{"title":"Toward a Unified View of Dynamic Information Security Behaviors","authors":"Canchu Lin, X. Luo","doi":"10.1145/3447934.3447940","DOIUrl":null,"url":null,"abstract":"Extant information systems security research identified and examined a variety of individual as well as organizational factors influencing information security behaviors, but rarely offered sufficient theoretical insight into the interaction of the individual factors with the organizational context in impacting information security behaviors. To fill this gap, this study proposes a theoretical framework that builds on the concepts of organizational culture and sensemaking to show that: 1) information security behaviors are outcomes of sensemaking; and 2) sensemaking is enabled as well as constrained by organizational culture. This study further epitomizes that information security diagnosing, solving, and performing behaviors emerge as outcomes of sensemaking about information security during the organization's interactions with technology. Theoretical and pragmatic contributions of this framework and future research directions are also demonstrated.","PeriodicalId":46842,"journal":{"name":"Data Base for Advances in Information Systems","volume":"60 1","pages":"65 - 90"},"PeriodicalIF":2.8000,"publicationDate":"2021-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Data Base for Advances in Information Systems","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1145/3447934.3447940","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INFORMATION SCIENCE & LIBRARY SCIENCE","Score":null,"Total":0}
引用次数: 3
Abstract
Extant information systems security research identified and examined a variety of individual as well as organizational factors influencing information security behaviors, but rarely offered sufficient theoretical insight into the interaction of the individual factors with the organizational context in impacting information security behaviors. To fill this gap, this study proposes a theoretical framework that builds on the concepts of organizational culture and sensemaking to show that: 1) information security behaviors are outcomes of sensemaking; and 2) sensemaking is enabled as well as constrained by organizational culture. This study further epitomizes that information security diagnosing, solving, and performing behaviors emerge as outcomes of sensemaking about information security during the organization's interactions with technology. Theoretical and pragmatic contributions of this framework and future research directions are also demonstrated.