Skip to main content
Registrieren
Springer Professional
SUCHE
MENÜ 1 2 3 4
nach oben

Tipp

Weitere Kapitel dieses Buchs durch Wischen aufrufen

Erschienen in:
Digital Transformation and Human Behavior: An Introduction Kapitel lesen Erstes Kapitel lesen

2021 | OriginalPaper | Buchkapitel

How Do Employees Learn Security Behavior? An Integrated Perspective on Social Learning and Rational Decision Making

verfasst von : Adriana Niechoy, Kristin Masuch, Simon Trang

Erschienen in: Digital Transformation and Human Behavior

Verlag: Springer International Publishing

Einloggen, um Zugang zu erhalten
share
TEILEN

Abstract

The information security has become one of the most important topics in the modern information technology of companies. It influences the way companies work and the exchange of information between them. Information security policies are one of the most important instruments for compliance with information security (ISC). It is particularly important that the defined rules are adhered to. In order to explain human behaviour with regard to ISC, this paper uses the established theory of Social Learning Theory (SLT) and Rational Choice Theory (RCT). However, they are rarely used to explain the ISC. This article aims to combine behavioral and IS research to better understand ISC. We provide an overview and description of the effects of SLT and RCT on ISC through a PLS analysis. The results of this study show that SLT has an influence on RCT and therefore the ISC can be explained by the two theories used.

Sie möchten Zugang zu diesem Inhalt erhalten? Dann informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 69.000 Bücher
  • über 500 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 50.000 Bücher
  • über 380 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe



 


Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 58.000 Bücher
  • über 300 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko





Jetzt 90 Tage mit der neuen Mini-Lizenz testen!

Jetzt informieren
Vorheriges Kapitel Motives Behind DDoS Attacks
Nächstes Kapitel Digital Emancipation: Are We Becoming Prisoners of Our Own Device?
Literatur
1.
Akers, R. L. (1979). Social learning and deviant behavior: A specific test of a general theory. American Sociological Review, 44(4), 636–655. CrossRef
2.
Akers, R. L. (1990). Rational choice, deterrence, and social learning theory in criminology: The path not taken. Journal of Criminal Law and Criminology, 83(3), 653–676. CrossRef
3.
Akers, R. L. (1998). Social learning and social structure: A general theory of crime and deviance. Boston: Northeastern Univ. Press.
4.
Bagozzi, R. P., & Yi, Y. (1988). On the evaluation of structural equation models. Journal of the Academy of Marketing Science, 16(1), 74–94. CrossRef
5.
Bandura, A. (1977). Social learning theory, Prentice-Hall series in social learning theory. New Jersey: Prentice-Hall, Englewood Cliffs.
6.
Bandura, A., & Walters, R. H. (1964). Social learning and personality development. New York [u.a.]: Holt, Rinehart and Winston, Inc.
7.
Brauer, J. R. (2009). Testing social learning theory using reinforcement’s residue: A multilevel analysis of self-reported theft and marijuana use in the national youth survey. Criminology, 47(3), 929–970. CrossRef
8.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523–548. CrossRef
9.
Cheng, L., Li, Y., Li, W., Holm, E., & Zhai, Q. (2013). Understanding the violation of IS security policy in organizations: An integrated model based on social control and deterrence theory. Computers & Security, 39, 447–459. CrossRef
10.
Coleman, J. S., & Fararo, T. J. (1992). Rational choice theory: Advocacy and critique. Newbury Park/London/New Delhi: Sage Publications.
11.
D’Arcy, J., & Herath, T. (2011). A review and analysis of deterrence theory in the IS security literature: Making sense of the disparate findings. European Journal of Information Systems, 20(6), 643–658. CrossRef
12.
Disterer, G., & Kleiner, C. (2013). BYOD bring your own device. Procedia Technology, 9, 43–53. CrossRef
13.
Eriksson, L. (2011). Rational choice theory: Potential and limits, political analysis. Basingstoke: Palgrave Macmillan. CrossRef
14.
Fornell, C., & Larcker, D. F. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 39–55.
15.
Hair, J. F., Sarstedt, M., Ringle, C. M., & Mena, J. A. (2012). An assessment of the use of partial least squares structural equation modeling in marketing research. Journal of the Academy of Marketing Science, 40(3).
16.
Herath, T., & Rao, H. R. (2009a). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154–165. CrossRef
17.
Herath, T., & Rao, H. R. (2009b). Protection motivation and deterrence: A framework for security policy compliance in organisations. European Journal of Information Systems, 18(2), 106–125. CrossRef
18.
Higgins, G. E., Fell, B. D., & Wilson, A. L. (2007). Low self-control and social learning in under-standing students’ intentions to pirate movies in the United States. Social Science Computer Review, 25(3), 339–357. CrossRef
19.
Homburg, C., & Baumgartner, H. (1995). Beurteilung von Kausalmodellen: Bestandsaufnahme und Anwendungsempfehlung. Marketing: Zeitschrift für Forschung und Praxis, 162–176.
20.
Ifinedo, P. (2014). Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition. Information & Management, 51, 69–79. CrossRef
21.
Johnston, A. C. (2016). Dispositional and situational factors: Influences on information security policy violations. European Journal of Information Systems, 25, 231–251. CrossRef
22.
Kim, S. H., Yang, K. H., & Park, S. (2014). An integrative behavioral model of information security policy compliance. The Scientific World Journal, 2014, 463870.
23.
Lowry, P. B., Zhang, J., Wang, C., & Siponen, M. (2016). Why do adults engage in cyberbullying on social media? An integration of online disinhibition and deindividuation effects with the social structure and social learning model. Information Systems Research, 27(4), 962–986. CrossRef
24.
McCarthy, B. (2002). New economics of sociological criminology. Annual Review of Sociology, 28(1), 417–442. CrossRef
25.
Moody, G. D., Siponen, M., & Pahnila, S. (2018). Toward a unified model of information security policy compliance. MIS Quarterly, 42(1), 285–311. CrossRef
26.
Paternoster, R., & Pogarsky, G. (2009). Rational choice, agency and thoughtfully reflective decision making: The short and long-term consequences of making good choices. Journal of Quantitative Criminology, 25(2), 103–127. CrossRef
27.
Pereira, T., Barreto, L., & Amaral, A. (2017). Network and information security challenges within Industry 4.0 paradigm. Procedia Manufacturing, 13, 1253–1260.
28.
29.
Safa, N. S., Solms, R., & Furnell, S. (2016). Information security policy compliance model in organizations. Computers & Security, 56, 70–82. CrossRef
30.
Siponen, M., & Vance, A. (2010). Neutralization: New insights into the problem of employee information systems security policy violations. MIS Quarterly, 34(3), 487. CrossRef
31.
Skinner, W. F., & Fream, A. M. (1997). A social learning theory analysis of computer crime among college students. Journal of Research in Crime and Delinquency, 34(4), 495–518. CrossRef
32.
33.
Trang, S. (2018). When does deterrence work? A moderation meta-analysis of employees’ information security policy behavior. In International Conference on Information Systems (ICIS), 29.
34.
Wolf, D. (2005). Ökonomische Sicht(en) auf das Handeln: Ein Vergleich der Akteursmodelle in ausgewählten Rational-Choice-Konzeptionen, Zugl.: Witten/Herdecke, Univ., Diss, Institutionelle und evolutorische Ökonomik. Marburg: Metropolis-Verlag.
Metadaten
Titel
How Do Employees Learn Security Behavior? An Integrated Perspective on Social Learning and Rational Decision Making
verfasst von
Adriana Niechoy
Kristin Masuch
Simon Trang
Copyright-Jahr
2021
Buch
Digital Transformation and Human Behavior

Print ISBN: 978-3-030-47538-3

Electronic ISBN: 978-3-030-47539-0

Copyright-Jahr: 2021

DOI
https://doi.org/10.1007/978-3-030-47539-0_11

Premium Partner