Change search
ReferencesLink to record
Permanent link

Direct link
Shaping intention to resist social engineering through transformational leadership, information security culture and awareness
KTH, School of Electrical Engineering (EES).
KTH, School of Electrical Engineering (EES), Electric power and energy systems.
2016 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 59, 26-44 p.Article in journal (Refereed) PublishedText
Abstract [en]

This paper empirically investigates how organizational and individual factors complement each other in shaping employees' intention to resist social engineering. The study followed a mixed methods research design, wherein qualitative data were collected to both establish the study's research model and develop a survey instrument that was distributed to 4296 organizational employees from a diverse set of organizations located in Sweden. The results showed that attitude toward resisting social engineering has the strongest direct association with intention to resist social engineering, while both self-efficacy and normative beliefs showed weak relationships with intention to resist social engineering. Furthermore, the results showed that transformational leadership was strongly associated with both perceived information security culture and information security awareness. Two mediation tests showed that attitude and normative beliefs partially mediate the effect of information security culture on employees' intention to resist social engineering. This suggests that both attitude and normative beliefs play important roles in governing the relationship between information security culture and intention to resist social engineering. A third mediation test revealed that information security culture fully explains the effect of transformational leadership on employees' attitude toward resisting social engineering. Discussion of the results and practical implications of the performed research are provided.

Place, publisher, year, edition, pages
Elsevier, 2016. Vol. 59, 26-44 p.
Keyword [en]
Transformational leadership, Information security culture, Information security awareness, Theory of planned behavior, Social engineering, Mixed methods research
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-188044DOI: 10.1016/j.cose.2016.01.004ISI: 000375737400003ScopusID: 2-s2.0-84961148106OAI: oai:DiVA.org:kth-188044DiVA: diva2:936172
Note

QC 20160613

Available from: 2016-06-13 Created: 2016-06-03 Last updated: 2016-06-13Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Flores, Waldo RochaEkstedt, Mathias
By organisation
School of Electrical Engineering (EES)Electric power and energy systems
In the same journal
Computers & security (Print)
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Altmetric score

Total: 2 hits
ReferencesLink to record
Permanent link

Direct link