Computers in Human Behavior
Gaining Access with Social Engineering: An Empirical Study of the Threat
Information Systems Security
Information Systems Research
Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model
Journal of Management Information Systems
The economic impact of cyber terrorism
The Journal of Strategic Information Systems
| Hi-index | 0.00 |
Information security is a growing concern among the general population. For instance, it has been estimated by the U.S. Department of Justice (2004) that one in three people will become victims of identity theft at some point in their lifetime. The bulk of the research into information security has gone into the investigation of technological aspects of security, and there are gaps in the literature relative to contravention of security measures. Drawing from deterrence theory and using the theory of planned behavior as a general framework, this empirical field study investigated the effects of punishment and ethics training on behaviors related to contravention of information security measures among information professionals to fill an important gap in the literature. We found that both punishment and ethics training can be effective in mitigating the threat of software and information security, but that these depend on certain underlying motivational factors of individuals. The results of this study suggest a need to develop and refine the theoretical models, and we offer suggestions for getting at the root of behavioral issues surrounding information security. © 2007 Wiley Periodicals, Inc.