Abstract
In today's world, organizations rely on cybersecurity end-user compliance as an essential practical parameter. Yet cybersecurity compliance remains a challenge, and failures are commonplace. But why? In addressing this question, we argue that ISP compliance is neither too monolithic nor too granular a construct but needs respecification. We empirically investigate cybersecurity antecedents leading to (i) user protection-centric password management and (ii) system protection-centric update compliance dimensions. The results of our survey of 241 users show differentiating behavioral strands intertwined across different types of compliance, highlighting a unique interplay of attitudes, knowledge, and social factors as antecedents to password and update compliance.
Original language | English |
---|---|
Journal | Information & Management |
Volume | 61 |
Issue number | 8 |
Pages (from-to) | 1 |
Number of pages | 16 |
ISSN | 0378-7206 |
DOIs | |
Publication status | Published - 2024 |
Keywords
- End-user compliance
- Behavioral economics
- Biases
- Diligence
- IT security knowledge
- Social networking activity