Why employees share information security advice? Exploring the contributing factors and structural patterns of security advice sharing in the workplaceComputers in Human Behavior (2017)
As modern organisations are dealing with a growing amount of data and strategic information systems, the need to protect these vital assets becomes paramount. An emerging topic in behavioural security field is security advice sharing, which plays a crucial role in helping organisations develop people-centric security workplaces whereby the employees' information security awareness and personal accountability for security are fostered. This research employs social network analysis methods to explore why the employees are willing to share information security advice, as well as examines the structural patterns of this sharing network. We found favourable security attitude and engagement in daily activities have positive impacts on security advice sharing, whereas perceiving too much social pressure makes the employees deliberately refuse to share security advice. We also found security advice sharing is transitive and non-reciprocal, and there are a few dominant employees who control the flow of security advice. Practical recommendations about strategies to increase security advice sharing within the workplace are discussed, and by conducting this research we demonstrate the empirical adoption of social network analysis techniques in the behavioural security field.
Publication DateFebruary, 2017
Citation InformationDuy Dang-Pham, Siddhi Pittayachawan and Vince Bruno. "Why employees share information security advice? Exploring the contributing factors and structural patterns of security advice sharing in the workplace" Computers in Human Behavior Vol. 67 (2017) p. 196 - 206
Available at: http://works.bepress.com/siddhi/52/
Creative Commons license
This work is licensed under a Creative Commons CC_BY-NC International License.