Exploratory research of information security strategy focused on human factors (인간의 요소에 초점을 맞춘 정보 보안 전략 탐색)

LEE RYOWHOA (이려화); Hwang Inho (황인호); Sungho Hu (허성호)

doi:10.24173/jge.2017.12.6.4

Exploratory research of information security strategy focused on human factors

The Journal of General Education
2017, (6), pp.103~124
DOI : 10.24173/jge.2017.12.6.4
Publisher : Da Vinci Mirae Institute of General Education
Research Area : Social Science > Education > Field of Education > General Education
Published : December 30, 2017

LEE RYOWHOA ¹, Hwang Inho ¹, Sungho Hu ¹

¹중앙대학교

Candidate

ABSTRACT

This study focused on human behavior of threatening information security. Until now, it has been overly focused on technical factors. And many studies support the fact that information security awareness which is human element that cause information security problems are increasing. Three research models focusing on human behavior (individual perspective, organization perspective, personal/organizational interaction perspective) were proposed. First, information security in the individual perspective is explained by the protection motivation theory. Second, information security in the organizational perspective is explained by the information security system theory. And the perspective of individual / organization interaction is explained by theory of planned Behaviour. And some suggestions are about human behavior control. The factors of behavior control include the importance of security, usability, social influence, information security technology trust, computer self - efficacy, cognitive cost, and individual innovation.

KEYWORDS

information security, protection motivation theory, information security system, theory of planned Behaviour, information security awareness

Citation status

* References for papers published after 2023 are currently being built.

[book] 허성호 / 2017 / 교양인을 위한 심리학 연구 / 솔과학

[journal] A. Venkatesh / 2003 / User acceptance of information technology: Toward a unified view / MIS Quarterly 27(3) : 425~478

[journal] B. Bulgurcu / 2010 / Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness / MIS Quarterly 34(3) : 523~548

[journal] C. L. Anderson / 2010 / Practicing safe computing: a multimethod empirical examination of home computer user security behavioral intentions / MIS Quarterly 34(3) : 613~643

[journal] C. Roser / 1995 / Fear appeals and the formation of active publics / Journal of Communication 45(1) : 103~122

[journal] G. Furong / 2010 / The New Evolution of Research Information Technology Acceptance Models / Journal of Information 29(6) : 93~99

[journal] H. Cavusoglu / 2004 / A Model for Evaluating IT Security Investments / Communications of the ACM 47(7) : 87~92

[journal] H. Rhee / 2009 / Self-efficacy in information security : Its influence on end users' information security practice behavior / Computer Security 28(8) : 816~826

[journal] I. Ajzen / 1991 / The Theory of Planned Behavior / Organizational Behavior and Human Decision Processes 50(2) : 179~211

[book] ISACA / 2009 / An Introduction to the Business Model for Information Security / ISACA

[journal] J. Abawajy / 2014 / User preference of cyber security awareness delivery methods / Behav Inf Technol 33(3) : 236~247

[journal] J. Cox James / 2012 / Information systems user security : a structured model of the knowingedoing gap / Computer and Human Behaviour 28(5) : 1849~1858

[journal] J. D’Arcy / 2009 / User awareness of security countermeasures and its impacton information systems misuse : A deterrence approach / Information Systems Research 20(1) : 79~98

[journal] J. L. Spears / 2010 / User participation in information systems security risk management / MIS Quarterly 34(3) : 503~522

[journal] J. M. Stanton / 2005 / Analysis of end user security behaviors / Computer Security 24(2) : 124~133

[journal] K. Padayachee / 2012 / Taxonomy of compliant information security behavior / Computer Security 31(5) : 673~680

[journal] M. I. Woon / 2007 / Investigation of IS professionals'intention to practise secure development of applications / Int J Hum Comp Stud 65(1) : 29~41

[journal] M. Siponen / 2000 / A conceptual foundation for organizational information security awareness / Information Management and Computer Security 8(1) : 31~41

[journal] N. S. Safa / 2013 / A customer loyalty formation model in electronic commerce / Econ Model 35 : 559~564

[book] NIST / 2003 / Gaithersburg: National Institute of Standards and Technology / NIST Special Publication : 800~850

[journal] P. Ifinedo / 2014 / Information systems security policy compliance : an empirical study of the effects of socialisation, influence, and cognition / Inf Manag 51(1) : 69~79

[other] PCI / 2014 / Information Supplement: Best Practices for Implementing a Security Awareness Program, PCI SSC Standard : 19~25

[book] R. W. Rogers / 1983 / Cognitive and physiological processes in fear appeals and attitude change: a revised theory of protection motivation / Guilford Press : 142~168

[journal] S. Furnell / 2012 / Power to the people? The evolving recognition of human aspects of security / Computer Security 31(8) : 983~988

[journal] S. L. Pfleeger / 2012 / Leveraging Behavioral Science to Mitigate Cyber Security Risk / Computers & security 31(4) : 597~611

[journal] Z. Honghong / 2010 / An Empirical Study of Adoption-willingness of Innovative Technology Product Based on TAM Model / Science & Technology Progress and Policy 27(18) : 203~210

This paper was written with support from the National Research Foundation of Korea.

KJCKorea
Journal Central

The Journal of General Education 2023 KCI Impact Factor : 1.7

Exploratory research of information security strategy focused on human factors

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

The Journal of General Education 2023 KCI Impact Factor : 1.7

Exploratory research of information security strategy focused on human factors

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (10)

REFERENCES (26) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.