Author:
Grilc Špela,Prislan Kaja,Mihelič Anže
Abstract
Behavioral information security is concerned with explaining the role of users in the information security system, drawing on various psychological, organizational, and criminological theories to explain and predict user behavior. Despite numerous systematic literature reviews on the field of information security, there is no comprehensive systematic review of the theories used in behavioral information security research. The purpose of this paper is to investigate which theories are most widely used in research, in which subject areas they are most used, which factors are most frequently included in research according to each set of theories, and which are most frequently statistically significant. Accordingly, we made two studies involving a systematic review of the literature over the past ten years. The findings suggest that the most used theories include the protection motivation theory and the theory of planned behavior. In these two theories, self-efficacy and perceived usefulness of the technology are factors, which are most often statistically significant in predicting self-protective behavior.
Publisher
Drustvo psihologov Slovenije/Slovenian Psychologists' Association
Reference108 articles.
1. Evaluating the effectiveness of learner controlled information security training;Abraham;Computers and Security 87 članek 101586,2019
2. Exploring user behavioral data for adaptive cybersecurity;Addae;User Modeling and User-Adapted Interaction 29,2019
3. The influence of hardiness and habit on security behaviour intention;Aigbefo;Behaviour and Information Technology,2020
4. Ajzen, I. (1985). From intention to actions: A theory of planned behavior. V J. Kuhl in J. Beckman (ur.), Action control: From cognition to behavior (str. 11-39). Springer.
5. Al-Harthy, I. M., Rahim, F. A., Ali, N. in Singun, A. P. (2020). Dimensions of protection behaviors: A systematic literature review. Journal of Theoretical and Applied Information Technology, 98(17), 3668-3697.