Show simple item record

Studies on Employees’ Information Security Awareness

dc.contributor.advisorKranz, Johann Prof. Dr.
dc.contributor.authorHäußinger, Felix
dc.titleStudies on Employees’ Information Security Awarenessde
dc.contributor.refereeKranz, Johann Prof. Dr.
dc.description.abstractengLiving in a digital age, where all kinds of information are accessible electronically at all times, organizations worldwide struggle to keep their information assets secure. It is assumed that 50 - 70 % of overall information systems security (ISS) incidents in organizations are either directly or indirectly the result of human error. In order to explore how organizations can defend themselves against the harmful ISS behavior of their employees, the topic of information security awareness (ISA) has become a top priority in the community. However, still many questions concerning our understanding of the emergence of information security awareness and its closely related behavior remain unanswered. The purpose of this cumulative dissertation is to expand our body of knowledge according to employees’ ISA by encompassing three interrelated studies, each of which formulates a series of research questions directed at different aspects of the topic. Study 1 represents a synthesized up-to-date review of the current state of ISA literature, with the aim to provide quick, structured access to the accumulated knowledge of ISA research, to give implications for scholars and practitioners and to reveal potential areas for further research. Study 2 builds up on the findings of study 1 and empirically tests a proposed research model that examines specific institutional, individual, and socio-environmental factors that are liable for the emergence of employees’ ISA. Moreover, the research model investigates the important, yet not studied mediating role of ISA on the relationship between ISA’s antecedents and employees’ intention to comply with information security policies (ISPs). Study 3 develops and empirically tests a research model that integrates the concept of ISA with general and situation specific motivational theories, in order to show how ISA, different types of endogenous motivation, personal values, and the internalization of ISPs are linked together to explain employees’ motivation to comply with ISPs. Findings emphasize why deterrence – a principle that dominates the literature to answer this essential question – is not enough. Each of the dissertation’s studies provides extensive theoretical and methodical contributions, reveals implications for practice and policy makers, and points out potential avenues for future
dc.contributor.coRefereeKolbe, Lutz M. Prof. Dr.
dc.contributor.thirdRefereeMuntermann, Jan Prof. Dr.
dc.subject.engInformation Security Awarenessde
dc.subject.engInformation Security Behahaviorde
dc.subject.engInformation Systems Securityde
dc.subject.engAntecedents of Information Securityde
dc.subject.engEndogenous Motivationde
dc.affiliation.instituteWirtschaftswissenschaftliche Fakultätde
dc.subject.gokfullWirtschaftswissenschaften (PPN621567140)de

Files in this item


This item appears in the following Collection(s)

Show simple item record