Identifying factors that influence individual information security practices at work

Data and information within organizations have become important assets that can create a significant competitive advantage and therefore need to be given careful attention. Research from industry has reported that the majority of security-related problems are indirectly caused by employees who disobey the information security policies of their organizations. This study proposes a model to evaluate the factors that influence individual's information security practices (IISP) at work. Drawing on social cognitive and control theories, the proposed model includes cognitive, environmental, and control factors as antecedents of individual information security practices at work. This study presents the results of two hundred sixty two (262) useable responses to a survey about individual information security practices (IISP) at work. PLS-SEM statistical modeling technique method was used to estimate the path relationships in the model. The structural equation model analysis showed that most of the hypotheses proposed in this study were supported.;The findings of this study could be used to develop effective security policies and training. They could also be used to develop effective security audits and further recommendations for organizations that are looking to make significant improvements in their information security profiles.