최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기정보화 정책 = Informatization policy, v.25 no.3 = no.96, 2018년, pp.95 - 115
김종기 (부산대학교 경영학과) , 오다운 (부산대학교 경영학과)
This study aims to examine organization members' intention to violate security policies based on the Person-Environment Fit Model. This study investigated the effect of the relationship between organizational security environment and the individual security value on the intention of organizational s...
핵심어 | 질문 | 논문에서 추출한 답변 |
---|---|---|
기업이 다양한 보안 위협에 어떻게 노출되어있나? | 기업은 시스템의 결함과 기술적 문제, 조직 구성원 들의 정보 자원 오·남용 등 내·외부로부터 다양한 보안 위협에 노출되어 있다. 그러므로 정보를 보호하기 위해 체계적인 보안 관리 시스템을 도입하고 자체적으로 보안정책 수립 및 교육을 실시하는 기업이 증가하고 있다. | |
보안 기술이 향상되어 나타나는 이점은? | 보안 기술이 향상되면서 최종 사용자에게 요구되는 작업 지식이나 시간 부담을 줄이기 위해 보안 패치 관리, 업데이트 등 다양한 작업들이 자동화되고 있다(Herath & Rao, 2009). 컴퓨터와 네트워크 자원을 올바르게 사용하는 법, 주기적인 패스워드 관리, 데이터 백업 관리 등은 보안 기술보다 조직 내 보안정책을 통해 다루어진다. | |
기업들이 보안 위협에 대응하는 방법은? | 기업은 시스템의 결함과 기술적 문제, 조직 구성원 들의 정보 자원 오·남용 등 내·외부로부터 다양한 보안 위협에 노출되어 있다. 그러므로 정보를 보호하기 위해 체계적인 보안 관리 시스템을 도입하고 자체적으로 보안정책 수립 및 교육을 실시하는 기업이 증가하고 있다. 그러나 실제로 기업 차원에서 행하는 보안위반 행위의 규제가 미흡하고 조직 구성원들의 낮은 보안 인식으로 외부로 기업 정보가 유출되거나 취약점이 노출되는 등 문제가 급격히 증가하고 있다. |
곽금주 (1998). "자기효능감과 도덕적 이탈 ( I )." 한국심리학회지: 발달, 11(1): 1-11.
김계수 (2013). Smartpls 이용 쉬운 구조방정식모델. 청람
김상현.송영미 (2011). "조직 구성원들의 정보보안 정책 준수 동기요인에 관한 연구." e-비즈니스연구, 12(3): 327-349.
임명성 (2013). "정보보안 상황에서의 도덕적 해방: 선행요인과 결과요인에 대한 연구." 디지털융복합연구, 11(11): 1-13.
한국인터넷진흥원 (2018). "KISA Report." RSA Conference 2018 특집편
Alnuaimi, O. A., Robert, L. P. & Maruping, L. M. (2010). "Team size, dispersion, and social loafing in technology-supported teams: A perspective on the theory of moral disengagement." Journal of Management Information Systems, 27(1): 203-230.
Ayyagari, R., Grover, V. & Purvis, R. (2011). "Technostress: Technological Antecedents and Implications." MIS Quarterly, 35(4): 831-858.
Bandura, A. (1999). "Moral Disengagement in the Perpetration of Inhumanities." Personality and Social Psychology Review, 3(3): 193-209.
Bandura, A., Barbaranelli, C., Caprara, G. V. & Pastorelli, C. (1996). "Mechanisms of Moral Disengagement in the Exercise of Moral Agency." Journal of Personality and Social Psychology, 71(2): 364-373.
Chan, M., Woon, I. & Kankanhalli, A. (2005). "Perceptions of information security in the workplace: linking information security climate to compliant behavior." Journal of Information Privacy and Security, 1(3): 18-41.
Chatman, J. A. (1989). "Matching people and organizations: Selection and socialization in public accounting firms." Academy of Management Proceedings, 1989(1): 199-203.
Cheng, L., Li, Y., Li, Y., Holm, E. & Zhai, Q.(2013). "Understanding the Violation of IS Security Policy in Organizations: An Integrated Model Based on Social Control and Deterrence Theory." Computers & Security, 39(Part B): 447-459.
Chu, A. M. & Chau, P. Y. (2014). "Development and Validation of Instruments of Information Security Deviant Behavior." Decision Support Systems, 66: 93-101.
Chu, A. M., Chau, P. Y. & So, M. K. (2015). "Explaining the misuse of information systems resources in the workplace: A dual-process approach." Journal of Business Ethics, 131(1): 209-225.
Cohen, J. O. (1988). Statistical Power analysis for the behavioral science(2nd ed.), Hillsdale, New Jersey, Lawrence erlbaum associates.
Cox, J. (2012) "Information systems user security: A structured model of the knowing-doing gap." Computers in Human Behavior, 28(5): 1849-1858.
D'arcy, J., Herath, T. & Shoss, M. K. (2014). "Understanding Employee Responses to Stressful Information Security Requirements: A Coping Perspective." Journal of Management Information Systems, 31(2): 285-318.
D'Arcy, J., Hovav, A. & Galletta, D. (2009). "User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach." Information Systems Research, 20(1): 79-98.
Dang, D., Pittayachawan, S. & Bruno, V. (2015). "Factors of people-centric security climate: Conceptual model and exploratory study in Vietnam." ACIS 2015 Proceedings.
Detert, J. R., Trevino, L. K. & Sweitzer, V. L. (2008). "Moral disengagement in ethical decision making: a study of antecedents and outcomes." Journal of Applied Psychology, 93(2): 374.
Edwards, I. R. & Shipp, A. I. (2007). "The relationship between person-environment fit and outcomes: An integrative." Perspectives on organizational fit, 1-75.
Edwards, J. R. (1996). "An Examination of Competing Version of the Person-Environment Fit Approach to Stress." Academy of Management Journal, 39: 292-339.
Enterprise, Verizon. (2017). 2017 Data Breach Investigations Report.
Greene, G. & D'Arcy, J. (2010). "Assessing the Impact of Security Culture and the Employee-Organization Relationship on IS Security Compliance." In 5th Annual Symposium on Information Assurance, 1-8.
Guo,, K. H. (2013) "Security-related behavior in using information systems in the workplace: A review and synthesis." Computer & Security, 32: 242-251.
Guo, K. H., Yuan, Y., Archer, N. P. & Connelly, C. E. (2011). "Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model." Journal of Management Information Systems, 28(2): 203-236.
Guo, K. H. & Yuan, Y. (2012). "The Effects of Multilevel Sanctions on Information Security Violoations: A Mediating Model." Information & Management, 49(6): 320-326.
Herath, T. & Rao, H. R. (2009). "Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness." Decision Support Systems, 47(2): 154-165.
Hovav, A. & D'Arcy, J. (2012). "Applying an extended model of deterrence across cultures: An investigation of information systems misuse in the US and South Korea." Information & Management, 49(2): 99-110.
Hsu, J. S. C., Shih, S. P., Hung, Y. W. & Lowry, P. B. (2015). "The role of extra-role behaviors and social controls in information security policy effectiveness." Information Systems Research, 26(2): 282-300.
Kim, H. W., Y. Xu, & J. Koh. (2004). "A comparison of online trust building factors between potential customers and repeat customers." Journal of the Association for Information Systems, 5(10): 392-420.
Lee, C., Lee, C. C. & Kim, S. (2016). "Understanding information security stress: Focusing on the type of information security compliance activity." Computer & Security, 59: 60-70.
Mishra, S. & Dhillon, G. (2006). "Information systems security governance research: a behavioral perspective." In 1st Annual Symposium on Information Assurance, Academic Track of 9th Annual NYS Cyber Security Conference. 27-35.
Moore, C., Detert, J. R., Klebe Trevino, L., Baker, V. L. & Mayer, D. M. (2012). "Why employees do bad things: Moral disengagement and unethical organizational behavior." Personnel Psychology, 65(1): 1-48.
Padayachee, K. (2016). "An assessment of opportunity-reducing techniques i n information security: An insider threat perspective." Decision Support Systems, 92: 47-56.
Pinsonneault, A. & Kraemer, K. (1993). "Survey research methodology in management information systems: an assessment." Journal of Management Information Systems, 10(2): 75-105.
Safa, N. S., Maple, C., Watson, T. & Von Solms, R. (2018). "Motivation and opportunity based model to reduce information security insider threats in organisations." Journal of Information Security and Applications, 40: 247-257.
Silverthorne, C. (2004). "The Impact of Organizational Culture and Person-Organization Fit on Organizational Commitment and Job Satisfaction in Taiwan." Leadership & Organization Development Journal, 25(7): 592-599.
Siponen, & Vance. (2010). "Neutralization: New Insights into the Problem of Employee Information Systems Security Policy Violations." MIS Quarterly, 34(3): 487-502.
Stanton, J. M., Stam, K. R., Guzman, I. & Caledra, C. (2003). "Examining the linkage between organizational commitment and information security." Presented at the SMC '03 2003 IEEE International Conference on Systems, Man and Cybernetics, IEEE. 3: 2501-2506.
Tenenhaus, M., Vinzi, V. E., Chatelin, Y. M. & Lauro, C. (2005). "PLS path modeling." Computational Statistics & Data Analysis, 48(1): 159-205.
Vance, A. & Siponen, M. (2012). "IS Security Policy Violations: A Rational Choice Perspective." Journal of Organizational and End User Computing, 24(1): 21-41.
Vroom, C. & Solms, von, R. (2004). "Towards information security behavioural compliance." Computers & Security, 23(3): 191-198.
Workman, M., Bommer, W. H. & Straub, D. (2008). "Security lapses and the omission of information security measures: A threat control model and empirical test." Computers in Human Behavior, 24(6): 2799-2816.
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
출판사/학술단체 등이 한시적으로 특별한 프로모션 또는 일정기간 경과 후 접근을 허용하여, 출판사/학술단체 등의 사이트에서 이용 가능한 논문
※ AI-Helper는 부적절한 답변을 할 수 있습니다.