逻辑与具体
计算机安全
计算机科学
业务
公共关系
工程管理
工程类
过程管理
心理学
知识管理
政治学
社会心理学
作者
W. Alec Cram,John D’Arcy,Alexander Benlian
标识
DOI:10.25300/misq/2023/17707
摘要
Many of the theories used in behavioral cybersecurity research have been applied with a nomothetic approach, which is characterized by cross-sectional data (e.g., one-time surveys) that identify patterns across a population of individuals. Although this can provide valuable between-person, point-in-time insights (e.g., employees who use neutralization techniques, such as denying responsibility for cybersecurity policy violations, tend to comply less), it is unable to reveal within-person patterns that account for varying experiences and situations over time. This paper articulates why an idiographic approach, which undertakes a within-person analysis of longitudinal data, can: (1) help validate widely used theories in behavioral cybersecurity research that imply patterns of behavior within a given person over time and (2) provide distinct theoretical insights on behavioral cybersecurity phenomena by accounting for such within-person patterns. To these ends, we apply an idiographic approach to an established theory in behavioral cybersecurity research—neutralization theory—and empirically test a within-person variant of this theory using a four-week experience sampling study. Our results support a more granular application of neutralization theory in the cybersecurity context that considers the behavior of a given person over time. We conclude the paper by highlighting the contexts and theories that provide the most promising opportunities for future behavioral cybersecurity research using an idiographic approach.
科研通智能强力驱动
Strongly Powered by AbleSci AI