IDEAS home Printed from https://ideas.repec.org/p/hal/journl/hal-02000435.html
   My bibliography  Save this paper

CEOs’ information security behavior in SMEs: Does ownership matter?

Author

Listed:
  • Yves Barlette

    (MRM - Montpellier Research in Management - UPVM - Université Paul-Valéry - Montpellier 3 - UPVD - Université de Perpignan Via Domitia - Groupe Sup de Co Montpellier (GSCM) - Montpellier Business School - UM - Université de Montpellier)

  • Katherine Gundolf

    (MRM - Montpellier Research in Management - UPVM - Université Paul-Valéry - Montpellier 3 - UPVD - Université de Perpignan Via Domitia - Groupe Sup de Co Montpellier (GSCM) - Montpellier Business School - UM - Université de Montpellier)

  • Annabelle Jaouen

    (MRM - Montpellier Research in Management - UPVM - Université Paul-Valéry - Montpellier 3 - UPVD - Université de Perpignan Via Domitia - Groupe Sup de Co Montpellier (GSCM) - Montpellier Business School - UM - Université de Montpellier)

Abstract

Past research in the area of behavioral information security has mainly focused on large company employees. However, SMEs constitute a relevant field of study, as they represent more than 99 percent of European companies and are subject to rapidly increasing security threats. In addition, within SMEs, CEOs play a vital role in protecting their information through the actions they can initiate and the influence they have on their employees. We attempt to fill a gap in information security (ISS) research, as few studies have aimed to understand CEOs' behaviors related to the implementation of ISS. In addition, the literature shows that particularly in a small firm context, ownership influences CEOs' behavior. Even less research has addressed SMEs, specifically with regard to the impact of ownership on CEOs' ISS-related behaviors. This paper details an empirical study based on the protection motivation theory (PMT) to investigate the following research question: what factors explain SME CEOs' information security protective behavior? We conducted a questionnaire-based survey with 292 SME CEOs, and we analyzed the collected data using partial least squares (PLS). Because the academic literature shows that SME CEOs engage in specific behaviors, we tested the influence of the PMT on two subgroups: SME owners (n=183) and non-owners (n=109). Our results show very important and significant discrepanciesbetween the two subgroups. Our work is original because it constitutes the first study dedicated to the protective behaviors of SME CEOs; moreover, it distinguishes between owners and non-owners. Our major theoretical contribution corresponds to the identification and investigation of this differentiated population, which requires more in-depth studies. The main managerial implication of our work is that as the factors triggering owner and non-owner SME CEOs protective behaviors are almost in total contrast, any communication or action should be specifically tailored to each audience.

Suggested Citation

  • Yves Barlette & Katherine Gundolf & Annabelle Jaouen, 2017. "CEOs’ information security behavior in SMEs: Does ownership matter?," Post-Print hal-02000435, HAL.
    • Handle: RePEc:hal:journl:hal-02000435
    DOI: 10.3917/sim.173.0007
    as

    Download full text from publisher

    To our knowledge, this item is not available for download. To find whether it is available, there are three options:
    1. Check below whether another version of this item is available online.
    2. Check on the provider's web page whether it is in fact available.
    3. Perform a search for a similarly titled item that would be available.

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Paméla Baillette & Yves Barlette, 2018. "Examining CEOs' behavior related to BYOD implementation through the CMUA," Post-Print hal-02102830, HAL.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:hal:journl:hal-02000435. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: CCSD (email available below). General contact details of provider: https://hal.archives-ouvertes.fr/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.