top of page
Writer's pictureObi Ogbanufe, PhD

Enhancing End-User Roles in Information Security: Exploring the Setting, Situation, and Identity

Updated: Oct 8, 2021

Could employees see themselves as or identify as cybersecurity end-users? What are the benefits, and how does it work?


Published: Computers & Security https://doi.org/10.1016/j.cose.2021.102340

Author: Obi Ogbanufe

Managing employee behaviors is a continuous quest for management. The quest is even more intense in the cybersecurity space, where a seemingly small unintentional activity could destabilize an organization’s network.


"Given the seriousness of information security for organizations, and the study’s results highlighting that individuals can build an identity with the information security role, perhaps it is time for organizations to recognize employees as information security end-users, security protection users, policy adherents, even security enthusiasts."


Abstract

Managing employee behaviors is a continuous quest for management. The quest is even more intense in the information security space, where a seemingly unintentional activity could have a consequential effect on an organization’s security. The information security literature has used many theoretical approaches to explain how to regulate employee security behaviors, including protection motivation and deterrence. However, a theoretical approach that has captured the focus in organizational literature for behavioral regulation and yet to be realized in the information security domain is work-related identities. Work-related identity regulation depends on settings and situations in which the individual is embedded. This study draws from the identity theory and information security literature to explore how factors in the information security setting (security threats, security policy, and organizational

support) help foment work-related information security identity and security behaviors. Our

findings show that these factors significantly increase the user’s identification in their roles

in information security, and in turn, security behaviors. #cyberrisk, #cyberenthusiat, #cybersecuritybehaviors, #cyberidentity, #cybersecurityroleidentity


Building a cybersecurity identity

Research question: what factors in the information security setting drive how users identify with the information security role?



43 views0 comments

Comments


Commenting has been turned off.
bottom of page