nach oben

International Journal of Information Security

26.04.2024 | Regular Contribution

Perceptions of organizational responsibility for cybersecurity in Saudi Arabia: a moderated mediation analysis

verfasst von: Ahmed M. Asfahani

Erschienen in: International Journal of Information Security

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The study aims to explore the crucial interaction between organizational responsibility and employee behavior in cybersecurity, particularly in the distinct setting of Saudi Arabia. It investigates how organizational responsibility perceptions impact employee attitudes and practices towards cybersecurity. The research utilizes a mixed theoretical framework, incorporating stewardship theory, protection motivation theory, and the theory of planned behavior. It examines the intricate link between organizational leadership, policies, and individual responses to cybersecurity threats through a comprehensive survey conducted among Saudi employees. The study discovers that employees’ perceptions of organizational responsibility greatly influence their cybersecurity behavior. It also finds that employee attitudes towards cybersecurity act as a mediator in this relationship. Contrary to expectations, personal experiences with cybersecurity incidents do not significantly moderate these relationships. This underlines the complex and culture-specific nature of cybersecurity compliance in organizational contexts. This research uniquely contributes to the understanding of cybersecurity behavior within organizations, particularly highlighting the need for policies that align with both organizational objectives and individual behaviors in culturally specific environments like Saudi Arabia. It offers novel insights into the less pronounced impact of personal cybersecurity experiences on organizational-employee dynamics in cybersecurity compliance.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Sarkar, G., Shukla, S.K.: Behavioral analysis of cybercrime: Paving the way for effective policing strategies. J. Econ. Criminol. 2, 100034 (2023). https://doi.org/10.1016/j.jeconc.2023.100034CrossRef

Dalal, R.S., Howard, D.J., Bennett, R.J., Posey, C., Zaccaro, S.J., Brummel, B.J.: Organizational science and cybersecurity: Abundant opportunities for research at the interface. J. Bus. Psychol. 37(1) (2022). https://doi.org/10.1007/s10869-021-09732-9

Posey, C., Folger, R.: An exploratory examination of organizational insiders’ descriptive and normative perceptions of cyber-relevant rights and responsibilities. Comput. Secur. 99 (2020). https://doi.org/10.1016/j.cose.2020.102038

AlMindeel, R., Martins, J.T.: Information security awareness in a developing country context: Insights from the government sector in Saudi Arabia. Inf. Technol. People. 34(2), 770–788 (Mar. 2021). https://doi.org/10.1108/ITP-06-2019-0269/FULL/XML

Alrubaiq, A., Alharbi, T.: Developing a Cybersecurity Framework for e-Government Project in the Kingdom of Saudi Arabia. J. Cybersecur. Priv. 1, 302–318 (2021). no. 210.3390/jcp1020017CrossRef

Saeed, S., Digital Workplaces and Information Security Behavior of Business Employees: An empirical study of Saudi Arabia. Sustainability. 15, 6019 (Mar. 2023). https://doi.org/10.3390/SU15076019

Almeida, M.C., Yoshikuni, A.C., Dwivedi, R., Larieira, C.L.C.: Do Leadership styles Influence Employee Information systems Security Intention? A study of the Banking Industry. Glob J. Flex. Syst. Manag. 23(4), 535–550 (2022). https://doi.org/10.1007/s40171-022-00320-1CrossRef

Onumo, A., Ullah-Awan, I., Cullen, A.: Assessing the moderating effect of Security Technologies on employees Compliance with Cybersecurity Control procedures. ACM Trans. Manag Inf. Syst. 12(2) (2021). https://doi.org/10.1145/3424282

Dodge, C.E., Fisk, N., Burruss, G.W., Moule, R.K. Jr., Jaynes, C.M.: What motivates users to adopt cybersecurity practices? A survey experiment assessing protection motivation theory. Criminol. Public. Policy. (Sep. 2023). https://doi.org/10.1111/1745-9133.12641

10.

Ylönen, M., et al.: Integrated management of safety and security in Seveso sites - sociotechnical perspectives. Saf. Sci. 151 (2022). https://doi.org/10.1016/j.ssci.2022.105741

11.

Alyami, A., Sammon, D., Neville, K., Mahony, C.: The critical success factors for Security Education, Training and Awareness (SETA) program effectiveness: A lifecycle model. Inf. Technol. People. 36(8), 94–125 (2023). https://doi.org/10.1108/ITP-07-2022-0515CrossRef

12.

Shin, B., Lowry, P.B.: A review and theoretical explanation of the ‘Cyberthreat-Intelligence (CTI) capability’ that needs to be fostered in information security practitioners and how this can be accomplished. Comput. Secur. 92 (2020). https://doi.org/10.1016/j.cose.2020.101761

13.

Subach, I., Mogylevych, D., Mykytiuk, A., Kubrak, V., Korotayev, S.: Design Methodology of Cybersecurity Situational Center, in CEUR Workshop Proceedings, vol. 3187, pp. 79–88. [Online]. Available: (2021). https://www.scopus.com/inward/record.uri?eid=2-s2.0-85137143260&partnerID=40&md5=29e5ba74cf30484f4df17ddfedbcb4b2

14.

Wang, S., Wang, H.: Knowledge Management for Cybersecurity in Business organizations: A Case Study. J. Comput. Inf. Syst. 61(2), 174–181 (2021). https://doi.org/10.1080/08874417.2019.1571458CrossRef

15.

Davis, J.H., Schoorman, F.D., Donaldson, L.: Toward a stewardship theory of management, in Business Ethics and Strategy, Volumes I and II, University of Notre Dame, India: Taylor and Francis, pp. 473–500. (2018). https://doi.org/10.4324/9781315261102-29

16.

Maddux, J.E., Rogers, R.W.: Protection motivation and self-efficacy: A revised theory of fear appeals and attitude change. J. Exp. Soc. Psychol. 19(5), 469–479 (1983). https://doi.org/10.1016/0022-1031(83)90023-9CrossRef

17.

Ajzen, I.: The theory of planned behavior. Organ. Behav. Hum. Decis. Process. 50(2), 179–211 (Dec. 1991). https://doi.org/10.1016/0749-5978(91)90020-T

18.

Sama, L.M., Stefanidis, A., Casselman, R.M.: Rethinking corporate governance in the digital economy: The role of stewardship. Bus. Horiz. 65(5), 535–546 (2022). https://doi.org/10.1016/j.bushor.2021.08.001CrossRef

19.

Kaur, M., Malik, K., Sharma, S.: A note on boardroom challenge, Board effectiveness and corporate stewardship during COVID-19. Vision. 25(2), 131–135 (2021). https://doi.org/10.1177/0972262920987326CrossRef

20.

Ali, R.F., Dominic, P.D.D., Ali, S.E., Rehman, M., Sohail, A.: Information Security Behavior and Information Security Policy Compliance: A systematic literature review for identifying the Transformation process from Noncompliance to Compliance. Appl. Sci. 11(8) (2021). https://doi.org/10.3390/app11083383

21.

Steinfeld, J.M.: Stewardship theory over Agency Theory. In: Steinfeld, J.M. (ed.) in Public-Private Stewardship: Achieving Value-for-Money in Public-Private Partnerships, pp. 123–134. Springer International Publishing, Cham (2023). https://doi.org/10.1007/978-3-031-17131-4_8CrossRef

22.

Almansoori, A., Al-Emran, M., Shaalan, K.: Exploring the frontiers of Cybersecurity Behavior: A systematic review of studies and theories. Appl. Sci. 13(9) (2023). https://doi.org/10.3390/app13095700

23.

Shahbaznezhad, H., Kolini, F., Rashidirad, M.: Employees’ Behavior in Phishing Attacks: What Individual, Organizational, and Technological Factors Matter? J. Comput. Inf. Syst, vol. 61, no. 6, pp. 539–550, Nov. (2021). https://doi.org/10.1080/08874417.2020.1812134

24.

Gregory, R.W., Henfridsson, O., Kaganer, E., Kyriakou, S.H.: The role of artificial intelligence and data network effects for creating user value. Acad. Manag Rev. 46(3), 534–551 (2021). https://doi.org/10.5465/amr.2019.0178CrossRef

25.

Banks, G.C., Woznyj, H.M., Mansfield, C.A.: Where is ‘behavior’ in organizational behavior? A call for a revolution in leadership research and beyond. Leadersh. Q. 101581 (2021). https://doi.org/10.1016/j.leaqua.2021.101581

26.

Bertassini, A.C., Ometto, A.R., Severengiz, S., Gerolamo, M.C.: Circular economy and sustainability: The role of organizational behaviour in the transition journey. Bus. Strateg Environ. 30(7), 3160–3193 (2021). https://doi.org/10.1002/bse.2796CrossRef

27.

Reeves, A., Delfabbro, P., Calic, D.: Encouraging Employee Engagement with Cybersecurity: How to tackle Cyber fatigue. SAGE Open. 11(1) (2021). https://doi.org/10.1177/21582440211000049

28.

Farshadkhah, S., Van Slyke, C., Fuller, B.: Onlooker effect and affective responses in information security violation mitigation. Comput. Secur. 100 (2021). https://doi.org/10.1016/j.cose.2020.102082

29.

Donalds, C., Osei-Bryson, K.-M.: Cybersecurity compliance behavior: Exploring the influences of individual decision style and other antecedents. Int. J. Inf. Manage. 51 (2020). https://doi.org/10.1016/j.ijinfomgt.2019.102056

30.

Maalem Lahcen, R.A., Caulkins, B., Mohapatra, R., Kumar, M.: Review and insight on the behavioral aspects of cybersecurity. Cybersecurity. 3(1) (2020). https://doi.org/10.1186/s42400-020-00050-w

31.

Triplett, W.J.: Addressing human factors in Cybersecurity Leadership. J. Cybersecur. Priv. 2, 573–586 (2022). no. 310.3390/jcp2030029CrossRef

32.

Freeman, S., Vissak, T., Nummela, N., Trudgen, R.: Do technology-focused fast internationalizers’ performance measures change as they mature? Int. Bus. Rev. 32(5), 102168 (2023). https://doi.org/10.1016/j.ibusrev.2023.102168CrossRef

33.

Alhalafi, N., Veeraraghavan, P.: Exploring the challenges and issues in adopting Cybersecurity in Saudi Smart cities: Conceptualization of the Cybersecurity-based UTAUT Model. Smart Cities. 6, 1523–1544 (2023). no. 310.3390/smartcities6030072CrossRef

34.

Wong, L.-W., Lee, V.-H., Tan, G.W.-H., Ooi, K.-B., Sohal, A.: The role of cybersecurity and policy awareness in shifting employee compliance attitudes: Building supply chain capabilities. Int. J. Inf. Manage. 66, 102520 (2022). https://doi.org/10.1016/j.ijinfomgt.2022.102520CrossRef

35.

Castelo-Branco, I., Oliveira, T., Simões-Coelho, P., Portugal, J., Filipe, I.: Measuring the fourth industrial revolution through the industry 4.0 lens: The relevance of resources, capabilities and the value chain. Comput. Ind. 138 (2022). https://doi.org/10.1016/j.compind.2022.103639

36.

Ramírez, M., Rodríguez Ariza, L., Gómez, M.E., Miranda, Vartika: The disclosures of information on cybersecurity in listed companies in Latin America—proposal for a Cybersecurity Disclosure Index. Sustainability. 14(3) (2022). https://doi.org/10.3390/su14031390

37.

Li, L., He, W., Xu, L., Ash, I., Anwar, M., Yuan, X.: Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior. Int. J. Inf. Manage. 45, 13–24 (2019). https://doi.org/10.1016/j.ijinfomgt.2018.10.017CrossRef

38.

Maurer, F., Fritzsche, A.: Layered structures of robustness and resilience: Evidence from cybersecurity projects for critical infrastructures in Central Europe. Strateg Chang. 32(6), 195–208 (2023). https://doi.org/10.1002/jsc.2559CrossRef

39.

Garrido, C.B.E., Compte, S.S., Roldan, L.R., Malacara, A.A.: Survey and testing of the IoT Cybersecurity Framework using intrusion detection systems. Int. J. Comput. Networks Appl. 9(5), 601–623 (2022). https://doi.org/10.22247/ijcna/2022/215920CrossRef

40.

Banciu, D., Rădoi, M., Belloiu, S.: Information security awareness in Romanian public administration: An exploratory case study. Stud. Inf. Control. 29(1), 121–129 (2020). https://doi.org/10.24846/v29i1y202012CrossRef

41.

Perera, S., Jin, X., Maurushat, A., Opoku, D.-G.J.: Factors affecting reputational damage to Organisations due to Cyberattacks. Informatics. 9(1) (2022). https://doi.org/10.3390/informatics9010028

42.

Liebetrau, T.: Organizing cyber capability across military and intelligence entities: Collaboration, separation, or centralization. Policy Des. Pract. 6(2), 131–145 (2023). https://doi.org/10.1080/25741292.2022.2127551CrossRef

43.

Anu, V.: Information security governance metrics: A survey and taxonomy. Inf. Secur. J. 31(4), 466–478 (2022). https://doi.org/10.1080/19393555.2021.1922786CrossRef

44.

Khan, S., Madnick, S.: Protecting Chiller systems from Cyberattack using a systems thinking Approach. Network. 2(4), 606–627 (2022). https://doi.org/10.3390/network2040035CrossRef

45.

Li, L., Xu, L., He, W.: The effects of antecedents and mediating factors on cybersecurity protection behavior. Comput. Hum. Behav. Rep. 5 (2022). https://doi.org/10.1016/j.chbr.2021.100165

46.

Kalhoro, S., Rehman, M., Ponnusamy, V., Shaikh, F.B.: Extracting key factors of cyber hygiene behaviour among software engineers: A systematic literature review. IEEE Access. 9, 99339–99363 (2021). https://doi.org/10.1109/ACCESS.2021.3097144CrossRef

47.

Klein, G., Zwilling, M.: The Weakest Link: Employee Cyber-defense behaviors while Working from Home. J. Comput. Inf. Syst. (2023). https://doi.org/10.1080/08874417.2023.2221200CrossRef

48.

Sari, P.K., Handayani, P.W., Hidayanto, A.N., Yazid, S., Aji, R.F.: Information Security Behavior in Health Information Systems: A review of Research Trends and Antecedent factors. Healthcare. 10(12) (2022). https://doi.org/10.3390/healthcare10122531

49.

Mwim, E.N., Mtsweni, J., Chimbo, B.: Factors Associated with Cybersecurity Culture: A quantitative study of Public E-health hospitals in South Africa. IFIP Adv. Inform. Communication Technol. 674, 129–142 (2023). https://doi.org/10.1007/978-3-031-38530-8_11CrossRef

50.

Wilson, M., McDonald, S., Button, D., McGarry, K.: It won’t happen to me: Surveying SME attitudes to cyber-security. J. Comput. Inf. Syst. 63(2), 397–409 (2023). https://doi.org/10.1080/08874417.2022.2067791CrossRef

51.

Chaudhary, S., Gkioulos, V., Katsikas, S.: A quest for research and knowledge gaps in cybersecurity awareness for small and medium-sized enterprises. Comput. Sci. Rev. 50, 100592 (2023). https://doi.org/10.1016/j.cosrev.2023.100592CrossRef

52.

Hadlington, L.: The ‘Human factor’ in Cybersecurity: Exploring the Accidental Insider. in In: Research Anthology on Artificial Intelligence Applications in Security, pp. 1960–1977. IGI Global, Hershey, PA (2021). https://doi.org/10.4018/978-1-7998-7705-9.ch087CrossRef

53.

Sharma, S., Aparicio, E.: Organizational and team culture as antecedents of protection motivation among IT employees. Comput. Secur. 120 (2022). https://doi.org/10.1016/j.cose.2022.102774

54.

Huang, K., Pearlson, K.: For what technology can’t fix: Building a model of organizational cybersecurity culture, in Proceedings of the Annual Hawaii International Conference on System Sciences, vol. 2019-Janua, pp. 6398–6407. [Online]. Available: (2019). https://www.scopus.com/inward/record.uri?eid=2-s2.0-85108267591&partnerID=40&md5=8a90698b30858c446ed0f59f017ec31c

55.

Burrell, D.N., et al.: The managerial ethical and operational challenges of hospital cybersecurity. In: Burrell, D.N. (ed.) in Transformational Interventions for Business, Technology, and Healthcare, pp. 444–458. IGI Global, Hershey (2023). https://doi.org/10.4018/979-8-3693-1634-4.ch026CrossRef

56.

Al-ma’aitah, M.A.: Investigating the drivers of cybersecurity enhancement in public organizations: The case of Jordan. Electron. J. Inf. Syst. Dev. Ctries. 88(5) (2022). https://doi.org/10.1002/isd2.12223

57.

Alharbi, F., et al.: The impact of Cybersecurity practices on Cyberattack damage: The perspective of Small enterprises in Saudi Arabia. Sensors. 21(20), 6901 (Oct. 2021). https://doi.org/10.3390/S21206901

58.

Malatji, M., Von Solms, S., Marnewick, A.: Socio-technical systems cybersecurity framework. Inf. Comput. Secur. 27(2), 233–272 (2019). https://doi.org/10.1108/ICS-03-2018-0031CrossRef

59.

Preis, B., Susskind, L.: Municipal cybersecurity: More work needs to be done. Urban Aff Rev. 58(2), 614–629 (2022). https://doi.org/10.1177/1078087420973760CrossRef

60.

Alhuwail, D., Al-Jafar, E., Abdulsalam, Y., Alduaij, S.: Information Security Awareness and Behaviors of Health Care Professionals at Public Health Care Facilities. Appl. Clin. Inf. 12(4), 924–932 (2021). https://doi.org/10.1055/s-0041-1735527CrossRef

61.

Ulrich, P.S., Timmermann, A., Frank, V.: Organizational aspects of cybersecurity in German family firms – Do opportunities or risks predominate? Organ. Cybersecurity J. Pract. Process People, vol. 2, no. 1, pp. 21–40, Jan. (2022). https://doi.org/10.1108/OCJ-03-2021-0010

62.

Garba, J., Kaur, J., Ibrahim, E.N.M., DESIGN OF A CONCEPTUAL FRAMEWORK, FOR CYBERSECURITY CULTURE AMONGST ONLINE BANKING USERS IN NIGERIA: Niger J. Technol. 42(3), 399–405 (2023). https://doi.org/10.4314/njt.v42i3.13CrossRef

63.

Anawar, S., Kunasegaran, D.L., Mas’Ud, M.Z., Zakaria, N.A.: Analysis of phishing susceptibility in a workplace: A big-five personality perspectives, J. Eng. Sci. Technol, vol. 14, no. 5, pp. 2865–2882, [Online]. Available: (2019). https://www.scopus.com/inward/record.uri?eid=2-s2.0-85073019806&partnerID=40&md5=e77a1b87b3ecf94aa2e3db3e72f7772d

64.

Karjalainen, M., Siponen, M., Sarker, S.: Toward a stage theory of the development of employees’ information security behavior. Comput. Secur. 93, 101782 (2020). https://doi.org/10.1016/j.cose.2020.101782CrossRef

65.

Febriyani, W., Fathia, D., Widjajarto, A., Lubis, M.: Security awareness strategy for Phishing email scams: A Case Study one of a company in Singapore. Int. J. Inf. Vis. 7(3), 808–814 (2023). https://doi.org/10.30630/joiv.7.3.2081CrossRef

66.

Kostyuk, N., Wayne, C.: The microfoundations of State Cybersecurity: Cyber risk perceptions and the Mass Public. J. Glob Secur. Stud. 6(2) (2021). https://doi.org/10.1093/jogss/ogz077

67.

Schuetz, S.W., Benjamin Lowry, P., Pienta, D.A., Thatcher, J.B.: The effectiveness of Abstract Versus concrete fear appeals in Information Security. J. Manag Inf. Syst. 37(3), 723–757 (2020). https://doi.org/10.1080/07421222.2020.1790187CrossRef

68.

Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., Basim, H.N.: Cyber Security awareness, knowledge and behavior: A comparative study. J. Comput. Inf. Syst. 62(1), 82–97 (2022). https://doi.org/10.1080/08874417.2020.1712269CrossRef

69.

Chatterjee, S., Gao, X., Sarkar, S., Uzmanoglu, C.: Reacting to the scope of a data breach: The differential role of fear and anger. J. Bus. Res. 101, 183–193 (2019). https://doi.org/10.1016/j.jbusres.2019.04.024CrossRef

70.

Mayer, P., Zou, Y., Schaub, F., Aviv, A.J.: ‘Now I’m a bit angry:’ Individuals’ awareness, perception, and responses to data breaches that affected them, in Proceedings of the 30th USENIX Security Symposium, pp. 393–410. [Online]. Available: (2021). https://www.scopus.com/inward/record.uri?eid=2-s2.0-85114520438&partnerID=40&md5=b988ba536c438e2a00629306db4c2d0b

71.

Burton, J.: Cyber-attacks and Freedom of expression: Coercion, Intimidation and virtual Occupation. Balt J. Eur. Stud. 9(3), 116–133 (2019). https://doi.org/10.1515/bjes-2019-0025CrossRef

72.

Labrecque, L.I., Markos, E., Swani, K., Peña, P.: When data security goes wrong: Examining the impact of stress, social contract violation, and data type on consumer coping responses following a data breach. J. Bus. Res. 135, 559–571 (2021). https://doi.org/10.1016/j.jbusres.2021.06.054CrossRef

73.

Albahar, M.: Cyber attacks and Terrorism: A twenty-First Century Conundrum. Sci. Eng. Ethics. 25(4), 993–1006 (2019). https://doi.org/10.1007/s11948-016-9864-0CrossRef

74.

Shandler, R., Gomez, M.A.: The hidden threat of cyber-attacks–undermining public confidence in government. J. Inf. Technol. Polit. 20(4), 359–374 (2023). https://doi.org/10.1080/19331681.2022.2112796CrossRef

75.

Fauzi, M.A., Yeng, P., Yang, B., Rachmayani, D.: Examining the link between Stress Level and Cybersecurity Practices of Hospital Staff in Indonesia, (2021). https://doi.org/10.1145/3465481.3470094

76.

Singh, T., Johnston, A.C., D’Arcy, J., Harms, P.D.: Stress in the cybersecurity profession: a systematic review of related literature and opportunities for future research, Organ. Cybersecurity J. Pract. Process People, vol. ahead-of-p, no. ahead-of-print, Jan. (2023). https://doi.org/10.1108/OCJ-06-2022-0012

77.

Ruoslahti, H., Davis, B.: Societal impacts of Cyber Security assets of Project ECHO. WSEAS Trans. Environ. Dev. 17, 1274–1283 (2021). https://doi.org/10.37394/232015.2021.17.116CrossRef

78.

Ho, S.M., Gross, M.: Consciousness of cyber defense: A collective activity system for developing organizational cyber awareness. Comput. Secur. 108, 102357 (2021). https://doi.org/10.1016/j.cose.2021.102357CrossRef

79.

Alkhazi, B., Alshaikh, M., Alkhezi, S., Labbaci, H.: Assessment of the Impact of Information Security Awareness Training Methods on knowledge, attitude, and Behavior. IEEE Access. 10, 132132–132143 (2022). https://doi.org/10.1109/ACCESS.2022.3230286CrossRef

80.

Shaabany, G., Anderl, R.: Designing an effective course to improve Cybersecurity Awareness for Engineering faculties. Adv. Intell. Syst. Comput. 782, 203–211 (2019). https://doi.org/10.1007/978-3-319-94782-2_20CrossRef

81.

Hatzivasilis, G., et al.: Modern aspects of Cyber-security Training and continuous adaptation of Programmes to trainees. Appl. Sci. 10(16) (2020). https://doi.org/10.3390/app10165702

82.

Barlette, Y., Jaouen, A.: Information security in SMEs: Determinants of CEOs’ protective and supportive behaviors. Syst. d’Information Manag. 24(3), 7–40 (2019). https://doi.org/10.3917/sim.193.0007CrossRef

83.

Nienaber, A.-M., Spundflasch, S., Soares, A., Woodcock, A.: Distrust as a hazard for future sustainable mobility planning. Rethinking employees’ vulnerability when introducing New Information and Communication Technologies in local authorities. Int. J. Hum. Comput. Interact. 37(4), 390–401 (2021). https://doi.org/10.1080/10447318.2020.1860547CrossRef

84.

Dillman, D.A.: Mail and Internet Surveys: The Tailored Design Method. John Wiley & Sons, Ltd, New York, NY (2007)

85.

Serdar, C.C., Cihan, M., Yücel, D., Serdar, M.A.: Sample size, power and effect size revisited: Simplified and practical approaches in pre-clinical, clinical and laboratory studies. Biochem. Med. 31(1), 1–27 (Feb. 2021). https://doi.org/10.11613/BM.2021.010502

86.

Forza, C.: Survey research in operations management: A process-based perspective. Int. J. Oper. Prod. Manag. 22(2), 152–194 (2002). https://doi.org/10.1108/01443570210414310/FULL/XMLCrossRef

87.

Goodyear, M.D.E., Krleza-Jeric, K., Lemmens, T.: The declaration of Helsinki, Br. Med. J, vol. 335, no. 7621, pp. 624–625, (2007). https://doi.org/10.1136/bmj.39339.610000.BE

88.

Preacher, K.J., Hayes, A.F.: SPSS and SAS procedures for estimating indirect effects in simple mediation models. Behav. Res. Methods Instruments Comput. 36(4), 717–731 (2004). https://doi.org/10.3758/BF03206553CrossRef

89.

Watkins, M.W.: A step-by-step guide to exploratory factor analysis with SPSS. Department of Educational Psychology, Baylor University, United States: Taylor and Francis, (2021). https://doi.org/10.4324/9781003149347

90.

Marsh, H.W., Guo, J., Dicke, T., Parker, P.D., Craven, R.G.: Confirmatory Factor Analysis (CFA), exploratory structural equation modeling (ESEM), and Set-ESEM: Optimal balance between goodness of fit and parsimony. Multivar. Behav. Res. 55(1), 102–119 (2020). https://doi.org/10.1080/00273171.2019.1602503CrossRef

91.

Perry, J.L., Nicholls, A.R., Clough, P.J., Crust, L.: Assessing model fit: Caveats and recommendations for confirmatory factor analysis and exploratory structural equation modeling. Meas. Phys. Educ. Exerc. Sci. 19(1), 12–21 (2015). https://doi.org/10.1080/1091367X.2014.952370CrossRef

92.

Song, L., Langfelder, P., Horvath, S.: Random generalized linear model: A highly accurate and interpretable ensemble predictor. BMC Bioinform. 14 (2013). https://doi.org/10.1186/1471-2105-14-5

93.

Hayes, A.F.: Introduction to Mediation, Moderation, and Conditional Process Analysis: A regression-based Approach. Guilford, New York, NY (2017)

94.

Davidson, R., MacKinnon, J.G.: Estimation and Inference in Econometrics. Oxford University Press, New York, NY (1993)

95.

Liu, H., Wei, S., Ke, W., Wei, K.K., Hua, Z.: The configuration between supply chain integration and information technology competency: A resource orchestration perspective. J. Oper. Manag. 44, 13–29 (2016). https://doi.org/10.1016/j.jom.2016.03.009CrossRef

96.

Frank, A.G., Dalenogare, L.S., Ayala, N.F.: Industry 4.0 technologies: Implementation patterns in manufacturing companies. Int. J. Prod. Econ. 210, 15–26 (2019). https://doi.org/10.1016/j.ijpe.2019.01.004CrossRef

97.

Boateng, G.O., Neilands, T.B., Frongillo, E.A., Melgar-Quiñonez, H.R., Young, S.L.: Best Practices for Developing and Validating Scales for Health, Social, and Behavioral Research: A Primer, Frontiers in Public Health, vol. 6. [Online]. Available: https://www.frontiersin.org/articles/ (2018). https://doi.org/10.3389/fpubh.2018.00149

98.

Taber, K.S.: The Use of Cronbach’s Alpha When Developing and Reporting Research Instruments in Science Education, Res. Sci. Educ, vol. 48, no. 6, pp. 1273–1296, Dec. (2018). https://doi.org/10.1007/S11165-016-9602-2/TABLES/1

99.

Williams, B., Onsman, A., Brown, T.: Exploratory factor analysis: A five-step guide for novices. J. Emerg. Prim. Heal Care. 8(3), 1–13 (2010). https://doi.org/10.33151/ajp.8.3.93CrossRef

100.

Wood, J.M., Tataryn, D.J., Gorsuch, R.L.: Effects of under- and overextraction on principal axis factor analysis with varimax rotation. Psychol. Methods. 1(4), 354–365 (1996). https://doi.org/10.1037/1082-989X.1.4.354CrossRef

101.

Li, C.-H.: Confirmatory factor analysis with ordinal data: Comparing robust maximum likelihood and diagonally weighted least squares. Behav. Res. Methods. 48(3), 936–949 (2016). https://doi.org/10.3758/s13428-015-0619-7CrossRef

102.

Hu, L.-T., Bentler, P.M.: Fit indices in Covariance structure modeling: Sensitivity to Underparameterized Model Misspecification. Psychol. Methods. 3(4), 424–453 (1998). https://doi.org/10.1037/1082-989X.3.4.424CrossRef

103.

Hoe, S.L.: Issues and procedures in adopting structural equation modelling technique. J. Quant. Methods. 3(1), 76 (2008)

104.

Bentler, P.M.: Comparative fit indexes in structural models. Psychol. Bull. 107(2), 238–246 (1990). https://doi.org/10.1037/0033-2909.107.2.238CrossRef

105.

Sharma, S., Mukherjee, S., Kumar, A., Dillon, W.R.: A simulation study to investigate the use of cutoff values for assessing model fit in covariance structure models. J. Bus. Res. 58(7), 935–943 (2005). https://doi.org/10.1016/j.jbusres.2003.10.007CrossRef

106.

Hu, L.T., Bentler, P.M.: Cutoff criteria for fit indexes in covariance structure analysis: Conventional criteria versus new alternatives, https://doi.org10705519909540118, vol. 6, no. 1, pp. 1–55, (2009). https://doi.org/10.1080/10705519909540118

107.

Ogbanufe, O., Kim, D.J., Jones, M.C.: Informing cybersecurity strategic commitment through top management perceptions: The role of institutional pressures. Inf. Manag. 58(7) (2021). https://doi.org/10.1016/j.im.2021.103507

108.

Reeves, A., Calic, D., Delfabbro, P.: Get a red-hot poker and open up my eyes, it’s so boring’1: Employee perceptions of cybersecurity training. Comput. Secur. 106 (2021). https://doi.org/10.1016/j.cose.2021.102281

109.

Mian, T.S., Alatawi, E.M.: Investigating how parental perceptions of Cybersecurity Influence Children’s safety in the Cyber World: A case study of Saudi Arabia. Intell. Inf. Manag. 15(5), 350–372 (2023)

110.

Mohamed, M., Porterfield, T., Chakraborty, J.: Cross-cultural effects on graphical password memorability and design. J. Syst. Inf. Technol. 23(1), 82–108 (2021). https://doi.org/10.1108/JSIT-06-2020-0105CrossRef

111.

Corradini, I.: Security: Human nature and Behaviour. in In: Studies in Systems, Decision and Control. Themis Research Center, vol. 284, pp. 23–47. Springer, Rome, Italy (2020). https://doi.org/10.1007/978-3-030-43999-6_2CrossRef

112.

Nel, F., Drevin, L.: Key elements of an information security culture in organisations. Inf. Comput. Secur. 27(2), 146–164 (2019). https://doi.org/10.1108/ICS-12-2016-0095CrossRef

113.

Hong, Y., Kim, M.-J., Roh, T.: Mitigating the impact of work overload on Cybersecurity Behavior: The moderating influence of corporate Ethics—A mediated moderation analysis. Sustainability. 15, 19 (2023). https://doi.org/10.3390/su151914327CrossRef

114.

Nwankpa, J.K., Datta, P.M.: Remote vigilance: The roles of cyber awareness and cybersecurity policies among remote workers. Comput. Secur. 130, 103266 (2023). https://doi.org/10.1016/j.cose.2023.103266CrossRef

115.

Shah, M.U., Iqbal, F., Rehman, U., Hung, P.C.K.: A comparative Assessment of human factors in Cybersecurity: Implications for Cyber Governance. IEEE Access. 11, 87970–87984 (2023). https://doi.org/10.1109/ACCESS.2023.3296580CrossRef

116.

Al-Hasani, Y.S., Zain, J.M., Azrag, M.A.K., Edris, K.H.M.: Relationship Between Consumer’s Social Networking Behavior and Cybercrime Victimization Among the University Students, in International Conference on Information Systems and Intelligent Applications, pp. 683–694. (2023). https://doi.org/10.1007/978-3-031-16865-9_55

117.

Burrell, D.N., Johnson, T., Shufutinsky, A., Ramjit, D.-M.: Organizational Dynamics of the Rise of Telework as an Adaptive Response to a Global Pandemic, L. Forces Acad. Rev, vol. 26, no. 3, pp. 209–222, Sep. (2021). https://doi.org/10.2478/RAFT-2021-0028

Titel: Perceptions of organizational responsibility for cybersecurity in Saudi Arabia: a moderated mediation analysis
verfasst von: Ahmed M. Asfahani
Publikationsdatum: 26.04.2024
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-024-00859-3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Premium Partner