By Topic

An Integrative Model of Information Security Awareness for Assessing Information Systems Security Risk

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Mejias, R.J. ; Dept. of Inf. Syst., Arizona State Univ., Tempe, AZ, USA

The pervasiveness of IT in supporting critical operations has made organizations increasingly vulnerable to IT threats. Since the impact of malicious IT may be complex, researchers suggest a multi-perspective approach to better understanding malicious IT and threat avoidance behavior. Drawing upon concepts from system dynamics, cybernetic theory and Technological Threat Avoidance Theory (TTAT) we develop a research model that contributes to our understanding of information security awareness (ISA) and its association with IS security risk assessment. Using a sample base of 119 IS security practitioners, an ISA research model was developed and tested using structural equation modeling. Our results indicate that the constructs technical knowledge, organizational impact, and attacker assessment generate strong correlations with ISA. Interestingly, organizational impact and attacker assessment generated stronger associations with ISA than technical knowledge. Our results also indicate that ISA is highly correlated with ISS risk assessment.

Published in:

System Science (HICSS), 2012 45th Hawaii International Conference on

Date of Conference:

4-7 Jan. 2012