Resistance to information security due to users’ information safety behaviors: Empirical research on the emerging markets

Practitioners and academics ask if and how punishment and moral norms affect the resistance to information systems security in emerging markets. To address this question, this empirical study examines the relationship between punishment and moral norms on resistance to information security in the co...

Full description

Saved in:
Bibliographic Details
Published in:Computers in human behavior 2023-08, Vol.145, p.107772, Article 107772
Main Authors: Apolinário, Sérgio, Yoshikuni, Adilson Carlos, Larieira, Cláudio Luís Carvalho
Format: Article
Language:English
Subjects:
Descriptive norm
Information security
Information security resistance
Moral norm
Punishment
Social norm
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Practitioners and academics ask if and how punishment and moral norms affect the resistance to information systems security in emerging markets. To address this question, this empirical study examines the relationship between punishment and moral norms on resistance to information security in the context of a Brazilian IT company. The data were collected from 174 employees by applying structural equation modeling (SEM). The results suggest that the severity of punishment and certainty of detection influence descriptive norms and impact moral norms, which, in sequence, enhance resistance to information security. The findings demonstrate that the national culture of values in emerging markets contributes to the behavior of employees to increase resistance to information security. •PLS-SEM is employed to analyze a sample comprising 174 employees from an information technology company in Brazil.•Users' safety behaviors to safety norms (descriptive and moral) and their resistance to information security are examined.•Users' perceived severities and certainties of punishment, descriptive norms, and moral norms are assessed.•Based on the “Jeitinho Brasileito” concept, the social norms did not affect the Brazilian context of information security.•Brazilian executives must explore other practices that enhance information security in the Brazilian context.
ISSN:0747-5632
DOI:10.1016/j.chb.2023.107772