It ain’t my business: a coping perspective on employee effortful security behavior
Journal of Enterprise Information Management
ISSN: 1741-0398
Article publication date: 8 July 2019
Issue publication date: 21 August 2019
Abstract
Purpose
Human factor is often cited as one of the biggest challenges for organizational information security management. The purpose of this paper is to investigate how and why employees fail to carry out required security tasks.
Design/methodology/approach
On the basis of coping theory, this paper develops a theoretical model to examine employee effortful security behavior (ESB). The model is tested with the data collected through a survey of computer users.
Findings
The results suggest that employee procrastination of security tasks and psychological detachment from security issues are two antecedents of ESB. Psychological detachment and procrastination are in turn influenced by perceived externalities of security risk and triage of business tasks over security issues by employees.
Originality/value
This paper contributes to the information systems security literature by providing a nuanced understanding of the antecedents and process of how employees cope with security task demands. It also offers some insights for practitioners in terms of the importance of designing and implementing security measures that are viewed as relevant to employees.
Keywords
Acknowledgements
This research is supported by the Natural Science Foundation of China (7177020032).
Citation
Xu, Z. and Guo, K. (2019), "It ain’t my business: a coping perspective on employee effortful security behavior", Journal of Enterprise Information Management, Vol. 32 No. 5, pp. 824-842. https://doi.org/10.1108/JEIM-10-2018-0229
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited