Effects of Team Collaboration on Sharing Information Security Advice: Insights from Network Analysis

Effects of Team Collaboration on Sharing Information Security Advice: Insights from Network Analysis

Duy Dang-Pham (RMIT University, School of Business IT and Logistics, Melbourne, Australia) and Mathews Nkhoma (RMIT Vietnam, Department of Business IT and Logistics, Ho Chi Minh City, Vietnam)
Copyright: © 2017 |Pages: 15
DOI: 10.4018/IRMJ.2017070104
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Active sharing of information security advice among the employees has undeniable implications for developing a sustainable security environment. This research examines this topic from the network perspective, and focuses on the work relationships that promote sharing security advice. Exponential random graph modeling technique was employed to evaluate the relationship between team collaborative activities and sharing security advice. The findings revealed that those who share security advice also tend to give work- and IT-related knowledge. Moreover, employees who have similar tenure tend to exchange security advice with each other more. Furthermore, the network of sharing security advice is transitive and has a tendency to form separate clusters. Security managers are suggested to take into account the research findings to identify key employees who frequently share security advice in the workplace and devise appropriate strategies to manage them.
Article Preview

Introduction

Protecting information security has been a critical business objective of modern organisations (Crossler et al., 2013). However, this objective is also commonly perceived by the employees as a non-task that is irrelevant to their daily work, thus discourages their security duties and actions (M. Siponen & Vance, 2010; von Solms & von Solms, 2004). Worse still, employees facing with a dilemma of achieving job performance and being required to comply with security policy were even found to engage in security violations in exchange for getting their main job done (Guo, Yuan, Archer, & Connelly, 2011). Therefore, the end-users have remained as a weakest link in the security chain, and organisations are advised to leverage the end-users’ security awareness to prevent information security incidents (Bulgurcu, Cavusoglu, & Benbasat, 2010; Safa & Von Solms, 2016; Sommestad, Karlzén, & Hallberg, 2015).

Among a plethora of the factors that contribute to end-users’ security compliance, sharing information security advice is an emerging topic that holds important implications (Dang-Pham, Pittayachawan, & Bruno, 2016; Safa & Von Solms, 2016; Tamjidyamcholo, Bin Baba, Shuib, & Rohani, 2014). For instance, Tamjidyamcholo et al. (2014) discussed that sharing security advice between organisations may reduce their expenses in information security. At the individual-level, active sharing security advice in a workplace helps to diffuse security awareness as well as prevent re-inventing the same security practices, so that security managers can better invest their time and budget in more important matters (Dang-Pham et al., 2016; Safa & Von Solms, 2016).

Prior research has investigated sharing security advice in two different approaches. For example, (Tamjidyamcholo et al., 2014) and (Safa & Von Solms, 2016) determined the contributing factors of the sharing act by testing theoretically-based models that focus on the end-user’s cognition and behaviour. In contrast, (Dang-Pham et al., 2016) analysed the sharing act in the network form of interactions between individuals. They explored and compared the structural features of sharing security advice network with core organisational networks such as exchange of work advice and trust, and used network regression test to assess the networks’ relationships (Dang-Pham et al., 2016).

This study employs exponential random graph modeling method to test theoretically-based hypotheses and predict the occurrence of sharing security advice based on team collaboration among the employees in multiple teams of an international university. We aim to evaluate the effects of the salient team collaborative activities that result in sharing security advice, as well as statistically assess the structural features of the sharing security advice network. Ultimately, we will answer the following research questions:

  • RQ1: What are the structural features of the sharing security advice network?

  • RQ2: What workplace relationships that encourage sharing security advice among the employees?

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 30: 4 Issues (2017)
Volume 29: 4 Issues (2016)
Volume 28: 4 Issues (2015)
Volume 27: 4 Issues (2014)
Volume 26: 4 Issues (2013)
Volume 25: 4 Issues (2012)
Volume 24: 4 Issues (2011)
Volume 23: 4 Issues (2010)
Volume 22: 4 Issues (2009)
Volume 21: 4 Issues (2008)
Volume 20: 4 Issues (2007)
Volume 19: 4 Issues (2006)
Volume 18: 4 Issues (2005)
Volume 17: 4 Issues (2004)
Volume 16: 4 Issues (2003)
Volume 15: 4 Issues (2002)
Volume 14: 4 Issues (2001)
Volume 13: 4 Issues (2000)
Volume 12: 4 Issues (1999)
Volume 11: 4 Issues (1998)
Volume 10: 4 Issues (1997)
Volume 9: 4 Issues (1996)
Volume 8: 4 Issues (1995)
Volume 7: 4 Issues (1994)
Volume 6: 4 Issues (1993)
Volume 5: 4 Issues (1992)
Volume 4: 4 Issues (1991)
Volume 3: 4 Issues (1990)
Volume 2: 4 Issues (1989)
Volume 1: 1 Issue (1988)
View Complete Journal Contents Listing