In our recent study, we delved into the complex interplay between work ethic and individuals’ perceptions of and intentions to use security measures within professional settings. Utilizing SmartPLS 3.0 software, we conducted a rigorous analysis of data, uncovering valuable insights that not only contribute to academic knowledge but also have significant implications for practitioners in various industries.
Our research primarily focused on assessing reflective constructs such as centrality of work, delay of gratification, hard work, leisure, morality and ethics, self-reliance, wasted time, perceived importance, and intention to use. Through comprehensive reliability and validity testing, we confirmed the robustness of our measurement model, ensuring that the constructs under study exhibited sufficient reliability, internal consistency, convergent validity, and discriminant validity.
The structural model analysis revealed intriguing findings regarding the relationship between work ethic dimensions and information security behavior. Notably, dimensions like leisure, morality and ethics, self-reliance, and wasted time showed a positive relationship with perceived importance, supporting hypotheses related to these constructs. Surprisingly, certain dimensions like centrality of work, delay of gratification, and hard work did not exhibit significant relationships with perceived importance or intention to use security measures as hypothesized.
One of the key takeaways from our study is the potential for future research to explore the nuances of work ethic further. Researchers could delve into specific dimensions of work ethic, considering factors such as personal values, cultural influences, and organizational contexts to deepen our understanding of how these aspects shape information security behavior. Additionally, investigating the moderating effects of variables like job roles, industry types, and technological advancements could provide a more nuanced perspective on the relationship between work ethic and security behaviors.
From a practical standpoint, our findings have important implications for human resource personnel, organizational leaders, and cybersecurity professionals. Incorporating assessments of work ethic dimensions related to security consciousness during recruitment processes can help identify candidates predisposed towards responsible security practices. Tailoring security training programs to resonate with different work ethic profiles can enhance their effectiveness, while crafting flexible yet robust policies aligned with varying work ethic perceptions can foster better compliance and adherence to security protocols.
Furthermore, our study underscores the significance of cultivating a strong security culture within organizations. By promoting values such as diligence, ethical conduct, self-reliance, and time management alongside emphasizing the importance of security measures, organizations can foster a climate where security becomes ingrained in everyday practices rather than seen as an external imposition.
Beyond individual organizations, our findings also have broader industry relevance. Collaborative efforts to standardize assessments of work ethic dimensions related to security behaviors can lead to more effective talent management strategies across sectors. Sharing best practices and research insights regarding the interplay between work ethic and security behaviors can contribute to collective learning and continuous improvement in cybersecurity practices at a broader industry level.
In conclusion, our study not only advances academic knowledge but also offers actionable insights for practitioners to strengthen their cybersecurity posture, nurture a security-conscious workforce, and contribute to a more resilient and secure business environment.
Ramakrishnan, T., Hite, D.M., Schuessler, J.H. and Prybutok, V. (2022), “Work ethic and information security behavior”, Information and Computer Security, Vol. 30 No. 3, pp. 364-381. https://doi.org/10.1108/ICS-02-2021-0017
Abstract:
Purpose
Information security is a growing issue that impacts organizations in virtually all industries, and data breaches impact millions of customers and cost organizations millions of dollars. Within the past several years alone, huge data breaches have been experienced by organizations such as Marriot, Equifax, eBay, JP Morgan Chase, Home Depot, Target and Yahoo, the latter of which impacted three billion users. This study aims to examine the utilization of pre-employment screening to identify potential hires that may require enhanced information security training to avoid such costs.
Design/methodology/approach
The authors hypothesize that an individual’s work ethic predicts a person’s information security behavior. The authors test this hypothesis using structural equation modeling with bootstrapping techniques.
Findings
Data analysis suggests that certain dimensions of work ethic do indeed predict information security posture, and thus, simple pre-employment screening techniques (i.e. questionnaires) can aid in identifying potential security threats.
Practical implications
The findings provide a tool for identifying problematic employee security posture prior to hiring, which may be useful in identifying training needs for new hires.
Originality/value
The findings provide a tool for identifying problematic employee security posture prior to hiring, which may be useful in identifying training needs for new hires.
Dr. Joseph H. Schuessler (2011)
Professor of Business Computer Information Systems
Dr. Sam Pack College of Business
Email: schuessler@tarleton.edu
Office: Fort Worth Building, Room 323
Phone: 682-703-7068
Visit Dr. Schuessler’s Website
Program Coordinator for MBA Program
More Info:
- PhD, University of North Texas, Business Computer Information Systems, 2009
- MS, University of North Texas, Information Technology, 2003
- MBA, University of North Texas, Business Computer Information Systems, 2001
- BBA, University of North Texas, Strategic Management, 1994
Teaching Interests: Network Administration, Network Security
Research Interests: Computer and Network Security
Professional certifications and licenses:
- CompTIA A+
- TestOut PC Pro
- CompTIA Network+
- TestOut Network Pro
- CompTIA Security+
- ACUE Certified in Effective Online Teaching
- QM Certified Master Reviewer
- QM Peer Reviewer