An information security knowledge sharing model in organizations

•Information security knowledge sharing mitigates information security breaches.•Intrinsic motivations influence information security knowledge sharing in firms.•Extrinsic motivations influence information security knowledge sharing in firms.•Organizational support facilitates information security knowledge sharing in firms.

Knowledge sharing plays an important role in the domain of information security, due to its positive effect on employees' information security awareness. It is acknowledged that security awareness is the most important factor that mitigates the risk of information security breaches in organizations. In this research, a model has been presented that shows how information security knowledge sharing (ISKS) forms and decreases the risk of information security incidents. The Motivation Theory and Theory of Planned Behavior besides Triandis model were applied as the theoretical backbone of the conceptual framework. The results of the data analysis showed that earning a reputation, and gaining promotion as an extrinsic motivation and curiosity satisfaction as an intrinsic motivation have positive effects on employees' attitude toward ISKS. However, self-worth satisfaction does not influence ISKS attitude. In addition, the findings revealed that attitude, perceived behavioral control, and subjective norms have positive effects on ISKS intention and ISKS intention affects ISKS behavior. The outcomes also showed that organizational support influences ISKS behavior more than trust. The results of this research should be of interest to academics and practitioners in the domain of information security.