دانلود رایگان مقاله اثرات اقلیم امنیتی در به اشتراک گذاری کارکنان از مشاوره امنیت

Abstract

While extant research has studied the motivations of individualistic security compliance, this study explains what motivates employees to share security advice and troubleshoot with others. We argue that such findings are crucial for the development of people-centric security workplaces, where desirable security behaviors are disseminated amongst the employees. In this research, we applied network analysis techniquesto perform two tasks. First, we explored the structural patterns of employees’sharing of security advice and troubleshooting. Second, we evaluated the effects of security climate perceptions, perceived accountability, and personal attributes on those sharing activities. While the sharing network was found to be thin and sparse, perceptions of a direct supervisor’s security practices and accountability for security tasks can increase sharing. Age, seniority, and tenure–—as well as having the same gender and department membership–—can also motivate sharing. In contrast, security climate perceptions of coworkers and top management’s security practices were found to discourage sharing. Our practical recommendations focus on the strategies to maximize security engagement in the workplace. Potential ideas for future research are also discussed in detail. Most importantly, we hope to offer this research as the foundation for future network studies in the behavioral security field.

6. Limitations and conclusion

Our findings were drawn from ABC’s unique context and based on theoretical frameworks such as security climate and accountability theory. Therefore, the findings and their implications are limited to settings similar to ABC or to where the theoretical frameworks can be extended. We expect that the effects may vary in different contexts. For example, security climate perception of coworkers’ security practices may hold a more important role in stimulating security engagement in workplaces that lack formal security leadership. Those limitations further justify the need for future studies to validate and extend our research. Throughout this study we have answered two research questions stated at the beginning. First, we found the security engagement network to be thin and sparse and it contains a few influential nodes that can be technical or non-technical staff. Security groups are also visible in the network diagram and separated by physical location and department membership (e.g., factory and architect divisions). Second, we found security climate perceptions to have statistically significant effects on security engagement, as do perceived accountability and personal attributes. Practical implications of this research primarily focus on strategies to maximize security engagement in the workplace via direct supervisors and education of personal accountability. Furthermore, we hope to offer this research as the foundation for future network studies in the behavioral security field, and we look forward to seeing interesting and practical outcomes from those studies.