Document Type
Article
Publication Date
2024
DOI
10.1093/cybsec/tyae011
Publication Title
Journal of Cybersecurity
Volume
10
Issue
1
Pages
tyae011 (1-10)
Abstract
Numerous factors determine information security-related actions (IS-actions) in the workplace. Attitudes toward following security rules and recommendations and attitudes toward specific IS actions determine intentions associated with those actions. IS research has examined the role of the instrumental aspect of attitudes. However, authors argue that attitudes toward a behavioral object are a multidimensional construct. We examined the dimensionality of attitudes toward security recommendations, hypothesized its multidimensional nature, and developed a new scale [attitudes toward security recommendations (ASR scale)]. The results indicated the multidimensional nature of attitudes toward security recommendations supporting our hypothesis. The results revealed two dimensions corresponding to the perceived legitimacy and effectiveness of security recommendations and its perceived rigor. The new ASR scale showed good psychometric properties. This work contributes to the IS research at suggesting that attitudes are a multidimensional construct in the IS context. These findings imply that the employee’s evaluation of information security policy can be examined considering their instrumentality (security recommendations are important) and rigor (security recommendations are strict). Different effects of the dimensions of attitudes over IS-action suggest different interventions. Additionally, this study offers the ASR scale as a new instrument to capture employees’ evaluation of security recommendations.
Rights
© The Authors 2024.
This is an Open Access article distributed under the terms of the Creative Commons Attribution 4.0 International License, which permits unrestricted reuse, distribution, and reproduction in any medium, provided the original work is properly cited.
ORCID
0000-0003-4348-7798 (Pazos)
Original Publication Citation
Toro-Jarrin, M. A., Pazos, P., & Padilla, M. A. (2024). It is not only about having good attitudes: Factor exploration of the attitudes toward security recommendations. Journal of Cybersecurity, 10(1), 1-10, Article tyae011. https://doi.org/10.1093/cybsec/tyae011
Repository Citation
Toro-Jarrin, Miguel A.; Pazos, Pilar; and Padilla, Miguel A., "It Is Not Only About Having Good Attitudes: Factor Exploration of the Attitudes Toward Security Recommendations" (2024). Engineering Management & Systems Engineering Faculty Publications. 214.
https://digitalcommons.odu.edu/emse_fac_pubs/214
Included in
Databases and Information Systems Commons, Industrial and Organizational Psychology Commons, Information Security Commons