The Interplay of InfoSec Mindfulness and Sanctions on Extra Role Security Behaviors: A Trait Activation Perspective

Abstract

Organizational information security performance is inextricably tied to the security behavior of employees. While employee behavior has long been considered a challenge to information security, recent shifts to a more remote work force have amplified organizational focus on employees to protect information assets. Under these conditions, InfoSec Extra Role Behaviors (ERBs) have become increasingly important to mitigating security threats. The literature suggests that mindfulness is an important human factor that may lead to InfoSec ERBs. We examine mindfulness through the lens of trait activation theory. Trait activation theory (TAT) explicitly ties individual traits to situational features of the environment to predict trait related behavior. In TAT, a relevant feature of the organizational environment is situation strength which constrains behavioral variance through trait expression. Thus, we operationalize sanctions as a measure for situation strength in the InfoSec context and propose a model that examines the interplay between a relevant human factor, mindfulness, and a common organizational intervention, sanctions, and the impact that interplay has on InfoSec ERB enactment.

Department(s)

Information Technology and Cybersecurity

Document Type

Conference Proceeding

Keywords

Extra-Role Behaviors, Information Security, Mindfulness, Sanctions, Trait Activation

Publication Date

1-1-2023

Journal Title

29th Annual Americas Conference on Information Systems Amcis 2023

Citation-only

Share

COinS