How different rewards tend to influence employee non-compliance with information security policies

PurposeTo help reduce the increasing number of information security breaches that are caused by insiders, past research has examined employee non-compliance with information security policy. However, existent studies have observed mixed results, which suggest that an interaction is likely to exist a...

Full description

Saved in:
Bibliographic Details
Published inInformation and computer security Vol. 30; no. 1; pp. 97 - 116
Main Authors Khatib, Rima, Barki, Henri
Format Journal Article
LanguageEnglish
Published Bingley Emerald Group Publishing Limited 31.01.2022
Subjects
Behavior
Compliance
Costs
Cybersecurity
Data integrity
Employees
Hypotheses
Multivariate statistical analysis
Noncompliance
Perceptions
Rationality
Security
User behavior
Online AccessGet full text

Cover

More Information
Summary:PurposeTo help reduce the increasing number of information security breaches that are caused by insiders, past research has examined employee non-compliance with information security policy. However, existent studies have observed mixed results, which suggest that an interaction is likely to exist among the variables that explain employee non-compliance. In an effort to provide evidence for this possibility, this paper aims to better explain why employees routinely engage in non-compliant behaviors by examining the direct and interactive effects of employees’ perceived costs and rewards of compliance and non-compliance on their routinized non-compliant behaviors.Design/methodology/approachBased on rational choice theory, this study used 16 hypothetical scenarios in an experimental survey, collecting data from 326 respondents and analyzing them via structural equation modeling and a four-way factorial experiment.FindingsThe results suggest that routinized non-compliance of employees is more strongly influenced by the rewards than the costs they perceive in their non-compliance. Further, employees’ routinized non-compliance behavior was found to be positively influenced by an interactive effect of perceived rewards of compliance when their perceptions of their non-compliance costs and rewards were both high and low.Originality/valueThis paper’s key contribution is to suggest that non-compliance behavior is influenced by direct and interactive effects of perceived rewards of compliance and non-compliance.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:2056-4961
2056-497X
DOI:10.1108/ICS-01-2021-0008