Benedikt Lebek, Jörg Uffen, Markus Neumann, Bernd Hohler and Michael H. Breitner
This paper aims to provide an overview of theories used in the field of employees’ information systems (IS) security behavior over the past decade. Research gaps and implications…
Abstract
Purpose
This paper aims to provide an overview of theories used in the field of employees’ information systems (IS) security behavior over the past decade. Research gaps and implications for future research are worked out by analyzing and synthesizing existing literature.
Design/methodology/approach
This paper presents the results of a literature review comprising 113 publications. The literature review was designed to identify applied theories and to understand the cognitive determinants in the research field. A meta-model that explains employees’ IS security behavior is introduced by assembling the core constructs of the used theories.
Findings
The paper identified 54 used theories, but four behavioral theories were primarily used: Theory of Planned Behavior (TPB), General Deterrence Theory (GDT), Protection Motivation Theory (PMT) and Technology Acceptance Model (TAM). By synthesizing results of empirically tested research models, a survey of factors proven to have a significant influence on employees’ security behavior is presented.
Research limitations/implications
Some relevant publications might be missing within this literature review due to the selection of search terms and/or databases. However, by conduction a forward and a backward search, this paper has limited this error source to a minimum.
Practical implications
This study presents an overview of determinants that have been proven to influence employees’ behavioral intention. Based thereon, concrete training and awareness measures can be developed. This is valuable for practitioners in the process of designing Security Education, Training and Awareness (SETA) programs.
Originality/value
This paper presents a comprehensive up-to-date overview of existing academic literature in the field of employees’ security awareness and behavior research. Based on a developed meta-model, research gaps are identified and implications for future research are worked out.
Details
Keywords
To provide a coherent theoretical framework for interdisciplinary research on happiness, integrating the psychological, physiological/biological, and social/cultural levels…
Abstract
Purpose
To provide a coherent theoretical framework for interdisciplinary research on happiness, integrating the psychological, physiological/biological, and social/cultural levels, permitting integration of disparate approaches within and across disciplines.
Design/methodology/approach
Principles and findings of cybernetics are combined to shed light on difficulties encountered by research on happiness. Using a problem‐oriented approach, the reference system is defined as a psychological information‐processing and decision‐making system. This is an actor system in the social world needing orientation to act. Bossel's systems theory of orientation is applied to emotionality as a subsystem of the psychological system. Happiness, in terms of orientation theory, can be conceived as a meta‐orientor indicating wholeness, health, and the functioning of the overall‐system.
Findings
Emotionality and rationality are complementary decision‐making systems. Conditions are identified for developing the capability for emotional orientation and happiness in individuals. These conditions are strongly dependent on the social/cultural environment. Among them are the need for diversity in real‐life experience and for psychological acceptance of both oneself and the (sociocultural) environment. They can permit (relative) stability of happiness defined as an emotional state.
Practical implications
Further research can produce methods to improve happiness both by coaching individuals and by developing social conditions more conducive to happiness, e.g. in education. Happiness is a subjective indicator for physical, psychological, and social wellbeing taken together, which is the definition of health of WHO.
Originality/value
This sociocybernetic approach, combining systems concepts with orientation theory, can serve as an integrative theoretical framework for so far separate theoretical approaches.