최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기융합정보논문지 = Journal of Convergence for Information Technology, v.10 no.9, 2020년, pp.123 - 135
황인호 (국민대학교 교양대학)
Recently organizations are implementing strict security policies and technologies to minimize security incidents. However, strict information security can cause work stress of employees and can make it difficult to achieve security goals. The purpose of this study is to present the preconditions for...
* AI 자동 식별 결과로 적합하지 않은 문장이 있을 수 있으니, 이용에 유의하시기 바랍니다.
핵심어 | 질문 | 논문에서 추출한 답변 |
---|---|---|
정보보안 준수의도란 무엇인가? | 정보보안 준수의도는 조직이 보유한 정보에 대하여 내부 또는 외부의 침입, 위협으로부터 보호하고자 하는 조직원의 의지로 정의된다[7]. 정보보안 이행 수준을 높이기 위해서는 조직원들의 준수의도를 높이기 위한 조직 차원의 지원 등 노력이 필요하다[15]. | |
엄격한 수준의 정보보안 도입 시 어떤 문제점이 발생할 수 있는가? | 최근 조직들은 보안 사고 최소화를 위하여 엄격한 보안 정책 및 기술을 도입하고 있다. 반면, 엄격한 수준의 정보보안 도입은 조직원의 업무 스트레스를 발생시켜, 조직의 보안 목표 달성에 어려움을 줄 수 있다. 본 연구의 목적은 보안 관련 업무스트레스의 부정적 영향을 완화하는 방안을 제시하는 것이다. | |
Loch et al.가 제시한 조직의 보안 사고 유형 별 문제점 및 해결방안에 대해 설명하시오. | [1992]는 조직의 보안 사고 유형을 외부-내부, 인간-비인간 측면으로 4그룹으로 구분하여 각각의 문제점 및 해결방안을 제시하였다[4]. 외부-인간, 내부-비인간 유형은 해킹과 같은 기술적 침해로 발생하는 문제로 기술적 개선을 통해 보안 위협을 해결할 수 있다고 보았으며, 외부-비인간 유형은 자연 재해와 같은 유형으로서 예측이 불가한 특성을 가진다고 하였다. 반면, 내부-인간 유형은 조직원에 의해 발생하는 정보 노출 사고로서, 충분히 해결할 수 있는 문제이나, 내부자 스스로가 보안 준수 행동을 결정해야만 문제를 해결할 수 있다고 보았다[4]. 또한 Hwang et al. |
T. Kim. (2018). Concern and Prediction for Future Information Security expected by IT Executives. Journal of Convergence for Information Technology, 8(6), 117-122. DOI : 10.22156/CS4SMB.2018.8.6.117
Statista. (2020) Information security technology market size 2016-2023. (Online) https://www.statista.com/statistics
Verizon. (2020), 2020 Data Breach Investigations Report.
K. D. Loch, H. H. Carr & M. E. Warkentin. (1992). Threats to information systems: Today's reality, yesterday's understanding. MIS Quarterly, 16(2), 173-186. DOI : 10.2307/249574.
J. D'Arcy, A. Hovav & D. Galletta. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach, Information Systems Research, 20(1), 79-98. DOI : 10.1287/isre.1070.0160.
I. Hwang, D. Kim, T. Kim & S. Kim. (2017). Why not comply with information security? An empirical approach for the causes of non-compliance, Online Information Review, 41(1), 1-17. DOI : 10.1108/OIR-11-2015-0358.
B. Bulgurcu, H. Cavusoglu & I. Benbasat. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness, MIS Quarterly, 34(3), 523-548.
S. Aurigemma & T. Mattson, (2017). Deterrence and punishment experience impacts on ISP compliance attitudes. Information and Computer Security, 25(4), 421-436. DOI : 10.1108/ICS-11-2016-0089.
J. Y. Son. (2011). Out of fear or desire? Toward a better understanding of employees' motivation to follow IS security policies. Information & Management, 48(7), 296-302. DOI : 10.1016/j.im.2011.07.002.
N. S. Safa, C. Maple, S. Furnell, M. A. Azad, C. Perera, M. Dabbagh & M. Sookhak. (2019). Deterrence and prevention-based model to mitigate information security insider threats in organizations. Future Generation Computer Systems, 97, 587-597. DOI : 10.1016/j.future.2019.03.024.
I. Hwang & O. Cha. (2018). Examining technostress creators and role stress as potential threats to employees' information security compliance. Computers in Human Behavior, 81, 282-293. DOI : 10.1016/j.chb.2017.12.022.
J. D'Arcy & P. L. Teh. (2019). Predicting employee information security policy compliance on a daily basis: The interplay of security-related stress, emotions, and neutralization. Information & Management, 56(7), 103151. DOI : 10.1016/j.im.2019.02.006.
I. Yun & J. Lee. (2016). An empirical study information security awareness of elderly welfare workers on security empowerment and information security behavior. Journal of Convergence for Information Technology, 6(4), 9-15. DOI : 10.22156/CS4SMB.2016.6.4.009.
Y. Chen, K. Ramamurthy & K. W. Wen. (2012). Organizations' information security policy compliance: Stick or carrot approach?. Journal of Management Information Systems, 29(3), 157-188. DOI : 10.2753/MIS0742-1222290305.
I. Hwang, R. Wakefield, S. Kim & T. Kim. (2019). Security awareness: The first step in information security compliance behavior. Journal of Computer Information Systems, 1-12. DOI: 10.1080/08874417.2019.1650676
R. Ayyagari, V. Grover & R. Purvis. (2011). Technostress: Technological antecedents and implications. MIS Quarterly, 35(4), 831-858. DOI : 10.2307/41409963.
C. L. Cooper, P. J. Dewe & M. P. O'Driscoll. (2001). Organizational stress: A review and critique of theory, Research, and Applications. Sage.
P. S. Galluch, V. Grover & J. B. Thatcher. (2015). Interrupting the workplace: Examining stressors in an information technology context. Journal of the Association for Information Systems, 16(1), 1-47. DOI : 10.17705/1jais.00387.
D. F. Parker & T. A. DeCotiis. (1983). Organizational determinants of job stress. Organizational Behavior and Human Performance, 32(2), 160-177. DOI : 10.1016/0030-5073(83)90145-9.
M. Tarafdar, Q. Tu, B. S. Ragu-Nathan & T. S. Ragu-Nathan. (2007). The impact of technostress on role stress and productivity. Journal of Management Information Systems, 24(1), 301-328. DOI : 10.2753/MIS0742-1222240109.
M. Tarafdar, E. Bolman Pullins & T. S. Ragu-Nathan. (2014). Examining impacts of technostress on the professional salesperson's behavioral performance. Journal of Personal Selling and Sales Management, 34(1), 51-69. DOI : 10.1080/08853134.2013.870184.
S. Kim, J. Im & J. Hwang. (2015). The effects of mentoring on role stress, job attitude, and turnover intention in the hotel industry. International Journal of Hospitality Management, 48, 68-82. DOI : 10.1016/j.ijhm.2015.04.006.
Z. Yan, X. Guo, M. K. Lee & D. R. Vogel. (2013). A conceptual model of technology features and technostress in telemedicine communication. Information Technology & People, 26(3), 283-297. DOI : 10.1108/ITP-04-2013-0071.
J. D'Arcy, T. Herath & M. K. Shoss. (2014). Understanding employee responses to stressful information security requirements: A coping perspective. Journal of Management Information Systems, 31(2), 285-318. DOI : 10.2753/MIS0742-1222310210.
J. R. Edwards & D. M. Cable, D. M. (2009). The value of value congruence. Journal of Applied Psychology, 94(3), 654. DOI : 10.1037/a0014891.
J. A. Chatman. (1989). Improving interactional organizational research: A model of person-organization fit. Academy of Management Review, 14(3), 333-349. DOI : 10.5465/amr.1989.4279063.
T. R. Tyler & S. L. Blader. (2005). Can businesses effectively regulate employee conduct? The antecedents of rule following in work settings. Academy of Management Journal, 48(6), 1143-1158. DOI : 10.5465/amj.2005.19573114.
I. Topa & M. Karyda. (2015, September). Identifying factors that influence employees' security behavior for enhancing ISP compliance. In International Conference on Trust and Privacy in Digital Business (pp. 169-179). Springer, Cham.
P. Jimenez, A. Dunkl & S. PeiBl. (2015). Workplace incivility and its effects on value congruence, recovery-stress-state and the intention to quit. Psychology, 6(14), 1930-1939. DOI : 10.4236/psych.2015.614190.
M. Siegall & T. McDonald. (2004). Personorganization value congruence, burnout and diversion of resources. Personnel Review. 33(3), 291-301. DOI : 10.1108/00483480410528832.
B. E. Wright. (2004). The role of work context in work motivation: A public sector application of goal and social cognitive theories. Journal of Public Administration Research and Theory, 14(1), 59-78. DOI : 10.1093/jopart/muh004.
M. C. Andrews & K. M. Kacmar. (2001). Confirmation and extension of the sources of feedback scale in service-based organizations. The Journal of Business Communication, 38(2), 206-226. DOI : 10.1177/002194360103800204
M. A. Campion & R. G. Lord. (1982). A control systems conceptualization of the goal-setting and changing process. Organizational Behavior and Human Performance, 30(2), 265-287. DOI : 0.1016/0030-5073(82)90221-5.
B. McAfee, V. Quarstein & A. Ardalan. (1995). The effect of discretion, outcome feedback, and process feedback on employee job satisfaction. Industrial Management & Data Systems. 95(5), 7-12. DOI :10.1108/02635579510088128.
K. J. Knapp, R. F. Morris Jr, T. E. Marshall & T. A. Byrd. (2009). Information security policy: An organizational-level process model. Computers & security, 28(7), 493-508. DOI : 10.1016/j.cose.2009.07.001
A. H. .Hon, W. W. Chan & L. Lu. (2013). Overcoming work-related stress and promoting employee creativity in hotel industry: The role of task feedback from supervisor. International Journal of Hospitality Management, 33, 416-424. DOI : 10.1016/j.ijhm.2012.11.001.
J. C. Nunnally. (1978). Psychometric theory (2nd ed.). New York: McGraw-Hill.
B. H. Wixom & H. J. Watson. (2001). An empirical investigation of the factors affecting data warehousing success. MIS Quarterly, 25(1), 17-41. DOI : 10.2307/3250957.
C. Fornell & D. F. Larcker. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39-50. DOI: 10.2307/3151312.
P. M. Podsakoff, S. B. MacKenzie, J. Y. Lee & N. P. 2Podsakoff. (2003). Common method biases in behavioral research: A critical review of the literature and recommended remedies. Journal of Applied Psychology, 88(5), 879-903. DOI : 10.1037/0021-9010.88.5.879.
G. C. Lin, Z. Wen, H. W. Marsh & H. S. Lin. (2010). Structural equation models of latent interactions: Clarification of orthogonalizing and double-mean-centering strategies. Structural Equation Modeling, 17(3), 374-391. DOI : 10.1080/10705511.2010.488999.
J. F. Dawson. (2014). Moderation in management research: What, why, when and how. Journal of Business and Psychology, 29, 1-19. DOI : 10.1007/s10869-013-9308-7.
*원문 PDF 파일 및 링크정보가 존재하지 않을 경우 KISTI DDS 시스템에서 제공하는 원문복사서비스를 사용할 수 있습니다.
Free Access. 출판사/학술단체 등이 허락한 무료 공개 사이트를 통해 자유로운 이용이 가능한 논문
※ AI-Helper는 부적절한 답변을 할 수 있습니다.