Toward a Unified View of Dynamic Information Security Behaviors: Insights from Organizational Culture and Sensemaking

Toward a Unified View of Dynamic Information Security Behaviors: Insights from Organizational Culture and Sensemaking

연구 분야: Safety

학회: ACM SIGMIS Database: the DATABASE for Advances in Information Systems, Volume 52, Issue 1

Extant information systems security research identified and examined a variety of individual as well as organizational factors influencing information security behaviors, but rarely offered sufficient theoretical insight into the interaction of the individual factors with the organizational context in impacting information security behaviors. To fill this gap, this study proposes a theoretical framework that builds on the concepts of organizational culture and sensemaking to show that: 1) information security behaviors are outcomes of sensemaking; and 2) sensemaking is enabled as well as constrained by organizational culture. This study further epitomizes that information security diagnosing, solving, and performing behaviors emerge as outcomes of sensemaking about information security during the organization's interactions with technology. Theoretical and pragmatic contributions of this framework and future research directions are also demonstrated.