Employee Information Security Practices: A Framework and Research Agenda
Peer reviewed, Journal article
Accepted version
View/
Date
2020Metadata
Show full item recordCollections
Original version
Hustad, E., Bekkevik, F. M., Holm, O. R., Vassilakopoulou, P. (2020). Employee Information Security Practices: A Framework and Research Agenda. International Journal of E-Services and Mobile Applications, 12(2), 1-14. https://doi.org/10.4018/IJESMA.2020040101Abstract
Employee information security practices are pivotal to prevent, detect, and respond to security incidents. This paper synthesizes insights from research on challenges related to employee information security practices and measures to address them. The challenges identified are associated to idiosyncratic aspects of communities and individuals within organizations (culture and personal characteristics) and to systemic aspects of organizations (procedural and structural arrangements). The measures identified aim to enhance systemic capabilities and to adapt security mechanisms to the idiosyncratic characteristics and are categorized as: (a) measures of training and awareness, (b) measures of organizational support, (c) measures of rewards and penalties. Further research is needed to explore the dynamics related to how challenges emerge, develop, and get addressed over time and also, to explore the interplay between systemic and idiosyncratic aspects. Additionally, research is needed on the role of security managers and how it can be reconfigured to suit flatter organizations
Description
Author's accepted manuscript
Publisher
I G I PublishingJournal
International Journal of E-Services and Mobile ApplicationsCopyright
© 2020 The Author(s)
Except where otherwise noted, this item's license is described as Navngivelse 4.0 Internasjonal