An Empirical Study On Security Behavior Based On Risk Cognition

The 19 th National Congress of the Communist Party of China proposed that we should adhere to the overall national security outlook and raise the importance of security and confidentiality work to a new historical height.State secrets are related to national security,and trade secrets are related to the core competitiveness of enterprises.Once leaked,it will damage the interests of organizations.The secret-related personnel are the main body to fulfill the responsibility of confidentiality.The struggle against secret-stealing and secret-telling is ultimately the struggle of human beings.Therefore,the study of personal behavior has theoretical significance and application value for the development of security and confidentiality work.Based on the research results of information security behavior,considering the particularity of security and confidentiality work,this thesis focuses on the recognition of leak risk.Combining with the theory of planned behavior,the theory of fear appeal and the theory of deterrence,this thesis establishes a model of security and confidentiality behavior based on risk perception and puts forward the hypothesis of the model.Based on the existing mature scale and the particularity of security and confidentiality work,this thesis designs a questionnaire to investigate the impact of security and confidentiality risk perception on personal confidentiality behavior.Data are collected from large state-owned enterprises of different industries and sizes.We verified the reliability and validity of the questionnaire.Finally,PLS-SEM is used to test the hypothesis of the risk-aware security and confidentiality behavior model.Results show that the risk-perception based security behavior model is basically reasonable.The research results show that the experience and input of individual organizations in security and confidentiality have a positive and significant impact on his behavioral attitudes.The organization's confidentiality system has a positive and significant impact on the subjective norms of individual security and confidentiality behavior,and then indirectly affects their behavioral intentions.The individual's intentions,self-efficacy and awareness of seriousness of the consequences of the leakage risk have a positive impact on their actual security and confidentiality.Factors that have a positive impact on the severity of the individual's consequences for the risk of compromise include the organization's confidentiality regime and ethical constraints.In view of the above conclusions,the thesis puts forward some suggestions for doing a good job in security and confidentiality in terms of personnel training,system construction and publicity and education.