Understanding the mindset of the abusive insider: An examination of insiders?causal reasoning following internal security changes

详细信息    查看全文

• 作者：Clay  ; Posey^a ;   ; ^{mcposey@ualr.edu} ; Rebecca J.  ; Bennett^b ;   ; ^{rbennett@latech.edu} ; Tom L.  ; Roberts^c ;   ; ^{troberts@latech.edu}[Author vitae]
• 关键词：Computer abuse ; Behavioral information security ; Attributions ; Causal reasoning ; Attributed trust
• 刊名：Computers and Security
• 出版年：2011
• 出版时间：September-October 2011
• 年：2011
• 卷：30
• 期：6-7
• 页码：486-497
• 全文大小：458 K

文摘

Employees can have a profound, detrimental influence on information security that costs organizations billions of U.S. dollars annually. As a result, organizations implement stringent security controls, which can inadvertently foster the behaviors that they are designed to deter. This research attempts to understand this phenomenon of increased internal computer abuses by applying causal reasoning theory to explain employees?causal-search process following the implementation of information security measures. Our findings show how interpersonal and environmental factors influence insiders?beliefs that the organization trusts them (i.e., attributed trust) and how low attributed trust perceptions drive computer abuse incidents subsequent to security changes. We also highlight the need for both managers and security researchers to assess the frequency with which employees encounter information security changes within dynamic, organizational environments.