Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness
Source: Reed Elsevier
Secure management of information systems is crucially important in information intensive organizations. Although most organizations have long been using security technologies, it is well known that technology tools alone are not sufficient. Thus, the area of end-user security behaviors in organizations has gained an increased attention. In information security observing end-user security behaviors is challenging. Moreover, recent studies have shown that the end users have divergent security views. The inability to monitor employee IT security behaviors and divergent views regarding security policies, in the view, provide a setting where the principal agent paradigm applies.