Assessing thriving at work and employee competence for information security job performance
- UNCG Author/Contributor (non-UNCG co-authors, if there are any, appear on document)
- Joti Kaur (Creator)
- Institution
- The University of North Carolina at Greensboro (UNCG )
- Web Site: http://library.uncg.edu/
- Advisor
- Kane J. Smith
Abstract: Majority of the organizations are continuously under threat because of employees’ mishandling of sensitive information. While information security is an integral part of employee responsibility, failure to follow security procedures and non-compliance with organizational information security policies result in sub-par job performance. There are numerous instances where regular employees have inadvertently and without malicious intent caused a data breach (for instance, the Federal Deposit Insurance Corp. data breach in 2016, Home Depot data breach in 2014, Colonial Pipeline cyberattack in 2021). Given the fact that close to 51 percent of information threats are posed by organizations’ employees, it is crucial to understand how information security job performance can be enhanced to mitigate such threats. While studies over the past several decades have acknowledged the importance of security education training and awareness (SETA) programs (Puhakainen and Siponen, 2010; Hu et al., 2021; Dhillon et al., 2020) and other motivational strategies to ensure compliance, there has been limited emphasis on improving information security job performance by developing competent individuals. This research facilitates a deeper understanding of the multifaceted and complex construct of information security job performance as an outcome of an individual self-adaptive process which includes thriving in the work environment and competence to fulfil one’s job responsibility. Thriving is an important domain of inquiry as it is a subjective experience that allows employees to develop in a positive manner. To further understand the knowledge, ability, and skills from information security related behavior of employees, we explored the impact of psychological capital which is a higher-order construct comprising the work-related tenets of positive psychology: hope, self-efficacy, resilience, and optimism. Furthermore, we also investigated the impact of employee competence on information security job performance. Drawing from the extant literature, competence is an idiosyncratic combination of what Weick and Roberts (1993) term as know-how and know-that. We conducted this research using a sequential qualitative and quantitative approach situated in a large public sector bank in India. The findings of this research have both theoretical and practical implications. Our results show that employee competence leveraged through thriving and agentic work behaviors can impact information security job performance. Overall, this research extends the information security literature by exploring the dimensionality of information security job performance and also offers insights on improving employee competence towards information security roles and activities.
Assessing thriving at work and employee competence for information security job performance
PDF (Portable Document Format)
1230 KB
Created on 12/1/2022
Views: 10
Additional Information
- Publication
- Dissertation
- Language: English
- Date: 2022
- Keywords
- Competence, Information security, Information security job performance, Thriving at work
- Subjects
- Computer security
- Information technology $x Security measures
- Employees $x Training of