Abstract
With the increasing importance of cybersecurity in organizations, it becomes crucial that employees behave securely. In the present article, we investigate the interplay of antecedents on this behavior. We conceptualize cybersecurity behavior through the components of compliance and participation and investigate the relationship between security knowledge, threat appraisal (i.e., severity and susceptibility), and working conditions (i.e., time pressure, decision-making autonomy). We conducted an online survey in four public organizations, collecting quantitative cross-sectional data from 214 employees. The survey captured subjective perceptions of the concepts. Findings showed a positive effect of security knowledge on security compliance and security participation. The perception of severity and susceptibility strengthened both effects. Additionally, the presence of time pressure reduced the effect of security knowledge on security compliance, while having decision-making autonomy increased the effect of security knowledge on security participation. Our study demonstrates the interplay between antecedents and highlights the role of working conditions in employees’ cybersecurity behavior. Implications for practice in terms of training approaches considering work design are discussed.
Original language | English |
---|---|
Article number | 7 |
Number of pages | 19 |
Journal | Cyberpsychology: Journal of Psychosocial Research on Cyberspace |
Volume | 17 |
Issue number | 4 |
DOIs | |
Publication status | Published - 18 Sept 2023 |
Research Field
- Former Research Field - Experience Business Transformation
Keywords
- cybersecurity
- security knowledge
- threat appraisal
- working conditions
- time pressure
- decision-making autonomy
- perceived severity
- perceived susceptibility