Return to search

The Influence of Self-Determined Motivation on Security Education Training and Awareness (SETA) Programs

Despite the best efforts of many organizations, protection of information assets continues to be a major problem for a number of firms. A large portion of data breaches can be attributed to employees of the organization, who have been commonly identified as the weakest link in an organization’s overall security profile. Organizations implement security policies to give their employees guidelines for appropriate behavior related to information protection. For policies to be effective, employees must exhibit adequate comprehension of the secure behaviors described in the policy. Security Education, Training, and Awareness (SETA) programs have been utilized as an organizational mechanism for communicating the details of security policies and the importance of employees’ compliance. Although researchers have identified the importance of SETA programs in the implementation of security policies, individual differences among employees may contribute to the effectiveness of a SETA program. One such difference is an employee’s orientation toward self-determined (intrinsic) or control-oriented (extrinsic) forms of motivation related to both the workplace context and situational tasks, such as participation in a SETA program. A theoretical model is developed to assess the influence of an employee’s overall work motivation and perceptions of the work environment on his or her situational motivation toward participating in an organization’s SETA program. Methods for capturing the hypothesized relationships and analysis of the associated data are described. The findings indicate that an employee’s perceptions of autonomy, competence, and relatedness while participating in the SETA program have a significant impact on the employee’s motivation toward the SETA program. SETA program motivation significantly influenced an employee’s attitude toward the information security policy (ISP), cognition of ISP concepts, and intention to comply with the ISP while also serving as a significant predictor of an employee’s decision to participate in an additional training program. Implications for both research and practice are discussed.

Identiferoai:union.ndltd.org:MSSTATE/oai:scholarsjunction.msstate.edu:td-5544
Date14 August 2015
CreatorsMenard, Philip Roy
PublisherScholars Junction
Source SetsMississippi State University
Detected LanguageEnglish
Typetext
Formatapplication/pdf
SourceTheses and Dissertations

Page generated in 0.0021 seconds