IDEAS home Printed from https://ideas.repec.org/a/rnd/arimbr/v15y2023i1p1-13.html
   My bibliography  Save this article

Assessing Information Security Competencies of Firm Leaders towards Improving Procedural Information Security Countermeasure: Awareness and Cybersecurity Protective Behavior

Author

Listed:
  • Saif Hussein Abdallah Alghazo
  • Norshima Humaidi
  • Shereen Noranee

Abstract

Cybersecurity threats are a serious issue faced by many organizations in this new information era. Therefore, security leaders play a significant role not only to ensure that all their employees are practicing good security behavior to protect organizational information assets but also to ensure that security technology has been installed properly to protect network infrastructure. This study aims to examine cybersecurity protective behavior (CPB) among employees in the organization and focus on the role of leadership competencies and information security countermeasure awareness. The questionnaires were distributed via email and self-administered, and the study managed to obtain 245 responses. Partial Least Squares-Structural Equation Modeling (PLS-SEM) analysis was used to analyze the final data. Confirmatory factor analysis (CFA) testing shows that all the measurement items of each construct were adequate in their validity individually based on their factor loading value. Moreover, each construct is valid based on its parameter estimates and statistical significance. The research findings show that Procedural Information Security Countermeasure (PCM) awareness strongly influences CPB compared to a leader's information security competencies (ISI). Meanwhile, ISI significantly influences PCM awareness. This study adapts the theory of leadership competencies in the context of cybersecurity, which is particularly beneficial to any industry in improving organizational information security strategic plans.

Suggested Citation

  • Saif Hussein Abdallah Alghazo & Norshima Humaidi & Shereen Noranee, 2023. "Assessing Information Security Competencies of Firm Leaders towards Improving Procedural Information Security Countermeasure: Awareness and Cybersecurity Protective Behavior," Information Management and Business Review, AMH International, vol. 15(1), pages 1-13.
    • Handle: RePEc:rnd:arimbr:v:15:y:2023:i:1:p:1-13
    DOI: 10.22610/imbr.v15i1(I)SI.3408
    as

    Download full text from publisher

    File URL: https://ojs.amhinternational.com/index.php/imbr/article/view/3408/2160
    Download Restriction: no
    File URL: https://ojs.amhinternational.com/index.php/imbr/article/view/3408
    Download Restriction: no
    File URL: https://libkey.io/10.22610/imbr.v15i1(I)SI.3408?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Lee, In, 2021. "Cybersecurity: Risk management framework and investment cost analysis," Business Horizons, Elsevier, vol. 64(5), pages 659-671.
    2. Kimani, Kenneth & Oduol, Vitalice & Langat, Kibet, 2019. "Cyber security challenges for IoT-based smart grid networks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 25(C), pages 36-49.
    3. Haqaf, Husam & Koyuncu, Murat, 2018. "Understanding key skills for information security managers," International Journal of Information Management, Elsevier, vol. 43(C), pages 165-172.
    4. Donalds, Charlette & Osei-Bryson, Kweku-Muata, 2020. "Cybersecurity compliance behavior: Exploring the influences of individual decision style and other antecedents," International Journal of Information Management, Elsevier, vol. 51(C).
    5. Korzynski, Pawel & Kozminski, Andrzej Krzysztof & Baczynska, Anna & Haenlein, Michael, 2021. "Bounded leadership: An empirical study of leadership competencies, constraints, and effectiveness," European Management Journal, Elsevier, vol. 39(2), pages 226-235.
    6. John D'Arcy & Anat Hovav & Dennis Galletta, 2009. "User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach," Information Systems Research, INFORMS, vol. 20(1), pages 79-98, March.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Kumju Hwang & Hyemi Um, 2021. "Social Controls and Bonds of Public Information Consumer on Sustainable Utilization and Provision for Computing," Sustainability, MDPI, vol. 13(9), pages 1-20, May.
    2. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    3. Jae Kyu Lee & Younghoon Chang & Hun Yeong Kwon & Beopyeon Kim, 2020. "Reconciliation of Privacy with Preventive Cybersecurity: The Bright Internet Approach," Information Systems Frontiers, Springer, vol. 22(1), pages 45-57, February.
    4. Eric Jardine, 2020. "The Case against Commercial Antivirus Software: Risk Homeostasis and Information Problems in Cybersecurity," Risk Analysis, John Wiley & Sons, vol. 40(8), pages 1571-1588, August.
    5. Rao Faizan Ali & P.D.D. Dominic & Kashif Ali, 2020. "Organizational Governance, Social Bonds and Information Security Policy Compliance: A Perspective towards Oil and Gas Employees," Sustainability, MDPI, vol. 12(20), pages 1-27, October.
    6. V. S. Prakash Attili & Saji K. Mathew & Vijayan Sugumaran, 2022. "Information Privacy Assimilation in IT Organizations," Information Systems Frontiers, Springer, vol. 24(5), pages 1497-1513, October.
    7. A. J. Burns & Clay Posey & James F. Courtney & Tom L. Roberts & Prabhashi Nanayakkara, 2017. "Organizational information security as a complex adaptive system: insights from three agent-based models," Information Systems Frontiers, Springer, vol. 19(3), pages 509-524, June.
    8. Silva, Leiser & Hsu, Carol & Backhouse, James & McDonnell, Aidan, 2016. "Resistance and power in a security certification scheme: the case of c:cure," LSE Research Online Documents on Economics 68348, London School of Economics and Political Science, LSE Library.
    9. Sumantra Sarkar & Anthony Vance & Balasubramaniam Ramesh & Menelaos Demestihas & Daniel Thomas Wu, 2020. "The Influence of Professional Subculture on Information Security Policy Violations: A Field Study in a Healthcare Context," Information Systems Research, INFORMS, vol. 31(4), pages 1240-1259, December.
    10. Ryan S. Montrose & John F. Gardner & Aykut C. Satici, 2021. "Centralized and Decentralized Optimal Control of Variable Speed Heat Pumps," Energies, MDPI, vol. 14(13), pages 1-18, July.
    11. Debabrata Dey & Abhijeet Ghoshal & Atanu Lahiri, 2022. "Circumventing Circumvention: An Economic Analysis of the Role of Education and Enforcement," Management Science, INFORMS, vol. 68(4), pages 2914-2931, April.
    12. Son, Jai-Yeol & Park, Jongpil, 2016. "Procedural justice to enhance compliance with non-work-related computing (NWRC) rules: Its determinants and interaction with privacy concerns," International Journal of Information Management, Elsevier, vol. 36(3), pages 309-321.
    13. Jack Shih-Chieh Hsu & Sheng-Pao Shih & Yu Wen Hung & Paul Benjamin Lowry, 2015. "The Role of Extra-Role Behaviors and Social Controls in Information Security Policy Effectiveness," Information Systems Research, INFORMS, vol. 26(2), pages 282-300, June.
    14. Fariborz Farahmand & Eugene H. Spafford, 2013. "Understanding insiders: An analysis of risk-taking behavior," Information Systems Frontiers, Springer, vol. 15(1), pages 5-15, March.
    15. Mengmeng Song & Joseph Ugrin & Man Li & Jinnan Wu & Shanshan Guo & Wenpei Zhang, 2021. "Do Deterrence Mechanisms Reduce Cyberloafing When It Is an Observed Workplace Norm? A Moderated Mediation Model," IJERPH, MDPI, vol. 18(13), pages 1-16, June.
    16. Shahid Mahmood & Moneeb Gohar & Jin-Ghoo Choi & Seok-Joo Koh & Hani Alquhayz & Murad Khan, 2021. "Digital Certificate Verification Scheme for Smart Grid using Fog Computing (FONICA)," Sustainability, MDPI, vol. 13(5), pages 1-19, February.
    17. Chang-Gyu Yang & Hee-Jun Lee, 2016. "A study on the antecedents of healthcare information protection intention," Information Systems Frontiers, Springer, vol. 18(2), pages 253-263, April.
    18. Carol Hsu & Jae-Nam Lee & Detmar W. Straub, 2012. "Institutional Influences on Information Systems Security Innovations," Information Systems Research, INFORMS, vol. 23(3-part-2), pages 918-939, September.
    19. Gabriel Abu-Tayeh & Oliver Neumann & Matthias Stuermer, 2018. "Exploring the Motives of Citizen Reporting Engagement: Self-Concern and Other-Orientation," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 60(3), pages 215-226, June.
    20. Henock Mulugeta Melaku, 2023. "Context-Based and Adaptive Cybersecurity Risk Management Framework," Risks, MDPI, vol. 11(6), pages 1-22, May.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:rnd:arimbr:v:15:y:2023:i:1:p:1-13. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Muhammad Tayyab (email available below). General contact details of provider: https://ojs.amhinternational.com/index.php/imbr .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.