User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach

D’Arcy, John; Hovav, Anat; Galletta, Dennis F.

doi:10.1287/isre.1070.0160

articleInformation Systems ResearchJun 21, 2008Closed access

User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach

JDJohn D’Arcy AHAnat Hovav DFDennis F. Galletta

University of Notre Dame · Korea University · +1 more institution

Indexed incrossref

Abstract

Intentional insider misuse of information systems resources (i.e., IS misuse) represents a significant threat to organizations. For example, industry statistics suggest that between 50%–75% of security incidents originate from within an organization. Because of the large number of misuse incidents, it has become important to understand how to reduce such behavior. General deterrence theory suggests that certain controls can serve as deterrent mechanisms by increasing the perceived threat of punishment for IS misuse. This paper presents an extended deterrence theory model that combines work from criminology, social psychology, and information systems. The model posits that user awareness of security…

Citation impact

1,156

total citations

FWCI: 53.40
Percentile: 100%
References: 104

Citations per year

Authors

3

Topics & keywords

Topics

Keywords

Sanctions
Deterrence theory
Punishment (psychology)
Insider threat
Computer security
Certainty
Information security
Deception

UN Sustainable Development Goals

Peace, Justice and strong institutions

No related works found for this paper.