in the Security Foundation
  4 June 2015
- The Role of Extra-Role Behaviors and Social Controls in Information Security Policy Effectiveness
  Jack Shih-Chieh Hsu,
  Sheng-Pao Shih,
  Yu Wen Hung,
  Paul Benjamin Lowry
  19 June 2015 | Information Systems Research, Vol. 26, No. 2
- Learning to cope with information security risks regarding mobile device loss or theft: An empirical examination
  Information & Management, Vol. 52, No. 4
- The Influence of Restrictions toward Online Game Misbehavior on Users' Emotional States and Intention to Reuse
  Asia-Pacific Journal of Business Venturing and Entrepreneurship, Vol. 10, No. 3
- Increasing Accountability Through User-Interface Design Artifacts: A New Approach To Addressing the Problem of Access-Policy Violations1
  1 June 2015 | MIS Quarterly, Vol. 39, No. 2
- Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: an empirical study of the influence of counterfactual reasoning and organisational trust
  24 February 2015 | Information Systems Journal, Vol. 25, No. 3
- Editorial
  18 March 2015 | Information Systems Journal, Vol. 25, No. 3
- Security investment and information sharing under an alternative security breach probability function
  23 February 2013 | Information Systems Frontiers, Vol. 17, No. 2
- Expert assessment of the top platform independent cybersecurity skills for non-IT professionals
- Does Self-Regulatory Efficacy Matter? Effects of Punishment Certainty and Punishment Severity on Organizational Deviance
  18 June 2015 | Sage Open, Vol. 5, No. 2
- Checking the manipulation checks in information security research
  Information & Computer Security, Vol. 23, No. 1
- Early to Adopt and Early to Discontinue: The Impact of Self-Perceived and Actual IT Knowledge on Technology Use Behaviors of End Users
  Rohit Aggarwal,
  David Kryscynski,
  Vishal Midha,
  Harpreet Singh
  26 March 2015 | Information Systems Research, Vol. 26, No. 1
- Impacts of Comprehensive Information Security Programs on Information Security Culture
  10 December 2015 | Journal of Computer Information Systems, Vol. 55, No. 3
- Education and Prevention Relationships on Security Incidents for Home Computers
  10 December 2015 | Journal of Computer Information Systems, Vol. 55, No. 3
- Insider Threats in a Financial Institution: Analysis of Attack-Proneness of Information Systems Applications1
  1 March 2015 | MIS Quarterly, Vol. 39, No. 1
- An Enhanced Fear Appeal Rhetorical Framework: Leveraging Threats to the Human Asset Through Sanctioning RhetoriC1
  1 March 2015 | MIS Quarterly, Vol. 39, No. 1
- Man-At-The-End attacks: Analysis, taxonomy, human aspects, motivation and future directions
  Journal of Network and Computer Applications, Vol. 48
- Information Systems Security
  21 January 2015
- Factors that Influence Information Security Behavior: An Australian Web-Based Study
  21 July 2015
- Identifying Factors that Influence Employees’ Security Behavior for Enhancing ISP Compliance
  5 August 2015
- A system dynamics model for information security management
  Information & Management, Vol. 52, No. 1
- Information Security Management in Saudi Arabian Organizations
  Procedia Computer Science, Vol. 56
- Information Security Awareness at the Knowledge-Based Institution: Its Antecedents and Measures
  Procedia Computer Science, Vol. 72
- Managing the introduction of information security awareness programmes in organisations
  19 December 2017 | European Journal of Information Systems, Vol. 24, No. 1
- The Role of Self-Control in Information Security Violations: Insights from a Cognitive Neuroscience Perspective
  15 April 2015 | Journal of Management Information Systems, Vol. 31, No. 4
- The Behavioral Roots of Information Systems Security: Exploring Key Factors Related to Unethical IT Use
  15 April 2015 | Journal of Management Information Systems, Vol. 31, No. 4
- Empowerment or Control: Reconsidering Employee Security Policy Compliance in Terms of Authorization
- Investigating the Correlation between Intention and Action in the Context of Social Engineering in Two Different National Cultures
- The Role of Social Status and Controllability on Employee Intent to Follow Organizational Information Security Requirements
- Assessing the Role of Security Education, Training, and Awareness on Insiders' Security-Related Behavior: An Expectancy Theory Approach
- Evolvement of Information Security Research on Employees' Behavior: A Systematic Review and Future Direction
- Management of Technical Security Measures
- What Drives Information Security Policy Violations among Banking Employees?
  Journal of Global Information Management, Vol. 23, No. 1
- The clock is ticking: The role of uncertainty, regulatory focus, and level of risk on supply chain disruption decision making behavior
  Transportation Research Part E: Logistics and Transportation Review, Vol. 72
- A Path to Successful Management of Employee Security Compliance: An Empirical Study of Information Security Climate
  IEEE Transactions on Professional Communication, Vol. 57, No. 4
- I'm Game, are You? Reducing Real-World Security Threats by Managing Employee Activity in Online Social Networks
  1 April 2014 | Journal of Information Systems, Vol. 28, No. 2
- Information security awareness and behavior: a theory-based literature review
  Management Research Review, Vol. 37, No. 12
- Security culture and the employment relationship as drivers of employees’ security compliance
  Information Management & Computer Security, Vol. 22, No. 5
- Public IT service strategy for social information security in the intelligence all-things environment
  30 September 2014 | Electronic Commerce Research, Vol. 14, No. 3
- Exploring the effects of organizational justice, personal ethics and sanction on internet use policy compliance
  27 March 2014 | Information Systems Journal, Vol. 24, No. 6
- Secure Team Composition to Thwart Insider Threats and Cyber-Espionage
  28 October 2014 | ACM Transactions on Internet Technology, Vol. 14, No. 2-3
- Development and validation of instruments of information security deviant behavior
  Decision Support Systems, Vol. 66
- Converting browsers into recurring customers: an analysis of the determinants of sponsored search success for monthly subscription services
  28 May 2014 | Information Technology and Management, Vol. 15, No. 3
- Understanding personal use of the Internet at work: An integrated model of neutralization techniques and general deterrence theory
  Computers in Human Behavior, Vol. 38
- Disclosing too much? Situational factors affecting information disclosure in social commerce environment
  Electronic Commerce Research and Applications, Vol. 13, No. 5
- Threat Protection and Convenience: Antecedents of Cloud-Based Data Backup
  10 December 2015 | Journal of Computer Information Systems, Vol. 55, No. 1
- The Impact of Information Security Awareness on Compliance with Information Security Policies: a Phishing Perspective
- Bridging the divide: A qualitative comparison of information security thought patterns between information security professionals and ordinary organizational insiders
  Information & Management, Vol. 51, No. 5
- Reflecting on the Ability of Enterprise Security Policy to Address Accidental Insider Threat
- Explaining Users' Security Behaviors with the Security Belief Model
  Journal of Organizational and End User Computing, Vol. 26, No. 3
- An exploratory investigation of message-person congruence in information security awareness campaigns
  Computers & Security, Vol. 43
- Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture
  Computers & Security, Vol. 43
- An emote opportunity model of computer abuse
  Information Technology & People, Vol. 27, No. 2
- Behavioral Information Security Management
  1 May 2014
- Privacy, Accuracy and Accessibility of Digital Business
  1 May 2014
- Is Your Banker Leaking Your Personal Information? The Roles of Ethics and Individual-Level Cultural Characteristics in Predicting Organizational Computer Abuse
  25 April 2013 | Journal of Business Ethics, Vol. 121, No. 3
- Guidelines for improving the contextual relevance of field surveys: the case of information security policy violations
  19 December 2017 | European Journal of Information Systems, Vol. 23, No. 3
- Information security strategies: towards an organizational multi-strategy perspective
  22 July 2012 | Journal of Intelligent Manufacturing, Vol. 25, No. 2
- Variables influencing information security policy compliance
  Information Management & Computer Security, Vol. 22, No. 1
- Employees’ adherence to information security policies: An exploratory field study
  Information & Management, Vol. 51, No. 2
- User's Adoption of Free Third-Party Security Apps
  10 December 2015 | Journal of Computer Information Systems, Vol. 54, No. 3
- Why Security Awareness Education is not Effective?
  Journal of Digital Convergence, Vol. 12, No. 2
- Bibliography
  21 February 2014
- Towards a Community-Centered Knowledge Management Architecture for Disaster Management in Sub-Saharan Africa
  20 December 2013
- A Model for Information Security Compliant Behaviour in the Healthcare Context
  Procedia Technology, Vol. 16
- Mobile Personal Health Records: Research Agenda for Applications in Global Health
- Assessing Sunk Cost Effect on Employees' Intentions to Violate Information Security Policies in Organizations
- Why Individuals Commit Information Security Violations: Neural Correlates of Decision Processes and Self-Control
- Bridging the Divide: A Qualitative Comparison of Information Security Thought Patterns between Information Security Professionals and Ordinary Organizational Insiders
  SSRN Electronic Journal, Vol. 63
- Understanding Employee Responses to Stressful Information Security Requirements: A Coping Perspective
  7 December 2014 | Journal of Management Information Systems, Vol. 31, No. 2
- The Study on Financial Firm's Performance Resulting from Security Countermeasures and the Moderating Effect of Transformational Leadership
  Journal of the Korean Operations Research and Management Science Society, Vol. 38, No. 4
- Insiders’ Protection of Organizational Information Assets: Development of a Systematics-Based Taxonomy and Theory of Diversity for Protection-Motivated Behaviors1
  1 December 2013 | MIS Quarterly, Vol. 37, No. 4
- Moral Disengagement in Information Security Context: A Study of Antecedents and Outcomes
  The Journal of Digital Policy and Management, Vol. 11, No. 11
- Don't make excuses! Discouraging neutralization to reduce IT policy violation
  Computers & Security, Vol. 39
- Understanding the violation of IS security policy in organizations: An integrated model based on social control and deterrence theory
  Computers & Security, Vol. 39
- Social action theory for understanding information security non-compliance in hospitals
  Information Management & Computer Security, Vol. 21, No. 4
- Social Engineering Preparedness of Online Banks: An Asia-Pacific Perspective
  7 July 2014 | Journal of Global Information Technology Management, Vol. 16, No. 4
- Health-Care Security Strategies for Data Protection and Regulatory Compliance
  8 December 2014 | Journal of Management Information Systems, Vol. 30, No. 2
- Using the theory of interpersonal behavior to explain non-work-related personal use of the Internet at work
  Information & Management, Vol. 50, No. 6
- Push and pull effects of homeland information security incentives
  Information Management & Computer Security, Vol. 21, No. 3
- The Drivers in the Use of Online Whistle-Blowing Reporting Systems
  8 December 2014 | Journal of Management Information Systems, Vol. 30, No. 1
- A Composite Framework for Behavioral Compliance with Information Security Policies
  Journal of Organizational and End User Computing, Vol. 25, No. 3
- Simplicity is Bliss
  Journal of Organizational and End User Computing, Vol. 25, No. 3
- Assessing the Value of Formal Control Mechanisms on Strong Password Selection
  International Journal of Secure Software Engineering, Vol. 4, No. 3
- Ensuring Employees' IT Compliance: Carrot or Stick?
  Huigang Liang,
  Yajiong Xue,
  Liansheng Wu,
  27 July 2012 | Information Systems Research, Vol. 24, No. 2
- Determining the antecedents of digital security practices in the general public dimension
  8 June 2013 | Information Technology and Management, Vol. 14, No. 2
- An Empirical Study on Influential Factors of the Development and Implementation in Firm Security Management
  Management & Information Systems Review, Vol. 32, No. 2
- The effects of sanctions and stigmas on cyberloafing
  Computers in Human Behavior, Vol. 29, No. 3
- The dark side of information technology use
  6 March 2013 | Information Systems Journal, Vol. 23, No. 3
- Using Accountability to Reduce Access Policy Violations in Information Systems
  8 December 2014 | Journal of Management Information Systems, Vol. 29, No. 4
- Understanding insiders: An analysis of risk-taking behavior
  24 August 2010 | Information Systems Frontiers, Vol. 15, No. 1
- Human resource information systems: Information security concerns for organizations
  Human Resource Management Review, Vol. 23, No. 1
- A Study of the Factors that Influence the Information Security Policy Compliance of Employees in Financial Firms
  Journal of Korea Service Management Society, Vol. 14, No. 1
- Beyond Deterrence: An Expanded View of Employee Computer Abuse1
  1 March 2013 | MIS Quarterly, Vol. 37, No. 1
- Future directions for behavioral information security research
  Computers & Security, Vol. 32
- Security-related behavior in using information systems in the workplace: A review and synthesis
  Computers & Security, Vol. 32
- Managing the Weakest Link
- Improving Information Security Behaviour in the Healthcare Context
  Procedia Technology, Vol. 9
- Employees' Information Security Awareness and Behavior: A Literature Review
- Healthcare Security Strategies for Regulatory Compliance and Data Security
- Information Security Policy Compliance: An Empirical Study of Ethical Ideology
- Management of Technical Security Measures: An Empirical Examination of Personality Traits and Behavioral Intentions
- Explaining Opposing Compliance Motivations towards Organizational Information Security Policies
- A Path Way to Successful Management of Individual Intention to Security Compliance: A Role of Organizational Security Climate
- Security practices and regulatory compliance in the healthcare industry
  6 September 2012 | Journal of the American Medical Informatics Association, Vol. 20, No. 1
- Spam and Botnet Reputation Randomized Control Trials and Policy
  SSRN Electronic Journal, Vol. 7
- Nature vs. Nurture: The Genetic Basis of Fraud Victimization
  SSRN Electronic Journal, Vol. 52
- Management of Technical Security Measures
  International Journal of Social and Organizational Dynamics in IT, Vol. 3, No. 1
- Personality Traits and Cognitive Determinants—An Empirical Investigation of the Use of Smartphone Security Measures
  Journal of Information Security, Vol. 04, No. 04
- Employee Misuse of Information Technology Resources: Testing a Contemporary Deterrence Model
  22 October 2012 | Decision Sciences, Vol. 43, No. 6
- Organizations' Information Security Policy Compliance: Stick or Carrot Approach?
  9 December 2014 | Journal of Management Information Systems, Vol. 29, No. 3
- New insights into the problem of software piracy: The effects of neutralization, shame, and moral beliefs
  Information & Management, Vol. 49, No. 7-8
- Organizational Culture, Competitive Strategy, and Performance in Ghana
  8 November 2012 | Journal of African Business, Vol. 13, No. 3
- The Dark Side of Online Knowledge Sharing (Retracted)
  1 July 2012 | Journal of Information Systems, Vol. 26, No. 2
- Improving information security management: An analysis of ID–password usage and a new login vulnerability measure
  International Journal of Information Management, Vol. 32, No. 5
- The effects of multilevel sanctions on information security violations: A mediating model
  Information & Management, Vol. 49, No. 6
- Institutional Influences on Information Systems Security Innovations
  Carol Hsu,
  Jae-Nam Lee,
  Detmar W. Straub,
  9 January 2012 | Information Systems Research, Vol. 23, No. 3-part-2
- The relationship between internal audit and information security: An exploratory investigation
  International Journal of Accounting Information Systems, Vol. 13, No. 3
- Determinants of Joint Action in International Channels of Distribution: The Moderating Role of Psychic Distance
  1 September 2012 | Journal of International Marketing, Vol. 20, No. 3
- Analyzing trajectories of information security awareness
  Information Technology & People, Vol. 25, No. 3
- A Multi-objective Decision Support Framework for Simulation-Based Security Control Selection
- Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture*
  28 May 2012 | Decision Sciences, Vol. 43, No. 4
- WITHDRAWN: The effects of multilevel sanctions on information security violations: A mediating model
  Information & Management, Vol. 50
- Internet Study
  International Journal of Cyber Warfare and Terrorism, Vol. 2, No. 3
- Strategic value and drivers behind organizational adoption of enterprise DRM: The korean case
  30 June 2012 | Journal of Service Science Research, Vol. 4, No. 1
- Does Security Impact E‐procurement Performance? Testing a Model of Direct and Moderated Effects
  26 April 2012 | Decision Sciences, Vol. 43, No. 3
- Security versus convenience? An experimental study of user misperceptions of wireless internet service quality
  Decision Support Systems, Vol. 53, No. 1
- Applying an extended model of deterrence across cultures: An investigation of information systems misuse in the U.S. and South Korea
  Information & Management, Vol. 49, No. 2
- A Conceptual Analysis about the Organizational Impact of Compliance on Information Security Policy
- Cognitive Elaboration on Potential Outcomes and Its Effects on Employees’ Information Security Policy Compliance Intention–Exploring the Key Antecedents
- Towards Understanding Deterrence: Information Security Managers’ Perspective
  7 December 2011
- Assimilation of Security-Related Policies in U.S. Firms: An Empirical Study of Web Assimilation and Related Knowledge as Antecedents
- Forget the Fluff: Examining How Media Richness Influences the Impact of Information Security Training on Secure Behavior
- Moral Beliefs, Self-Control, and Sports: Effective Antidotes to the Youth Computer Hacking Epidemic
- A Composite Framework for Behavioral Compliance with Information Security Policies
- Reducing Unauthorized Access by Insiders through User Interface Design: Making End Users Accountable
- Security Policy Compliance: User Acceptance Perspective
- IS Security Policy Violations
  Journal of Organizational and End User Computing, Vol. 24, No. 1
- A review and analysis of deterrence theory in the IS security literature: making sense of the disparate findings
  19 December 2017 | European Journal of Information Systems, Vol. 20, No. 6
- Out of fear or desire? Toward a better understanding of employees’ motivation to follow IS security policies
  Information & Management, Vol. 48, No. 7
- Security Risk Management at a Fortune 500 Firm: A Case Study
  10 September 2014 | Journal of Information Privacy and Security, Vol. 7, No. 4
- Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model
  8 December 2014 | Journal of Management Information Systems, Vol. 28, No. 2
- Understanding the mindset of the abusive insider: An examination of insiders’ causal reasoning following internal security changes
  Computers & Security, Vol. 30, No. 6-7
- Cybercrime: Awareness and Fear: Slovenian Perspectives
- Punishment, Justice, and Compliance in Mandatory IT Settings
  Yajiong Xue,
  Huigang Liang,
  Liansheng Wu,
  19 February 2010 | Information Systems Research, Vol. 22, No. 2
- Does deterrence work in reducing information security policy abuse by employees?
  1 June 2011 | Communications of the ACM, Vol. 54, No. 6
- The influence of the informal social learning environment on information privacy policy compliance efficacy and intention
  19 December 2017 | European Journal of Information Systems, Vol. 20, No. 3
- Uncertainty and Knowledge of Online Hazards: An Experimental Study
  SSRN Electronic Journal, Vol. 30
- Knowledge for Managing Information Systems Security
- Safe Contexts for Interorganizational Collaborations Among Homeland Security Professionals
  8 December 2014 | Journal of Management Information Systems, Vol. 27, No. 2
- Neutralization: New Insights into the Problem of Employee Information Systems Security Policy Violations1
  1 September 2010 | MIS Quarterly, Vol. 34, No. 3
- User Participation in Information Systems Security Risk Management1
  1 September 2010 | MIS Quarterly, Vol. 34, No. 3
- Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness1
  1 September 2010 | MIS Quarterly, Vol. 34, No. 3
- Practicing Safe Computing: A Multimethod Empirical Examination of Home Computer User Security Behavioral Intentions1
  1 September 2010 | MIS Quarterly, Vol. 34, No. 3
- Controlling A, While Hoping For B
- New Insights for an Old Problem: Explaining Software Piracy through Neutralization Theory
- What levels of moral reasoning and values explain adherence to information security rules? An empirical study
  19 December 2017 | European Journal of Information Systems, Vol. 18, No. 2
- A Simulation of Various Variable Hacker Populations
- Diversity in Network Attacker Motivation: A Literature Review
- Computer Virus Propagation in a Network Organization: The Interplay between Social and Technological Networks
  SSRN Electronic Journal, Vol. 5
- Engaging Remote Employees
  Journal of Organizational and End User Computing, Vol. 25, No. 1

cover image Information Systems Research

Volume 20, Issue 1

March 2009

Pages 1-157

Article Information

Metrics

Information

Received:July 11, 2006
Published Online:March 01, 2009

Cite as

John D'Arcy, Anat Hovav, Dennis Galletta, (2009) User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach. Information Systems Research 20(1):79-98.

https://doi.org/10.1287/isre.1070.0160

Keywords

PDF download

Available Issues

Available Issues

Available Issues

Available Issues

Available Issues

User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach

References

Volume 20, Issue 1

Article Information

Metrics

Information

Cite as

Keywords

Sign Up for INFORMS Publications Updates and News