Loading…
Enhancing cyber security behavior: an internal social marketing approach
Purpose Understanding the behavioral change process of system users to adopt safe security practices is important to the success of an organization’s cybersecurity program. This study aims to explore how the 7Ps (product, price, promotion, place, physical evidence, process and people) marketing mix,...
Saved in:
| Published in: | Information and computer security 2019-10, Vol.28 (2), p.133-159 |
|---|---|
| Main Authors: | , , , , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373 |
| container_end_page | 159 |
| container_issue | 2 |
| container_start_page | 133 |
| container_title | Information and computer security |
| container_volume | 28 |
| creator | Pham, Hiep Cong Brennan, Linda Parker, Lukas Phan-Le, Nhat Tram Ulhaq, Irfan Nkhoma, Mathews Zanda Nhat Nguyen, Minh |
| description | Purpose
Understanding the behavioral change process of system users to adopt safe security practices is important to the success of an organization’s cybersecurity program. This study aims to explore how the 7Ps (product, price, promotion, place, physical evidence, process and people) marketing mix, as part of an internal social marketing approach, can be used to gain an understanding of employees’ interactions within an organization’s cybersecurity environment. This understanding could inform the design of servicescapes and behavioral infrastructure to promote and maintain cybersecurity compliance.
Design/methodology/approach
This study adopted an inductive qualitative approach using in-depth interviews with employees in several Vietnamese organizations. Discussions were centered on employee experiences and their perceptions of cybersecurity initiatives, as well as the impact of initiatives on compliance behavior. Responses were then categorized under the 7Ps marketing mix framework.
Findings
The study shows that assessing a cybersecurity program using the 7P mix enables the systematic capture of users’ security compliance and acceptance of IT systems. Additionally, understanding the interactions between system elements permits the design of behavioral infrastructure to enhance security efforts. Results also show that user engagement is essential in developing secure systems. User engagement requires developing shared objectives, localized communications, co-designing of efficient processes and understanding the “pain points” of security compliance. The knowledge developed from this research provides a framework for those managing cybersecurity systems and enables the design human-centered systems conducive to compliance.
Originality/value
The study is one of the first to use a cross-disciplinary social marketing approach to examine how employees experience and comply with security initiatives. Previous studies have mostly focused on determinants of compliance behavior without providing a clear platform for management action. Internal social marketing using 7Ps provides a simple but innovative approach to reexamine existing compliance approaches. Findings from the study could leverage proven successful marketing techniques to promote security compliance. |
| doi_str_mv | 10.1108/ICS-01-2019-0023 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1108_ICS_01_2019_0023</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2534329938</sourcerecordid><originalsourceid>FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373</originalsourceid><addsrcrecordid>eNptkEFLAzEQRoMoWGrvHhc8x84km2ziTUq1hYIHFbyFbDZrt7a7NdkK_fdmqQiCp28O35sZHiHXCLeIoKbL2TMFpAxQUwDGz8iIgZA018Xb-e8s8ZJMYtwApB5KLnFEFvN2bVvXtO-ZO5Y-ZNG7Q2j6Y1b6tf1qunCX2TZr2t6H1m6z2Lkmxc6GD98PlN3vQ2fd-opc1HYb_eQnx-T1Yf4yW9DV0-Nydr-ijiP2NAetKs-tQ6GUqFVKLqQvc14p4XMFoqisU6KQ6CrOfF5phozVWgrglhd8TG5Oe9PZz4OPvdl0h-G1aJjgOWdac5VacGq50MUYfG32oUlPHw2CGZSZpMwAmkGZGZQlZHpC_M4Hu63-I_5I5t-A0WtF</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2534329938</pqid></control><display><type>article</type><title>Enhancing cyber security behavior: an internal social marketing approach</title><source>Criminology Collection</source><source>Library & Information Science Abstracts (LISA)</source><source>ABI/INFORM Global</source><source>Emerald:Jisc Collections:Emerald Subject Collections HE and FE 2024-2026:Emerald Premier (reading list)</source><source>Social Science Premium Collection (Proquest) (PQ_SDU_P3)</source><source>Library & Information Science Collection</source><source>Alma/SFX Local Collection</source><creator>Pham, Hiep Cong ; Brennan, Linda ; Parker, Lukas ; Phan-Le, Nhat Tram ; Ulhaq, Irfan ; Nkhoma, Mathews Zanda ; Nhat Nguyen, Minh</creator><creatorcontrib>Pham, Hiep Cong ; Brennan, Linda ; Parker, Lukas ; Phan-Le, Nhat Tram ; Ulhaq, Irfan ; Nkhoma, Mathews Zanda ; Nhat Nguyen, Minh</creatorcontrib><description>Purpose
Understanding the behavioral change process of system users to adopt safe security practices is important to the success of an organization’s cybersecurity program. This study aims to explore how the 7Ps (product, price, promotion, place, physical evidence, process and people) marketing mix, as part of an internal social marketing approach, can be used to gain an understanding of employees’ interactions within an organization’s cybersecurity environment. This understanding could inform the design of servicescapes and behavioral infrastructure to promote and maintain cybersecurity compliance.
Design/methodology/approach
This study adopted an inductive qualitative approach using in-depth interviews with employees in several Vietnamese organizations. Discussions were centered on employee experiences and their perceptions of cybersecurity initiatives, as well as the impact of initiatives on compliance behavior. Responses were then categorized under the 7Ps marketing mix framework.
Findings
The study shows that assessing a cybersecurity program using the 7P mix enables the systematic capture of users’ security compliance and acceptance of IT systems. Additionally, understanding the interactions between system elements permits the design of behavioral infrastructure to enhance security efforts. Results also show that user engagement is essential in developing secure systems. User engagement requires developing shared objectives, localized communications, co-designing of efficient processes and understanding the “pain points” of security compliance. The knowledge developed from this research provides a framework for those managing cybersecurity systems and enables the design human-centered systems conducive to compliance.
Originality/value
The study is one of the first to use a cross-disciplinary social marketing approach to examine how employees experience and comply with security initiatives. Previous studies have mostly focused on determinants of compliance behavior without providing a clear platform for management action. Internal social marketing using 7Ps provides a simple but innovative approach to reexamine existing compliance approaches. Findings from the study could leverage proven successful marketing techniques to promote security compliance.</description><identifier>ISSN: 2056-4961</identifier><identifier>EISSN: 2056-497X</identifier><identifier>EISSN: 2056-4961</identifier><identifier>DOI: 10.1108/ICS-01-2019-0023</identifier><language>eng</language><publisher>Bingley: Emerald Publishing Limited</publisher><subject>Compliance ; Cybersecurity ; Employees ; Infrastructure ; Marketing ; Quality of service ; Security management ; Social marketing ; SWOT analysis ; User behavior</subject><ispartof>Information and computer security, 2019-10, Vol.28 (2), p.133-159</ispartof><rights>Emerald Publishing Limited</rights><rights>Emerald Publishing Limited 2019</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373</citedby><cites>FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27305,27924,27925,34135</link.rule.ids></links><search><creatorcontrib>Pham, Hiep Cong</creatorcontrib><creatorcontrib>Brennan, Linda</creatorcontrib><creatorcontrib>Parker, Lukas</creatorcontrib><creatorcontrib>Phan-Le, Nhat Tram</creatorcontrib><creatorcontrib>Ulhaq, Irfan</creatorcontrib><creatorcontrib>Nkhoma, Mathews Zanda</creatorcontrib><creatorcontrib>Nhat Nguyen, Minh</creatorcontrib><title>Enhancing cyber security behavior: an internal social marketing approach</title><title>Information and computer security</title><description>Purpose
Understanding the behavioral change process of system users to adopt safe security practices is important to the success of an organization’s cybersecurity program. This study aims to explore how the 7Ps (product, price, promotion, place, physical evidence, process and people) marketing mix, as part of an internal social marketing approach, can be used to gain an understanding of employees’ interactions within an organization’s cybersecurity environment. This understanding could inform the design of servicescapes and behavioral infrastructure to promote and maintain cybersecurity compliance.
Design/methodology/approach
This study adopted an inductive qualitative approach using in-depth interviews with employees in several Vietnamese organizations. Discussions were centered on employee experiences and their perceptions of cybersecurity initiatives, as well as the impact of initiatives on compliance behavior. Responses were then categorized under the 7Ps marketing mix framework.
Findings
The study shows that assessing a cybersecurity program using the 7P mix enables the systematic capture of users’ security compliance and acceptance of IT systems. Additionally, understanding the interactions between system elements permits the design of behavioral infrastructure to enhance security efforts. Results also show that user engagement is essential in developing secure systems. User engagement requires developing shared objectives, localized communications, co-designing of efficient processes and understanding the “pain points” of security compliance. The knowledge developed from this research provides a framework for those managing cybersecurity systems and enables the design human-centered systems conducive to compliance.
Originality/value
The study is one of the first to use a cross-disciplinary social marketing approach to examine how employees experience and comply with security initiatives. Previous studies have mostly focused on determinants of compliance behavior without providing a clear platform for management action. Internal social marketing using 7Ps provides a simple but innovative approach to reexamine existing compliance approaches. Findings from the study could leverage proven successful marketing techniques to promote security compliance.</description><subject>Compliance</subject><subject>Cybersecurity</subject><subject>Employees</subject><subject>Infrastructure</subject><subject>Marketing</subject><subject>Quality of service</subject><subject>Security management</subject><subject>Social marketing</subject><subject>SWOT analysis</subject><subject>User behavior</subject><issn>2056-4961</issn><issn>2056-497X</issn><issn>2056-4961</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>ALSLI</sourceid><sourceid>BGRYB</sourceid><sourceid>CNYFK</sourceid><sourceid>F2A</sourceid><sourceid>M0C</sourceid><sourceid>M0O</sourceid><sourceid>M1O</sourceid><recordid>eNptkEFLAzEQRoMoWGrvHhc8x84km2ziTUq1hYIHFbyFbDZrt7a7NdkK_fdmqQiCp28O35sZHiHXCLeIoKbL2TMFpAxQUwDGz8iIgZA018Xb-e8s8ZJMYtwApB5KLnFEFvN2bVvXtO-ZO5Y-ZNG7Q2j6Y1b6tf1qunCX2TZr2t6H1m6z2Lkmxc6GD98PlN3vQ2fd-opc1HYb_eQnx-T1Yf4yW9DV0-Nydr-ijiP2NAetKs-tQ6GUqFVKLqQvc14p4XMFoqisU6KQ6CrOfF5phozVWgrglhd8TG5Oe9PZz4OPvdl0h-G1aJjgOWdac5VacGq50MUYfG32oUlPHw2CGZSZpMwAmkGZGZQlZHpC_M4Hu63-I_5I5t-A0WtF</recordid><startdate>20191014</startdate><enddate>20191014</enddate><creator>Pham, Hiep Cong</creator><creator>Brennan, Linda</creator><creator>Parker, Lukas</creator><creator>Phan-Le, Nhat Tram</creator><creator>Ulhaq, Irfan</creator><creator>Nkhoma, Mathews Zanda</creator><creator>Nhat Nguyen, Minh</creator><general>Emerald Publishing Limited</general><general>Emerald Group Publishing Limited</general><scope>AAYXX</scope><scope>CITATION</scope><scope>0-V</scope><scope>0U~</scope><scope>1-H</scope><scope>7SC</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>8AO</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FI</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ALSLI</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>BGRYB</scope><scope>CCPQU</scope><scope>CNYFK</scope><scope>DWQXO</scope><scope>E3H</scope><scope>F2A</scope><scope>FYUFA</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K6~</scope><scope>K7-</scope><scope>L.-</scope><scope>L.0</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0C</scope><scope>M0N</scope><scope>M0O</scope><scope>M0T</scope><scope>M1O</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PYYUZ</scope><scope>Q9U</scope></search><sort><creationdate>20191014</creationdate><title>Enhancing cyber security behavior: an internal social marketing approach</title><author>Pham, Hiep Cong ; Brennan, Linda ; Parker, Lukas ; Phan-Le, Nhat Tram ; Ulhaq, Irfan ; Nkhoma, Mathews Zanda ; Nhat Nguyen, Minh</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Compliance</topic><topic>Cybersecurity</topic><topic>Employees</topic><topic>Infrastructure</topic><topic>Marketing</topic><topic>Quality of service</topic><topic>Security management</topic><topic>Social marketing</topic><topic>SWOT analysis</topic><topic>User behavior</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Pham, Hiep Cong</creatorcontrib><creatorcontrib>Brennan, Linda</creatorcontrib><creatorcontrib>Parker, Lukas</creatorcontrib><creatorcontrib>Phan-Le, Nhat Tram</creatorcontrib><creatorcontrib>Ulhaq, Irfan</creatorcontrib><creatorcontrib>Nkhoma, Mathews Zanda</creatorcontrib><creatorcontrib>Nhat Nguyen, Minh</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Social Sciences Premium Collection【Remote access available】</collection><collection>Global News & ABI/Inform Professional</collection><collection>Trade PRO</collection><collection>Computer and Information Systems Abstracts</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ProQuest Pharma Collection</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Hospital Premium Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>Social Science Premium Collection (Proquest) (PQ_SDU_P3)</collection><collection>Advanced Technologies & Aerospace Database (1962 - current)</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>Criminology Collection</collection><collection>ProQuest One Community College</collection><collection>Library & Information Science Collection</collection><collection>ProQuest Central</collection><collection>Library & Information Sciences Abstracts (LISA)</collection><collection>Library & Information Science Abstracts (LISA)</collection><collection>Health Research Premium Collection</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection (Proquest) (PQ_SDU_P3)</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ABI/INFORM Professional Standard</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Criminal Justice Periodicals Index (ProQuest)</collection><collection>ProQuest Healthcare Administration Database</collection><collection>Library Science Database</collection><collection>ProQuest Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>One Business (ProQuest)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ABI/INFORM Collection China</collection><collection>ProQuest Central Basic</collection><jtitle>Information and computer security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Pham, Hiep Cong</au><au>Brennan, Linda</au><au>Parker, Lukas</au><au>Phan-Le, Nhat Tram</au><au>Ulhaq, Irfan</au><au>Nkhoma, Mathews Zanda</au><au>Nhat Nguyen, Minh</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Enhancing cyber security behavior: an internal social marketing approach</atitle><jtitle>Information and computer security</jtitle><date>2019-10-14</date><risdate>2019</risdate><volume>28</volume><issue>2</issue><spage>133</spage><epage>159</epage><pages>133-159</pages><issn>2056-4961</issn><eissn>2056-497X</eissn><eissn>2056-4961</eissn><abstract>Purpose
Understanding the behavioral change process of system users to adopt safe security practices is important to the success of an organization’s cybersecurity program. This study aims to explore how the 7Ps (product, price, promotion, place, physical evidence, process and people) marketing mix, as part of an internal social marketing approach, can be used to gain an understanding of employees’ interactions within an organization’s cybersecurity environment. This understanding could inform the design of servicescapes and behavioral infrastructure to promote and maintain cybersecurity compliance.
Design/methodology/approach
This study adopted an inductive qualitative approach using in-depth interviews with employees in several Vietnamese organizations. Discussions were centered on employee experiences and their perceptions of cybersecurity initiatives, as well as the impact of initiatives on compliance behavior. Responses were then categorized under the 7Ps marketing mix framework.
Findings
The study shows that assessing a cybersecurity program using the 7P mix enables the systematic capture of users’ security compliance and acceptance of IT systems. Additionally, understanding the interactions between system elements permits the design of behavioral infrastructure to enhance security efforts. Results also show that user engagement is essential in developing secure systems. User engagement requires developing shared objectives, localized communications, co-designing of efficient processes and understanding the “pain points” of security compliance. The knowledge developed from this research provides a framework for those managing cybersecurity systems and enables the design human-centered systems conducive to compliance.
Originality/value
The study is one of the first to use a cross-disciplinary social marketing approach to examine how employees experience and comply with security initiatives. Previous studies have mostly focused on determinants of compliance behavior without providing a clear platform for management action. Internal social marketing using 7Ps provides a simple but innovative approach to reexamine existing compliance approaches. Findings from the study could leverage proven successful marketing techniques to promote security compliance.</abstract><cop>Bingley</cop><pub>Emerald Publishing Limited</pub><doi>10.1108/ICS-01-2019-0023</doi><tpages>27</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2056-4961 |
| ispartof | Information and computer security, 2019-10, Vol.28 (2), p.133-159 |
| issn | 2056-4961 2056-497X 2056-4961 |
| language | eng |
| recordid | cdi_crossref_primary_10_1108_ICS_01_2019_0023 |
| source | Criminology Collection; Library & Information Science Abstracts (LISA); ABI/INFORM Global; Emerald:Jisc Collections:Emerald Subject Collections HE and FE 2024-2026:Emerald Premier (reading list); Social Science Premium Collection (Proquest) (PQ_SDU_P3); Library & Information Science Collection; Alma/SFX Local Collection |
| subjects | Compliance Cybersecurity Employees Infrastructure Marketing Quality of service Security management Social marketing SWOT analysis User behavior |
| title | Enhancing cyber security behavior: an internal social marketing approach |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T21%3A03%3A42IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Enhancing%20cyber%20security%20behavior:%20an%20internal%20social%20marketing%20approach&rft.jtitle=Information%20and%20computer%20security&rft.au=Pham,%20Hiep%20Cong&rft.date=2019-10-14&rft.volume=28&rft.issue=2&rft.spage=133&rft.epage=159&rft.pages=133-159&rft.issn=2056-4961&rft.eissn=2056-497X&rft_id=info:doi/10.1108/ICS-01-2019-0023&rft_dat=%3Cproquest_cross%3E2534329938%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c311t-4098de3ac15885f8c15356eb43d85e48057dac85761cd32e4d92122f96503a373%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2534329938&rft_id=info:pmid/&rfr_iscdi=true |