Skip to main content
Article
Investigation into the formation of information security influence: Network analysis of an emerging organisation
Computers & Security (2017)
  • Duy Dang-Pham, RMIT University
  • Siddhi Pittayachawan, RMIT University
  • Vince Bruno, RMIT University
Abstract
While prior research has been examining information security behaviours in mature environments with formal policies and practices, there is less attention paid to new or transforming environments that lack security controls. It is crucial to understand what factors affect the formation of an emerging information security environment, so that security managers can make use of the forming mechanisms to improve the security environment without relying too much on enforcement. This research adopts exponential random graph modeling to predict the occurrence of information security influence among 114 employees in a recently established construction organisation. Our empirical findings show that physically co-locating, as well as having specific senior levels and similar tenure can result in more security influence. Other contributing work relationships include the exchange of work-related advice, interpersonal trust, and seeing others as role model and long-term collaborators. The structural features of the information security influence network were also examined, which offer strategies for security managers to diffuse security behaviours within the workplace. Furthermore, specific directions for future network research were elaborated in detail.
Publication Date
September, 2017
DOI
10.1016/j.cose.2017.05.010
Citation Information
Duy Dang-Pham, Siddhi Pittayachawan and Vince Bruno. "Investigation into the formation of information security influence: Network analysis of an emerging organisation" Computers & Security Vol. 70 (2017) p. 111 - 123
Available at: http://works.bepress.com/siddhi/48/