Information Security Effectiveness: Conceptualization and Validation of a Theory

doi:10.4018/jisp.2007040103

Reference Hub

This research has been cited in:

Chapter
Constructing Conceptual Model for Security Culture in Health Information Systems Security EffectivenessAdvances in Information Systems and Technologies10.1007/978-3-642-36981-0_20
Article
User preference of cyber security awareness delivery methodsBehaviour & Information Technology10.1080/0144929X.2012.708787
Article
Least Privilege across People, Process, and Technology: Endpoint Security FrameworkJournal of Computer Information Systems10.1080/08874417.2022.2128937
Conference
Securing Health Care: Assessing Factors That Affect HIPAA Security Compliance in Academic Medical Centers2011 44th Hawaii International Conference on System Sciences10.1109/HICSS.2011.368
Article
Effects of innovation-supportive culture and organizational citizenship behavior on e-government information system security stemming from mimetic isomorphismGovernment Information Quarterly10.1016/j.giq.2017.02.001
Article
Information security policy effectiveness: a managerial perspective of the financial industry in VietnamInformation & Computer Security10.1108/ICS-09-2023-0165
Article
Information Systems Security (ISS) of E-Government for Sustainability: A Dual Path Model of ISS Influenced by Institutional IsomorphismSustainability10.3390/su10051555
Conference
Cybersecurity risks : A behavioural approach through the influence of media and information literacy2021 16th Iberian Conference on Information Systems and Technologies (CISTI)10.23919/CISTI52073.2021.9476383
Article
Organizational practices as antecedents of the information security management performanceInformation Technology & People10.1108/ITP-06-2018-0261
Article
Leadership of Information Security Manager on the Effectiveness of Information Systems Security for Secure Sustainable ComputingSustainability10.3390/su8070638
Article
Building an awareness-centered information security policy compliance modelIndustrial Management & Data Systems10.1108/IMDS-07-2019-0412
Article
The impact of relational leadership and social alignment on information security system effectiveness in Korean governmental organizationsInternational Journal of Information Management10.1016/j.ijinfomgt.2018.01.001
Article
Personal information privacy and emerging technologiesInformation Systems Journal10.1111/j.1365-2575.2012.00402.x
Article
The Role of Extra-Role Behaviors and Social Controls in Information Security Policy EffectivenessInformation Systems Research10.1287/isre.2015.0569
Article
A systematic review of scales for measuring information security cultureInformation & Computer Security10.1108/ICS-12-2019-0140
Article
Common Misunderstandings of Deterrence Theory in Information Systems Research and Future Research DirectionsACM SIGMIS Database: the DATABASE for Advances in Information Systems10.1145/3514097.3514101
Article
Optimizing the selection of information security remedies in terms of a Markov security modelJournal of Physics: Conference Series10.1088/1742-6596/1096/1/012160
Article
Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national cultureComputers & Security10.1016/j.cose.2014.03.004
Conference
Understanding Awareness of Cyber Security Threat among IT Employees2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW)10.1109/W-FiCloud.2018.00036
Article
Shaping intention to resist social engineering through transformational leadership, information security culture and awarenessComputers & Security10.1016/j.cose.2016.01.004
Chapter
Workplace Violence and Social Engineering Among Korean EmployeesResearch Anthology on Modern Violence and Its Impact on Society10.4018/978-1-6684-7464-8.ch018
Chapter
Information Security Program Effectiveness in OrganizationsStandards and Standardization10.4018/978-1-4666-8111-8.ch035
Chapter
Information Security Policy in Large Public OrganizationsStrategic IT Governance and Performance Frameworks in Large Organizations10.4018/978-1-5225-7826-0.ch009
Chapter
A Semiotic Examination of the Security Policy LifecycleResearch Anthology on Artificial Intelligence Applications in Security10.4018/978-1-7998-7705-9.ch001
Chapter
Cyber SecurityImpact of Emerging Digital Technologies on Leadership in Global Business10.4018/978-1-4666-6134-9.ch013
Chapter
Understanding User Behavior towards Passwords through Acceptance and Use ModellingSecurity and Privacy Assurance in Advancing Technologies10.4018/978-1-60960-200-0.ch002
Chapter
A Semiotic Examination of the Security Policy LifecycleSecurity and Privacy Management, Techniques, and Protocols10.4018/978-1-5225-5583-4.ch009
Article
Workplace Violence and Social Engineering Among Korean EmployeesInternational Journal of Asian Business and Information Management10.4018/IJABIM.2019010102
Chapter
Cyber SecurityGlobal Business Leadership Development for the Fourth Industrial Revolution10.4018/978-1-7998-4861-5.ch008
Article
Information Security Program Effectiveness in OrganizationsJournal of Organizational and End User Computing10.4018/joeuc.2014010102
Chapter
Cyber SecurityStandards and Standardization10.4018/978-1-4666-8111-8.ch068

Information Security Effectiveness: Conceptualization and Validation of a Theory

Kenneth J. Knapp, Thomas E. Marshall, R. Kelly Rainer Jr., F. Nelson Ford

Source Title: International Journal of Information Security and Privacy (IJISP)1(2)

Cite Article Cite Article

MLA

Knapp, Kenneth J., et al. "Information Security Effectiveness: Conceptualization and Validation of a Theory." IJISP vol.1, no.2 2007: pp.37-60. http://doi.org/10.4018/jisp.2007040103

APA

Knapp, K. J., Marshall, T. E., Rainer Jr., R. K., & Ford, F. N. (2007). Information Security Effectiveness: Conceptualization and Validation of a Theory. International Journal of Information Security and Privacy (IJISP), 1(2), 37-60. http://doi.org/10.4018/jisp.2007040103

Chicago

Knapp, Kenneth J., et al. "Information Security Effectiveness: Conceptualization and Validation of a Theory," International Journal of Information Security and Privacy (IJISP) 1, no.2: 37-60. http://doi.org/10.4018/jisp.2007040103

Export Reference

Favorite Full-Issue Download

View Full Text PDF

Abstract

Taking a sequential qualitative-quantitative methodological approach, we propose and test a theoretical model that includes four variables through which top management can positively influence security effectiveness: user training, security culture, policy relevance, and policy enforcement. During the qualitative phase of the study, we generated the model based on textual responses to a series of questions given to a sample of 220 information security practitioners. During the quantitative phase, we analyzed survey data collected from a sample of 740 information security practitioners. After data collection, we analyzed the survey responses using structural equation modeling and found evidence to support the hypothesized model. We also tested an alternative, higher-order factor version of the original model that demonstrated an improved overall fit and general applicability across the various demographics of the sampled data. We then linked the finding of this study to existing top management support literature, general deterrence theory research, and the theoretical notion of the dilemma of the supervisor.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Information Security Effectiveness: Conceptualization and Validation of a Theory

MLA

APA

Chicago

Export Reference

Abstract

Request Access