Loading…
Eyes wide open: The role of situational information security awareness for security‐related behaviour
Most contemporary studies on information security focus on largely static phenomena in examining security‐related behaviours. We take a more dynamic, situational and interactionist approach that proposes that security‐related behaviours result from an interaction between the person and the perceptio...
Saved in:
| Published in: | Information systems journal (Oxford, England) England), 2021-05, Vol.31 (3), p.429-472 |
|---|---|
| Main Authors: | , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites Items that cite this one |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | cdi_FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3 |
|---|---|
| cites | cdi_FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3 |
| container_end_page | 472 |
| container_issue | 3 |
| container_start_page | 429 |
| container_title | Information systems journal (Oxford, England) |
| container_volume | 31 |
| creator | Jaeger, Lennart Eckhardt, Andreas |
| description | Most contemporary studies on information security focus on largely static phenomena in examining security‐related behaviours. We take a more dynamic, situational and interactionist approach that proposes that security‐related behaviours result from an interaction between the person and the perception of a threatening situation. We derive and define situational information security awareness based on situation awareness literature, and examine how individual‐level (innate traits, experience) and system‐level factors (design variations, warning signal) influence awareness, and how it influences subsequent threat and coping appraisals, and ultimately security‐related behaviours in a multi‐method phishing experiment including eye tracking and survey components with 107 employees. The results underscore the importance of situational information security awareness and show that past experience with phishing and a security warning increase awareness, while phishing emails' contextual relevance and misplaced salience decrease awareness. Situational information security awareness, in turn, increases perceived threat and perceived coping efficacy and, ultimately, actual behavioural responses to phishing attacks. |
| doi_str_mv | 10.1111/isj.12317 |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2511806410</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2511806410</sourcerecordid><originalsourceid>FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3</originalsourceid><addsrcrecordid>eNp1kL9OwzAQxi0EEqUw8AaWmBjS-px_DRuqWiiqxECZLcc5U1dpUuyEKhuPwDPyJLgNYuOWu-_8s-_8EXINbAQ-xsZtRsBDSE_IAMIkDnicxqeHOmYBZJCekwvnNoxBEkXRgLzNOnR0bwqk9Q6rO7paI7V16aWmzjStbExdyZKaStd2e1TUoWqtaToq99Jihc5Rf_jX_v78sljKBgua41p-mLq1l-RMy9Lh1W8ektf5bDV9DJbPD4vp_TJQfsE0QFkoTFElwFjOCp1kE_QKec4nWaI4pnmmgesizbnSsc5yLROQKgsRIMplOCQ3_bs7W7-36Bqx8dP9B5zgMcCEJREwT932lLK1cxa12FmzlbYTwMTBR-F9FEcfPTvu2b0psfsfFIuXp_7GDwukeFA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2511806410</pqid></control><display><type>article</type><title>Eyes wide open: The role of situational information security awareness for security‐related behaviour</title><source>EBSCOhost Business Source Ultimate</source><source>Wiley</source><creator>Jaeger, Lennart ; Eckhardt, Andreas</creator><creatorcontrib>Jaeger, Lennart ; Eckhardt, Andreas</creatorcontrib><description>Most contemporary studies on information security focus on largely static phenomena in examining security‐related behaviours. We take a more dynamic, situational and interactionist approach that proposes that security‐related behaviours result from an interaction between the person and the perception of a threatening situation. We derive and define situational information security awareness based on situation awareness literature, and examine how individual‐level (innate traits, experience) and system‐level factors (design variations, warning signal) influence awareness, and how it influences subsequent threat and coping appraisals, and ultimately security‐related behaviours in a multi‐method phishing experiment including eye tracking and survey components with 107 employees. The results underscore the importance of situational information security awareness and show that past experience with phishing and a security warning increase awareness, while phishing emails' contextual relevance and misplaced salience decrease awareness. Situational information security awareness, in turn, increases perceived threat and perceived coping efficacy and, ultimately, actual behavioural responses to phishing attacks.</description><identifier>ISSN: 1350-1917</identifier><identifier>EISSN: 1365-2575</identifier><identifier>DOI: 10.1111/isj.12317</identifier><language>eng</language><publisher>Chichester, UK: John Wiley & Sons, Inc</publisher><subject>Appraisals ; contextual relevance ; Design factors ; Eye movements ; eye tracking ; misplaced salience ; Phishing ; Security ; Security management ; security warning ; Situational awareness ; situational information security awareness</subject><ispartof>Information systems journal (Oxford, England), 2021-05, Vol.31 (3), p.429-472</ispartof><rights>2020 John Wiley & Sons Ltd</rights><rights>2021 John Wiley & Sons Ltd</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3</citedby><cites>FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3</cites><orcidid>0000-0002-2953-9347</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Jaeger, Lennart</creatorcontrib><creatorcontrib>Eckhardt, Andreas</creatorcontrib><title>Eyes wide open: The role of situational information security awareness for security‐related behaviour</title><title>Information systems journal (Oxford, England)</title><description>Most contemporary studies on information security focus on largely static phenomena in examining security‐related behaviours. We take a more dynamic, situational and interactionist approach that proposes that security‐related behaviours result from an interaction between the person and the perception of a threatening situation. We derive and define situational information security awareness based on situation awareness literature, and examine how individual‐level (innate traits, experience) and system‐level factors (design variations, warning signal) influence awareness, and how it influences subsequent threat and coping appraisals, and ultimately security‐related behaviours in a multi‐method phishing experiment including eye tracking and survey components with 107 employees. The results underscore the importance of situational information security awareness and show that past experience with phishing and a security warning increase awareness, while phishing emails' contextual relevance and misplaced salience decrease awareness. Situational information security awareness, in turn, increases perceived threat and perceived coping efficacy and, ultimately, actual behavioural responses to phishing attacks.</description><subject>Appraisals</subject><subject>contextual relevance</subject><subject>Design factors</subject><subject>Eye movements</subject><subject>eye tracking</subject><subject>misplaced salience</subject><subject>Phishing</subject><subject>Security</subject><subject>Security management</subject><subject>security warning</subject><subject>Situational awareness</subject><subject>situational information security awareness</subject><issn>1350-1917</issn><issn>1365-2575</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><recordid>eNp1kL9OwzAQxi0EEqUw8AaWmBjS-px_DRuqWiiqxECZLcc5U1dpUuyEKhuPwDPyJLgNYuOWu-_8s-_8EXINbAQ-xsZtRsBDSE_IAMIkDnicxqeHOmYBZJCekwvnNoxBEkXRgLzNOnR0bwqk9Q6rO7paI7V16aWmzjStbExdyZKaStd2e1TUoWqtaToq99Jihc5Rf_jX_v78sljKBgua41p-mLq1l-RMy9Lh1W8ektf5bDV9DJbPD4vp_TJQfsE0QFkoTFElwFjOCp1kE_QKec4nWaI4pnmmgesizbnSsc5yLROQKgsRIMplOCQ3_bs7W7-36Bqx8dP9B5zgMcCEJREwT932lLK1cxa12FmzlbYTwMTBR-F9FEcfPTvu2b0psfsfFIuXp_7GDwukeFA</recordid><startdate>202105</startdate><enddate>202105</enddate><creator>Jaeger, Lennart</creator><creator>Eckhardt, Andreas</creator><general>John Wiley & Sons, Inc</general><general>Blackwell Publishing Ltd</general><scope>AAYXX</scope><scope>CITATION</scope><scope>JQ2</scope><orcidid>https://orcid.org/0000-0002-2953-9347</orcidid></search><sort><creationdate>202105</creationdate><title>Eyes wide open: The role of situational information security awareness for security‐related behaviour</title><author>Jaeger, Lennart ; Eckhardt, Andreas</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Appraisals</topic><topic>contextual relevance</topic><topic>Design factors</topic><topic>Eye movements</topic><topic>eye tracking</topic><topic>misplaced salience</topic><topic>Phishing</topic><topic>Security</topic><topic>Security management</topic><topic>security warning</topic><topic>Situational awareness</topic><topic>situational information security awareness</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Jaeger, Lennart</creatorcontrib><creatorcontrib>Eckhardt, Andreas</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Computer Science Collection</collection><jtitle>Information systems journal (Oxford, England)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Jaeger, Lennart</au><au>Eckhardt, Andreas</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Eyes wide open: The role of situational information security awareness for security‐related behaviour</atitle><jtitle>Information systems journal (Oxford, England)</jtitle><date>2021-05</date><risdate>2021</risdate><volume>31</volume><issue>3</issue><spage>429</spage><epage>472</epage><pages>429-472</pages><issn>1350-1917</issn><eissn>1365-2575</eissn><abstract>Most contemporary studies on information security focus on largely static phenomena in examining security‐related behaviours. We take a more dynamic, situational and interactionist approach that proposes that security‐related behaviours result from an interaction between the person and the perception of a threatening situation. We derive and define situational information security awareness based on situation awareness literature, and examine how individual‐level (innate traits, experience) and system‐level factors (design variations, warning signal) influence awareness, and how it influences subsequent threat and coping appraisals, and ultimately security‐related behaviours in a multi‐method phishing experiment including eye tracking and survey components with 107 employees. The results underscore the importance of situational information security awareness and show that past experience with phishing and a security warning increase awareness, while phishing emails' contextual relevance and misplaced salience decrease awareness. Situational information security awareness, in turn, increases perceived threat and perceived coping efficacy and, ultimately, actual behavioural responses to phishing attacks.</abstract><cop>Chichester, UK</cop><pub>John Wiley & Sons, Inc</pub><doi>10.1111/isj.12317</doi><tpages>44</tpages><orcidid>https://orcid.org/0000-0002-2953-9347</orcidid></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1350-1917 |
| ispartof | Information systems journal (Oxford, England), 2021-05, Vol.31 (3), p.429-472 |
| issn | 1350-1917 1365-2575 |
| language | eng |
| recordid | cdi_proquest_journals_2511806410 |
| source | EBSCOhost Business Source Ultimate; Wiley |
| subjects | Appraisals contextual relevance Design factors Eye movements eye tracking misplaced salience Phishing Security Security management security warning Situational awareness situational information security awareness |
| title | Eyes wide open: The role of situational information security awareness for security‐related behaviour |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-04T22%3A56%3A44IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Eyes%20wide%20open:%20The%20role%20of%20situational%20information%20security%20awareness%20for%20security%E2%80%90related%20behaviour&rft.jtitle=Information%20systems%20journal%20(Oxford,%20England)&rft.au=Jaeger,%20Lennart&rft.date=2021-05&rft.volume=31&rft.issue=3&rft.spage=429&rft.epage=472&rft.pages=429-472&rft.issn=1350-1917&rft.eissn=1365-2575&rft_id=info:doi/10.1111/isj.12317&rft_dat=%3Cproquest_cross%3E2511806410%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c3507-eadce7ec6100b0df698eec6e2b2896c2e7b9f12fd7b2cf5f9bfa61ac93e114ba3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2511806410&rft_id=info:pmid/&rfr_iscdi=true |