It Is Not Only About Having Good Attitudes: Factor Exploration of the Attitudes Toward Security Recommendations

Authors

Miguel A. Toro-Jarrin, Yachay Tech
Pilar Pazos, Old Dominion UniversityFollow
Miguel A. Padilla, Old Dominion UniversityFollow

Document Type

Article

Publication Date

2024

DOI

10.1093/cybsec/tyae011

Publication Title

Journal of Cybersecurity

Volume

10

Issue

1

Pages

tyae011 (1-10)

Abstract

Numerous factors determine information security-related actions (IS-actions) in the workplace. Attitudes toward following security rules and recommendations and attitudes toward specific IS actions determine intentions associated with those actions. IS research has examined the role of the instrumental aspect of attitudes. However, authors argue that attitudes toward a behavioral object are a multidimensional construct. We examined the dimensionality of attitudes toward security recommendations, hypothesized its multidimensional nature, and developed a new scale [attitudes toward security recommendations (ASR scale)]. The results indicated the multidimensional nature of attitudes toward security recommendations supporting our hypothesis. The results revealed two dimensions corresponding to the perceived legitimacy and effectiveness of security recommendations and its perceived rigor. The new ASR scale showed good psychometric properties. This work contributes to the IS research at suggesting that attitudes are a multidimensional construct in the IS context. These findings imply that the employee’s evaluation of information security policy can be examined considering their instrumentality (security recommendations are important) and rigor (security recommendations are strict). Different effects of the dimensions of attitudes over IS-action suggest different interventions. Additionally, this study offers the ASR scale as a new instrument to capture employees’ evaluation of security recommendations.

Rights

© The Authors 2024.

This is an Open Access article distributed under the terms of the Creative Commons Attribution 4.0 International License, which permits unrestricted reuse, distribution, and reproduction in any medium, provided the original work is properly cited.

ORCID

0000-0003-4348-7798 (Pazos)

Original Publication Citation

Toro-Jarrin, M. A., Pazos, P., & Padilla, M. A. (2024). It is not only about having good attitudes: Factor exploration of the attitudes toward security recommendations. Journal of Cybersecurity, 10(1), 1-10, Article tyae011. https://doi.org/10.1093/cybsec/tyae011

Repository Citation

Toro-Jarrin, Miguel A.; Pazos, Pilar; and Padilla, Miguel A., "It Is Not Only About Having Good Attitudes: Factor Exploration of the Attitudes Toward Security Recommendations" (2024). Engineering Management & Systems Engineering Faculty Publications. 214.
https://digitalcommons.odu.edu/emse_fac_pubs/214