کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
456518 695728 2012 12 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Unrealistic optimism on information security management
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
پیش نمایش صفحه اول مقاله
Unrealistic optimism on information security management
چکیده انگلیسی

Information security is a critical issue that many firms face these days. While increasing incidents of information security breaches have generated extensive publicity, previous studies repeatedly expose low levels of managerial awareness and commitment, a key obstacle to achieving a good information security posture. The main motivation of our study emanates from this phenomenon that the increased vulnerability to information security breaches is coupled with the low level of managerial awareness and commitment regarding information security threats. We report this dissonance by addressing a cognitive bias called optimistic bias. Using a survey, we study if MIS executives are subject to such a bias in their vulnerability perceptions of information security. We find that they demonstrate optimistic bias in risk perception on information security domain. The extent of this optimistic bias is greater with a distant comparison target with fewer information sharing activities. This optimistic bias is also found to be related to perception of controllability with information security threats. In order to overcome the effects of optimistic bias, firms need more security awareness training and systematic treatments of security threats instead of relying on ad hoc approach to security measure implementation.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Computers & Security - Volume 31, Issue 2, March 2012, Pages 221–232
نویسندگان
, , ,