Can financial incentives help with the struggle for security policy compliance
作者: Sanjay Goel , Merrill Warkentin , Kevin J. Williams , Jingyi Huang
关键词:
摘要: Abstract This study examined the effects of financial incentives on security policy compliance. Participants were recruited for a computerized in-basket job simulation and randomly assigned to one three groups: (1) control group with no compliance; (2) positive frame (gain) where participants could gain up $5 (3) negative (loss) awarded $5, but would lose portion each compliance failure. Incentives increased individuals’ vigilance toward phishing emails decreased likelihood clicking links, incentive having strongest effects. worked better non-contextualized emails.
sci-hub.st 参考文章(84)
Alessandro Acquisti, Jens Grossklags, Privacy Attitudes and Privacy Behavior Springer, Boston, MA. pp. 165- 178 ,(2004) , 10.1007/1-4020-8090-5_13
Merrill Warkentin, Mikko Siponen, None, An Enhanced Fear Appeal Rhetorical Framework: Leveraging Threats to the Human Asset Through Sanctioning Rhetoric MIS Quarterly. ,vol. 39, pp. 113- 134 ,(2015) , 10.25300/MISQ/2015/39.1.06
Scott R. Boss, , Dennis F. Galletta, Paul Benjamin Lowry, Gregory D. Moody, Peter Polak, , , , , What Do Systems Users Have to Fear? Using Fear Appeals to Engender Threats and Fear that Motivate Protective Security Behaviors MIS Quarterly. ,vol. 39, pp. 837- 864 ,(2015) , 10.25300/MISQ/2015/39.4.5
Cass R Thaler, Richard H, Sunstein, Nudge: Improving Decisions About Health, Wealth, and Happiness ,(2008)
Allen C. Johnston, Robert Willison, Merrill Warkentin, The Role of Perceptions of Organizational Injustice and Techniques of Neutralization in Forming Computer Abuse Intentions americas conference on information systems. ,(2011)
Siponen, Vance, Neutralization: new insights into the problem of employee systems security policy violations Management Information Systems Quarterly. ,vol. 34, pp. 487- 502 ,(2010) , 10.2307/25750688
Lorrie Faith Cranor, Neha Atri, Joshua Sunshine, Hazim Almuhimedi, Serge Egelman, Crying wolf: an empirical study of SSL warning effectiveness usenix security symposium. pp. 399- 416 ,(2009)
Richard A. Barclay, Regulatory Economics: Cybersecurity-Who Cares? Threat and Apathy Worldwide, Outlook Uncertain Natural Gas & Electricity. ,vol. 30, pp. 30- 32 ,(2014) , 10.1002/GAS.21738
Jongwoo (Jonathan) Kim, Eun Hee (Eunice) Park, Richard L. Baskerville, A model of emotion and computer abuse Information & Management. ,vol. 53, pp. 91- 108 ,(2016) , 10.1016/J.IM.2015.09.003
Dan Ariely, Predictably Irrational: The Hidden Forces That Shape Our Decisions ,(2008)