Toward a Theory of Information Systems Security Behaviors of Organizational Employees: A Dialectical Process Perspective

Practice-/policy-oriented abstract: Understanding why employees do or do not comply with information systems security (ISS) procedures is an imperative in today’s organizations whose futures often depend on how well they protect and harness information assets. We use a predominantly inductive approach to develop a theoretical understanding of how employees’ reasons for engaging to ISS behaviors (ISSBs) change over time, using ideas from dialectics as our scaffolding. Our dialectical view of this process suggests that explanations for engaging in different ISSBs change over time as individuals seek to balance contradictory demands. Furthermore, our view suggests that new experiences and ext…

Toward a stage theory of the development of employees’ information security behavior

Existing behavioral information security research proposes continuum or non-stage models that focus on finding static determinants for information security behavior (ISB) that remains unchanged. Such models cannot explain a case where the reasons for ISB change. However, the underlying reasons and motives for users’ ISB are not static but may change over time. To understand the change in reasoning between different antecedents, we examine stage theorizing in other fields and develop the requirements for an emergent theory of the development of employees’ ISB: (1) the content of stages based on the stage elements and their stage-specific attributes; (2) the stage-independent element explaini…

Beyond economic and financial analyses : A revelatory study of IT security investment decision-making process

Information Technology (IT) security breaches and the extent of damage they may cause to an organization are inherently uncertain. Therefore, managers’ decisions about whether to make IT security investment (ITSI) and how much, depend upon a subjective assessment of the economic value of the investment and the likelihood of the damage to the organization. When managers delay or fail to decide on whether and how much to invest in IT security, it can make organizations vulnerable to operational and strategic perils. Based upon interviews, document reviews, and observations in three organizations in Finland that made ITSI decisions to acquire a secure email application system, we examined the …

Skizze eines Marketingkommunikationsplans für ein deutsches Vertriebsunternehmen

Brändin muutos - näkökulmia onnistuneeseen sisäiseen implementointiin

Brändi käsitteenä ei ole mikään uusi keksintö. Sen sisältö ja merkitys ovat kuitenkin viime vuosina muuttuneet merkittävästi. Brändi voidaankin nyt entistä vahvemmin nähdä osana yrityksen aineetonta pääomaa ja yrityksen kilpailuedun lähteenä. Tässä työssä tutkittiin sitä, mitä tulisi huomioida onnistuneessa brändin sisäisessä implementoinnissa käyttäen interdisiplinääristä lähestymistapaa. Brändin implementoinnin onnistumiseen vaikuttavia syitä pyritään löytämään niin brändin määrittely – kuin sen käytäntöönpanovaiheista. Erityisesti tarkasteltiin brändiviestinnän luonnetta ja merkitystä brändin muutosprosessin osana. Tutkimuksessa käytettiin laadullista tutkimusotetta täydennettynä määräll…