Hardening the 'Human Firewall' Through Security Role Identity Activation: A Social Information Processing Perspective

Abstract

Employees' security behaviors are essential to organizational information security posture. Unfortunately, employee disinterest in security risks and risk-mitigating behaviors remains a persistent challenge. In response, scholars have turned attention to intrinsic motivational drivers of employees' security behaviors. Within this stream, security role identity is highlighted as a powerful influence on secure behavior enactment; however, we currently understand very little about how to effectively manipulate it. In an effort to inform strategies for hardening the 'human firewall' through activation of employees' security role identities, this research examines security behavior enactment through a distinct role-focused, social information processing lens. Grounded in identity theory and self-efficacy theory of motivation, this study highlights two important sources of social information-supervisor embodiment of organizational information security values and IS department security-related support-which promote security role activation (as captured via security behavior enactment) through attenuation of security role-related strain and enhancement of security role-related efficacy.

Department(s)

Information Technology and Cybersecurity

Document Type

Conference Proceeding

Keywords

IS department support, security strain, Self-efficacy theory of motivation, supervisor security embodiment

Publication Date

1-1-2024

Journal Title

30th Americas Conference on Information Systems Amcis 2024

Citation-only

Share

COinS