Help
Cart
Skip main navigation

Available Issues

April 10, 2013 - April 2, 2026

Available Issues

April 10, 2013 - April 2, 2026

Exploring Contrasting Effects of Trust in Organizational Security Practices and Protective Structures on Employees’ Security-Related Precaution Taking

Published Online:8 Jan 2024https://doi.org/10.1287/isre.2021.0528

References

  • Allen NJ, Meyer JP (1990) The measurement and antecedents of affective, continuance and normative commitment to the organization. J. Occupational Psych. 63(1):1–18.CrossrefGoogle Scholar
  • Anderson CL, Agarwal R (2010) Practicing safe computing: A multimethod empirical examination of home computer user security behavioral intentions. MIS Quart. 34(3):613–643.CrossrefGoogle Scholar
  • Atkinson C (2007) Trust and the psychological contract. Employee Relations 29(3):227–246.CrossrefGoogle Scholar
  • Aurigemma S, Leonard L (2015) The influence of employee affective organizational commitment on security policy attitudes and compliance intentions. J. Inform. Systems Security 11(3):201–222.Google Scholar
  • Boss SR, Kirsch LJ, Angermeier I, Shingler RA, Boss RW (2009) If someone is watching, I’ll do what I’m asked: Mandatoriness, control, and information security. Eur. J. Inform. Systems 18(2):151–164.CrossrefGoogle Scholar
  • Burns AJ (2019) Security organizing: A framework for organizational information security mindfulness. ACM SIGMIS Database 50(4):14–27.CrossrefGoogle Scholar
  • Burns AJ, Roberts TL, Posey C, Lowry PB (2019) The adaptive roles of positive and negative emotions in organizational insiders’ security-based precaution taking. Inform. Systems Res. 30(4):1228–1247.LinkGoogle Scholar
  • Burns AJ, Roberts TL, Posey C, Bennett RJ, Courtney JF (2018) Intentions to comply vs. intentions to protect: A VIE theory approach to understanding the influence of insiders’ awareness of organizational SETA efforts. Decision Sci. 49(6):1187–1228.CrossrefGoogle Scholar
  • Chen Y, Zahedi FM (2016) Individuals’ Internet security perceptions and behaviors: Polycontextual contrasts between the United States and China. MIS Quart. 40(1):205–222.CrossrefGoogle Scholar
  • Cheung GW, Rensvold RB (2002) Evaluating goodness-of-fit indexes for testing measurement invariance. Structural Equation Model. 9(2):233–255.CrossrefGoogle Scholar
  • Chin WW, Thatcher JB, Wright RT, Steel D (2013) Controlling for common method variance in PLS analysis: The measured latent marker variable approach. Abdi H, Chin W, Esposito Vinzi V, Russolillo G, Trinchera L, eds. New Perspectives in Partial Least Squares and Related Methods (Springer, New York), 231–239.CrossrefGoogle Scholar
  • Choi SB, Tran TBH, Park BI (2015) Inclusive leadership and work engagement: Mediating roles of affective organizational commitment and creativity. Soc. Behav. Personality 43(6):931–943.CrossrefGoogle Scholar
  • Chowdhury NH, Adam MT, Teubner T (2020) Time pressure in human cybersecurity behavior: Theoretical framework and countermeasures. Comput. Security 97:101963.CrossrefGoogle Scholar
  • Christensen-Salem A, Walumbwa FO, Babalola MT, Guo L, Misati E (2021) A multilevel analysis of the relationship between ethical leadership and ostracism: The roles of relational climate, employee mindfulness, and work unit structure. J. Bus. Ethics 171(3):619–638.CrossrefGoogle Scholar
  • Colquitt JA, Scott BA, LePine JA (2007) Trust, trustworthiness, and trust propensity: A meta-analytic test of their unique relationships with risk taking and job performance. J. Appl. Psych. 92(4):909–927.CrossrefGoogle Scholar
  • Coyle-Shapiro JA-M, Kessler I (2002) Exploring reciprocity through the lens of the psychological contract: Employee and employer perspectives. Eur. J. Work Organ. Psych. 11(1):69–86.CrossrefGoogle Scholar
  • Cram WA, D’Arcy J, Proudfoot JG (2019) Seeing the forest and the trees: A meta-analysis of the antecedents to information security policy compliance. MIS Quart. 43(2):525–554.CrossrefGoogle Scholar
  • Curcuruto M, Griffin MA (2016) Safety proactivity in the workplace: The initiative to improve individual, team, and organizational safety. Parker SK, Bindl UK, eds. Proactivity at Work: Making Things Happen in Organizations, Organization and Management Series (Routledge, New York), 221–238.Google Scholar
  • Curcuruto M, Parker SK, Griffin MA (2019) Proactivity toward workplace safety improvement: An investigation of its motivational drivers and organizational outcomes. Eur. J. Work Organ. Psych. 28(2):221–238.CrossrefGoogle Scholar
  • Dane E (2011) Paying attention to mindfulness and its effects on task performance in the workplace. J. Management 37(4):997–1018.CrossrefGoogle Scholar
  • D’Arcy J, Hovav A, Galletta D (2009) User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Inform. Systems Res. 20(1):79–98.LinkGoogle Scholar
  • Davis J, Agrawal D, Guo X (2023) Enhancing users’ security engagement through cultivating commitment: The role of psychological needs fulfilment. Eur. J. Inform. Systems 32(2):195–206.CrossrefGoogle Scholar
  • Dernbecher S, Beck R (2017) The concept of mindfulness in information systems research: A multi-dimensional analysis. Eur. J. Inform. Systems 26(2):121–142.CrossrefGoogle Scholar
  • Dhillon G, Backhouse J (2001) Current directions in IS security research: Toward socio-organizational perspectives. Inform. Systems J. 11(2):127–153.CrossrefGoogle Scholar
  • Dhillon G, Smith K, Dissanayaka I (2021) Information systems security research agenda: Exploring the gap between research and practice. J. Strategic Inform. Systems 30(4):101693.CrossrefGoogle Scholar
  • Dillon RL, Tinsley CH (2008) How near-misses influence decision making under risk: A missed opportunity for learning. Management Sci. 54(8):1425–1440.LinkGoogle Scholar
  • Dimoka A (2010) What does the brain tell us about trust and distrust? Evidence from a functional neuroimaging study. MIS Quart. 34(2):373–396.CrossrefGoogle Scholar
  • Dinev T, Hu Q (2007) The centrality of awareness in the formation of user behavioral intention toward protective information technologies. J. Assoc. Inform. Systems 8(7):387–408.Google Scholar
  • Dirks KT, Ferrin DL (2001) The role of trust in organizational settings. Organ. Sci. 12(4):450–467.LinkGoogle Scholar
  • Dirks KT, Ferrin DL (2002) Trust in leadership: Meta-analytic findings and implications for research and practice. J. Appl. Psych. 87(4):611–628.CrossrefGoogle Scholar
  • Faul F, Erdfelder E, Buchner A, Lang AG (2009) Statistical power analyses using G*Power 3.1: Tests for correlation and regression analyses. Behav. Res. Methods 41(4):1149–1160.CrossrefGoogle Scholar
  • Fornell C, Larcker DF (1981) Evaluating structural equation models with unobservable variables and measurement error. J. Marketing Res. 18(1):39–50.CrossrefGoogle Scholar
  • Fulmer CA, Gelfand MJ (2012) At what level (and in whom) we trust. J. Management 38(4):1167–1230.CrossrefGoogle Scholar
  • Gargiulo M, Ertug G (2006) The dark side of trust. Bachmann R, Zaheer A, eds. Handbook of Trust Research (Edward Elgar Publishing, Cheltenham, UK), 165–186.CrossrefGoogle Scholar
  • Gefen D, Benbasat I, Pavlou P (2008) A research agenda for trust in online environments. J. Management Inform. Systems 24(4):275–286.CrossrefGoogle Scholar
  • Gefen D, Karahanna E, Straub DW (2003) Trust and TAM in online shopping: An integrated model. MIS Quart. 27(1):51–90.CrossrefGoogle Scholar
  • Gefen D, Rigdon EE, Straub DW (2011) Editor’s comments: An update and extension to SEM guidelines for administrative and social science research. MIS Quart. 35(2):iii–xiv.CrossrefGoogle Scholar
  • Gilbert JA, Tang TLP (1998) An examination of organizational trust antecedents. Public Personnel Management 27(3):321–338.CrossrefGoogle Scholar
  • Gouldner AW (1960) The norm of reciprocity: A preliminary statement. Amer. Sociol. Rev. 25(2):161.CrossrefGoogle Scholar
  • Guan B, Hsu C (2020) The role of abusive supervision and organizational commitment on employees’ information security policy noncompliance intention. Internet Res. 30(5):1383–1405.CrossrefGoogle Scholar
  • Guo KH, Yuan Y, Archer NP, Connelly CE (2011) Understanding nonmalicious security violations in the workplace: A composite behavior model. J. Management Inform. Systems 28(2):203–236.CrossrefGoogle Scholar
  • Haag S, Siponen M, Liu F (2021) Protection motivation theory in information systems security research. ACM SIGMIS Database 52(2):25–67.CrossrefGoogle Scholar
  • Henseler J, Ringle CM, Sarstedt M (2015) A new criterion for assessing discriminant validity in variance-based structural equation modeling. J. Acad. Marketing Sci. 43(1):115–135.CrossrefGoogle Scholar
  • Herath T, Rao HR (2009a) Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems 47(2):154–165.CrossrefGoogle Scholar
  • Herath T, Rao HR (2009b) Protection motivation and deterrence: A framework for security policy compliance in organisations. Eur. J. Inform. Systems 18(2):106–125.CrossrefGoogle Scholar
  • Herath TC, Herath HSB, D’Arcy J (2020) Organizational adoption of information security solutions. ACM SIGMIS Database 51(2):12–35.CrossrefGoogle Scholar
  • Hong W, Chan KY, Thong JYL, Chasalow LC, Dhillon G (2014) A framework and guidelines for context-specific theorizing in information systems research. Inform. Systems Res. 25(1):111–136.LinkGoogle Scholar
  • Hsu JS, Shih SP, Hung YW, Lowry PB (2015) The role of extra-role behaviors and social controls in information security policy effectiveness. Inform. Systems Res. 26(2):282–300.LinkGoogle Scholar
  • Hu L, Bentler PM (1999) Cutoff criteria for fit indexes in covariance structure analysis: Conventional criteria vs. new alternatives. Structural Equation Model. 6(1):1–55.CrossrefGoogle Scholar
  • Ifinedo P (2014) Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Inform. Management 51(1):69–79.CrossrefGoogle Scholar
  • Jaeger L, Eckhardt A (2021) Eyes wide open: The role of situational information security awareness for security‐related behaviour. Inform. Systems J. 31(3):429–472.CrossrefGoogle Scholar
  • Jafri MH (2010) Organizational commitment and employee’s innovative behavior. J. Management Res. 10(1):62–68.Google Scholar
  • Jenkins JL, Anderson BB, Vance A, Kirwan CB, Eargle D (2016) More harm than good? How messages that interrupt can make us vulnerable. Inform. Systems Res. 27(4):880–896.LinkGoogle Scholar
  • Jensen ML, Dinger M, Wright RT, Thatcher JB (2017) Training to mitigate phishing attacks using mindfulness techniques. J. Management Inform. Systems 34(2):597–626.CrossrefGoogle Scholar
  • Jeon S, Hovav A, Han J, Alter S (2018) Rethinking the prevailing security paradigm. ACM SIGMIS Database 49(3):54–77.CrossrefGoogle Scholar
  • Karjalainen M, Sarker S, Siponen M (2019) Toward a theory of information systems security behaviors of organizational employees: A dialectical process perspective. Inform. Systems Res. 30(2):687–704.LinkGoogle Scholar
  • Khuntia J, Kathuria A, Andrade-Rojas MG, Saldanha TJV, Celly N (2021) How foreign and domestic firms differ in leveraging IT-enabled supply chain information integration in BOP markets: The role of supplier and client business collaboration. J. Assoc. Inform. Systems 22(3):695–738.Google Scholar
  • Kline RB (2016) Principles and Practice of Structural Equation Modeling, 4th ed. (Guilford Press, New York).Google Scholar
  • Kock N, Lynn G (2012) Lateral collinearity and misleading results in variance-based SEM: An illustration and recommendations. J. Assoc. Inform. Systems 13(7):546–580.Google Scholar
  • Komiak SYX, Benbasat I (2006) The effects of personalization and familiarity on trust and adoption of recommendation agents. MIS Quart. 30(4):941–960.CrossrefGoogle Scholar
  • Krishnan R, Martin X, Noorderhaven NG (2006) When does trust matter to alliance performance? Acad. Management J. 49(5):894–917.CrossrefGoogle Scholar
  • Landis JR, Koch GG (1977) The measurement of observer agreement for categorical data. Biometrics 33(1):159.CrossrefGoogle Scholar
  • Langer EJ (1989) Minding matters: The consequences of mindlessness–mindfulness. Adv. Experiment. Soc. Psych. 22:137–173.CrossrefGoogle Scholar
  • Langer EJ (2014) Mindfulness, 25th anniversary ed. (Da Capo Press, Philadelphia).Google Scholar
  • Langfred CW (2004) Too much of a good thing? Negative effects of high trust and individual autonomy in self-managing teams. Acad. Management J. 47(3):385–399.CrossrefGoogle Scholar
  • Lewis JD, Weigert A (1985) Trust as a social reality. Soc. Forces 63(4):967–985.CrossrefGoogle Scholar
  • Liang H, Xue Y (2009) Avoidance of information technology threats: A theoretical perspective. MIS Quart. 33(1):71–90.CrossrefGoogle Scholar
  • Liang H, Xue Y, Pinsonneault A, Wu Y (2019) What users do besides problem-focused coping when facing IT security threats: An emotion-focused coping perspective. MIS Quart. 43(2):373–394.CrossrefGoogle Scholar
  • Lindell MK, Whitney DJ (2001) Accounting for common method variance in cross-sectional research designs. J. Appl. Psych. 86(1):114–121.CrossrefGoogle Scholar
  • Lins S, Becker JM, Lyytinen K, Sunyaev A (2023) A design theory for certification presentations. SIGMIS Database 54(3):75–118.CrossrefGoogle Scholar
  • Lins S, Kromat T, Löbbers J, Benlian A, Sunyaev A (2022) Why don’t you join in? A typology of information system certification adopters. Decision Sci. 53(3):452–485.CrossrefGoogle Scholar
  • Liu C, Wang N, Liang H (2020) Motivating information security policy compliance: The critical role of supervisor-subordinate guanxi and organizational commitment. Internat. J. Inform. Management 54:102152.CrossrefGoogle Scholar
  • Loch KD, Carr HH, Warkentin M (1992) Threats to information systems: Today’s reality, yesterday’s understanding. MIS Quart. 16(2):173–186.CrossrefGoogle Scholar
  • Lowry PB, D’Arcy J, Hammer B, Moody GD (2016) ‘Cargo cult’ science in traditional organization and information systems survey research: A case for using nontraditional methods of data collection, including Mechanical Turk and online panels. J. Strategic Inform. Systems 25(3):232–240.CrossrefGoogle Scholar
  • Lowry PB, Moody GD, Galletta DF, Vance A (2013) The drivers in the use of online whistle-blowing reporting systems. J. Management Inform. Systems 30(1):153–190.CrossrefGoogle Scholar
  • Lowry PB, Posey C, Bennett RBJ, Roberts TL (2015) Leveraging fairness and reactance theories to deter reactive computer abuse following enhanced organisational information security policies: An empirical study of the influence of counterfactual reasoning and organisational trust. Inform. Systems J. 25(3):193–273.CrossrefGoogle Scholar
  • MacKinnon DP, Lockwood CM, Williams J (2004) Confidence limits for the indirect effect: Distribution of the product and resampling methods. Multivariate Behav. Res. 39(1):99–128.CrossrefGoogle Scholar
  • Macneil IR (1985) Relational contract: What we do and do not know. Wisconsin Law Rev. 4:483–525.Google Scholar
  • Maier C, Laumer S, Wirth J, Weitzel T (2019) Technostress and the hierarchical levels of personality: A two-wave study with multiple data samples. Eur. J. Inform. Systems 28(5):496–522.CrossrefGoogle Scholar
  • Markus ML (2017) Datification, organizational strategy, and IS research: What’s the score? J. Strategic Inform. Systems 26(3):233–241.CrossrefGoogle Scholar
  • Martin SR, Lee JJ, Parmar BL (2021) Social distance, trust and getting “hooked”: A phishing expedition. Organ. Behav. Human Decision Processes 166:39–48.CrossrefGoogle Scholar
  • Mayer RC, Davis JH, Schoorman FD (1995) An integrative model of organizational trust. Acad. Management Rev. 20(3):709–734.CrossrefGoogle Scholar
  • McAllister DJ (1997) The second face of trust: Reflections on the dark side of interpersonal trust in organizations. Lewicki RJ, Bies RJ, Sheppard BH, eds. Research on Negotiation in Organizations (JAI Press, Bingley, UK), 87–111.Google Scholar
  • McKnight DH, Choudhury V, Kacmar C (2002) Developing and validating trust measures for e-commerce: An integrative typology. Inform. Systems Res. 13(3):334–359.LinkGoogle Scholar
  • McKnight DH, Carter M, Thatcher JB, Clay PF (2011) Trust in a specific technology: An investigation of its components and measures. ACM Trans. Management Inform. Systems 2(2):1–25.CrossrefGoogle Scholar
  • Merritt SM, Ako-Brew A, Bryant WJ, Staley A, McKenna M, Leone A, Shirase L (2019) Automation-induced complacency potential: Development and validation of a new scale. Front. Psych. 10:1–13.Google Scholar
  • Meyer JP, Allen NJ (1991) A three-component conceptualization of organizational commitment. Human Resource Management Rev. 1(1):61–89.CrossrefGoogle Scholar
  • Meyer JP, Allen NJ (1997) Commitment in the Workplace: Theory, Research, and Application (SAGE Publications, Inc, Thousand Oaks, CA).CrossrefGoogle Scholar
  • Mitnick KD (2003) The Art of Deception: Controlling the Human Element of Security (Wiley Publishing, Indianapolis).Google Scholar
  • Möllering G, Sydow J (2019) Trust trap? Self-reinforcing processes in the constitution of inter-organizational trust. Sasaki M, ed. Trust in Contemporary Society (Brill Academic Publishers, Boston), 141–160.CrossrefGoogle Scholar
  • Moore GC, Benbasat I (1991) Development of an instrument to measure the perceptions of adopting an information technology innovation. Inform. Systems Res. 2(3):192–222.LinkGoogle Scholar
  • Mylonas A, Kastania A, Gritzalis D (2013) Delegate the smartphone user? Security awareness in smartphone platforms. Comput. Security 34:47–66.CrossrefGoogle Scholar
  • Nguyen C, Jensen ML, Durcikova A, Wright RT (2021) A comparison of features in a crowdsourced phishing warning system. Inform. Systems J. 31(3):473–513.CrossrefGoogle Scholar
  • Nunnally JC (1978) Psychometric Theory, 2nd ed. (McGraw-Hill, New York).Google Scholar
  • Nwankpa JK, Datta PM (2023) Remote vigilance: The roles of cyber awareness and cybersecurity policies among remote workers. Comput. Security 130:103266.CrossrefGoogle Scholar
  • Nwankpa JK, Roumani Y (2014) The influence of organizational trust and organizational mindfulness on ERP systems usage. Comm. Assoc. Inform. Systems 34:1469–1492.Google Scholar
  • Parasuraman R, Manzey DH (2010) Complacency and bias in human use of automation: An attentional integration. Human Factors 52(3):381–410.CrossrefGoogle Scholar
  • Parasuraman R, Molloy R, Singh IL (1993) Performance consequences of automation-induced “complacency.” Internat. J. Aviation Psych. 3(1):1–23.CrossrefGoogle Scholar
  • Parker SK, Collins CG (2010) Taking stock: Integrating and differentiating multiple proactive behaviors. J. Management 36(3):633–662.Google Scholar
  • Parker SK, Wu CH (2014) Leading for proactivity: How leaders cultivate staff who make things happen. Day DV, ed. The Oxford Handbook of Leadership and Organizations (Oxford University Press, New York), 380–403.Google Scholar
  • Pavlou PA, Liang H, Xue Y (2007) Understanding and mitigating uncertainty in online exchange relationships: A principal-agent perspective. MIS Quart. 31(1):105–136.CrossrefGoogle Scholar
  • Pfleeger SL, Sasse MA, Furnham A (2014) From weakest link to security hero: Transforming staff security behavior. J. Homeland Security Emergency Management 11(4):489–510.CrossrefGoogle Scholar
  • Pienta D, Tams S, Thatcher JB (2020) Can trust be trusted in cybersecurity? Proc. 53rd Hawaii Internat. Conf. System Sci., 4264–4273.Google Scholar
  • Podsakoff PM, MacKenzie SB, Lee JY, Podsakoff NP (2003) Common method biases in behavioral research: A critical review of the literature and recommended remedies. J. Appl. Psych. 88(5):879–903.CrossrefGoogle Scholar
  • Posey C, Bennett RJ, Roberts TL (2011a) Understanding the mindset of the abusive insider: An examination of insiders’ causal reasoning following internal security changes. Comput. Security 30(6–7):486–497.CrossrefGoogle Scholar
  • Posey C, Roberts TL, Lowry PB (2015) The impact of organizational commitment on insiders’ motivation to protect organizational information assets. J. Management Inform. Systems 32(4):179–214.CrossrefGoogle Scholar
  • Posey C, Bennett RJ, Roberts TL, Lowry PB (2011b) When computer monitoring backfires: Privacy invasions and organizational injustice as precursors to computer abuse. J. Inform. System Security 7(1):24–47.Google Scholar
  • Posey C, Roberts TL, Lowry PB, Hightower RT (2014) Bridging the divide: A qualitative comparison of information security thought patterns between information security professionals and ordinary organizational insiders. Inform. Management 51(5):551–567.CrossrefGoogle Scholar
  • Posey C, Roberts TL, Lowry PB, Bennett RJ, Courtney JF (2013) Insiders’ protection of organizational information assets: Development of a systematics-based taxonomy and theory of diversity for protection-motivated behaviors. MIS Quart. 37(4):1189–1210.CrossrefGoogle Scholar
  • Robinson SL (1996) Trust and breach of the psychological contract. Admin. Sci. Quart. 41(4):574–599.CrossrefGoogle Scholar
  • Rose S, Mitchell S, Connelly S (2020) Zero trust architecture. Accessed May 23, 2022, https://doi.org/10.6028/NIST.SP.800-207.Google Scholar
  • Rousseau DM, Sitkin SB, Burt RS, Camerer C (1998) Not so different after all: A cross-discipline view of trust. Acad. Management Rev. 23(3):393–404.CrossrefGoogle Scholar
  • Sadok M, Alter S, Bednar P (2020) It is not my job: Exploring the disconnect between corporate security policies and actual security practices in SMEs. Inform. Comput. Security 28(3):467–483.CrossrefGoogle Scholar
  • Sarkar S, Vance A, Ramesh B, Demestihas M, Wu DT (2020) The influence of professional subculture on information security policy violations: A field study in a healthcare context. Inform. Systems Res. 31(4):1240–1259.LinkGoogle Scholar
  • Schaufeli WB, Salanova M, González-romá V, Bakker AB (2002) The measurement of engagement and burnout: A two sample confirmatory factor analytic approach. J Happiness Stud. 3(1):71–92.CrossrefGoogle Scholar
  • Schoorman FD, Mayer RC, Davis JH (2007) An integrative model of organizational trust: Past, present, and future. Acad. Management Rev. 32(2):344–354.CrossrefGoogle Scholar
  • Schuetz SW, Lowry PB, Pienta D, Thatcher JB (2021) Improving the design of information security messages by leveraging the effects of temporal distance and argument nature. J. Assoc. Inform. Systems 22(5):1376–1428.Google Scholar
  • Singh IL, Molloy R, Parasuraman R (1993) Automation-induced “complacency”: Development of the complacency-potential rating scale. Internat. J. Aviation Psych. 3(2):111–122.CrossrefGoogle Scholar
  • Siponen M, Puhakainen P, Vance A (2020) Can individuals’ neutralization techniques be overcome? A field experiment on password policy. Comput. Security 88:101617.CrossrefGoogle Scholar
  • Skinner D, Dietz G, Weibel A (2014) The dark side of trust: When trust becomes a “poisoned chalice.” Organization 21(2):206–224.CrossrefGoogle Scholar
  • Spector PE, Brannick MT (2011) Methodological urban legends: The misuse of statistical control variables. Organ. Res. Methods 14(2):287–305.CrossrefGoogle Scholar
  • Stafford TF (2022) Platform-dependent computer security complacency: The unrecognized insider threat. IEEE Trans. Engrg. Management 69(6):3814–3825.CrossrefGoogle Scholar
  • Straub DW (1989) Validating instruments in MIS research. MIS Quart. 13(2):147–169.CrossrefGoogle Scholar
  • Straub DW (1990) Effective IS security: An empirical study. Inform. Systems Res. 1(3):255–276.LinkGoogle Scholar
  • Sutcliffe KM, Vogus TJ, Dane E (2016) Mindfulness in organizations: A cross-level review. Annual Rev. Organ. Psych. Organ. Behav. 3(1):55–81.CrossrefGoogle Scholar
  • Swanson EB, Ramiller NC (2004) Innovating mindfully with information technology. MIS Quart. 28(4):553–583.CrossrefGoogle Scholar
  • Tan HH, Lim AKH (2009) Trust in coworkers and trust in organizations. J. Psych. 143(1):45–66.CrossrefGoogle Scholar
  • Tessian (2021) Back to work security behaviors report. Accessed June 24, 2021, https://www.tessian.com/resources/back-to-work-cybersecurity-behaviors-report/.Google Scholar
  • Thatcher JB, Wright RT, Sun H, Zagenczyk TJ, Klein R (2018) Mindfulness in information technology use: Definitions, distinctions, and a new measure. MIS Quart. 42(3):831–847.CrossrefGoogle Scholar
  • Vance A, Siponen MT, Straub DW (2020) Effects of sanctions, moral beliefs, and neutralization on information security policy violations across cultures. Inform. Management 57(4):103212.CrossrefGoogle Scholar
  • Vogus TJ, Sutcliffe KM (2012) Organizational mindfulness and mindful organizing: A reconciliation and path forward. Acad. Management Learn. Educ. 11(4):722–735.CrossrefGoogle Scholar
  • Wang J, Li Y, Rao HR (2016) Overconfidence in phishing email detection. J. Assoc. Inform. Systems 17(11):759–783.Google Scholar
  • Warkentin M, Willison R (2009) Behavioral and policy issues in information systems security: The insider threat. Eur. J. Inform. Systems 18(2):101–105.CrossrefGoogle Scholar
  • Williams LJ, Hartman N, Cavazotte F (2010) Method variance and marker variables: A review and comprehensive CFA marker technique. Organ. Res. Methods 13(3):477–514.CrossrefGoogle Scholar
  • Willison R, Warkentin M (2013) Beyond deterrence: An expanded view of employee computer abuse. MIS Quart. 37(1):1–20.CrossrefGoogle Scholar
  • Wong YT, Ngo HY, Wong CS (2002) Affective organizational commitment of workers in chinese joint ventures. J. Management Psych. 17(7):580–598.Google Scholar
  • Wood SL, Lynch JG (2002) Prior knowledge and complacency in new product learning. J. Consumer Res. 29(3):416–426.CrossrefGoogle Scholar
  • Workman M (2008) Wisecrackers: A theory-grounded investigation of phishing and pretext social engineering threats to information security. J. Amer. Soc. Inform. Sci. Tech. 59(4):662–674.CrossrefGoogle Scholar
  • Wright RT, Campbell DE, Thatcher JB, Roberts N (2012) Operationalizing multidimensional constructs in structural equation modeling: Recommendations for IS research. Comm. Assoc. Inform. Systems 30:367–412.Google Scholar
  • Xu F, Hsu C, Luo X, Warkentin M (2022) Reactions to abusive supervision: Neutralization and IS misuse. J. Comput. Inform. Systems 62(3):632–641.CrossrefGoogle Scholar
  • Yazdanmehr A, Wang J (2021) Can peers help reduce violations of information security policies? The role of peer monitoring. Eur. J. Inform. Systems 32(3):508–528.CrossrefGoogle Scholar
  • Zhao H, Wayne SJ, Glibkowski BC, Bravo J (2007) The impact of psychological contract breach on work-related outcomes: A meta-analysis. Personnel Psych. 60(3):647–680.CrossrefGoogle Scholar
  • Zhao X, Lynch JG, Chen Q (2010) Reconsidering Baron and Kenny: Myths and truths about mediation analysis. J. Consumer Res. 37(2):197–206.CrossrefGoogle Scholar
  • Zucker LG (1983) Organizations as institutions. Bacharach S, ed. Research in the Sociology of Organizations (JAI Press, Greenwich, CT), 1–47.Google Scholar
Previous
Back to Top
Next
INFORMS site uses cookies to store information on your computer. Some are essential to make our site work; Others help us improve the user experience. By using this site, you consent to the placement of these cookies. Please read our Privacy Statement to learn more.
Agree