Return to search

The Role of Self-Efficacy in Computer Security Behavior: Developing the Construct of Computer Security Self-Efficacy (CSSE)

As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors have been identified as contributing to these inappropriate security behaviors, however, not enough is known about the role of social factors in mediating these behaviors.
This study developed a new computer security self-efficacy (CSSE) construct, identified items of CSSE in the context of individuals' use of encrypted e-mail, and determined the validity and reliability of the items of CSSE. Further, significant factors of CSSE were identified. First, a qualitative phase comprising focus groups and an expert panel was used to identify valid items of CSSE, develop a new instrument to measure the new CSSE construct, and validate the new CSSE instrument. After completing the qualitative phase, a quantitative phase was employed to collect empirical data on the CSSE items. The CSSE measurement instrument was administered to IS users at a major university in the southeastern United States and 292 responses were received. The collected data was statistically analyzed to identify significant factors of CSSE and the items of CSSE that demonstrate high reliability. Factor analysis was performed using Principal Component Analysis (PCA) and identified four significant and highly reliable factors of CSSE with a cumulative variance of nearly 68%. The four factors were named Performance Accomplishments and Technical Support, Goal Commitment and Resource Availability, Experience Level, and Individual Characteristics. Additionally, 35 items of CSSE were identified as possessing high reliability.
This study contributes to advancing of the body of knowledge regarding the use of e-mail encryption by developing a new CSSE construct and extending Computer Self-Efficacy research into the area of computer security and e-mail encryption. Further, by identifying factors of CSSE, an understanding of what IS users believe will impact their ability to use encryption to send e-mail messages is obtained. This understanding can aid in enhancing the use of encryption mechanisms to send e-mail, promoting positive computer security behavior, and so contribute positively to IS practice.

Identiferoai:union.ndltd.org:nova.edu/oai:nsuworks.nova.edu:gscis_etd-1120
Date01 January 2011
CreatorsClarke, Marlon Renese
PublisherNSUWorks
Source SetsNova Southeastern University
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceCEC Theses and Dissertations

Page generated in 0.002 seconds