Future Directions for Behavioral Information Security Research

Computers & Security, Vol. 32(1), pp. 90-101 (doi:10.1016/j.cose.2012.09.010)

38 Pages Posted: 11 Nov 2012 Last revised: 22 Aug 2014

Robert Crossler

Washington State University - Department of Management, Information Systems, and Entrepreneurship (MISE)

Allen Johnston

University of Alabama at Birmingham - Department of Accounting and Information Systems

Paul Benjamin Lowry

The University of Hong Kong - School of Business

Qing Hu

Zicklin School of Business, Baruch College - The City University of New York

Merrill Warkentin

Mississippi State University - Department of Management and Information Systems

Richard Baskerville

Georgia State University

Date Written: September 26, 2012

Abstract

Information Security (InfoSec) research is far reaching and includes many approaches to deal with protecting and mitigating threats to the information assets and technical resources available within computer based systems. Although a predominant weakness in properly securing information assets is the individual user within an organization, much of the focus of extant security research is on technical issues. The purpose of this paper is to highlight future directions for Behavioral InfoSec research, which is a newer, growing area of research. The ensuing paper presents information about challenges currently faced and future directions that Behavioral InfoSec researchers should explore. These areas include separating insider deviant behavior from insider misbehavior, approaches to understanding hackers, improving information security compliance, cross-cultural Behavioral InfoSec research, and data collection and measurement issues in Behavioral InfoSec research.

Keywords: Information Security, Future Research, Behavioral Information Security, Research Challenges, Deviant Security Behavior

Suggested Citation

Crossler, Robert and Johnston, Allen and Lowry, Paul Benjamin and Hu, Qing and Warkentin, Merrill and Baskerville, Richard, Future Directions for Behavioral Information Security Research (September 26, 2012). Computers & Security, Vol. 32(1), pp. 90-101 (doi:10.1016/j.cose.2012.09.010). Available at SSRN: https://ssrn.com/abstract=2173644

Robert Crossler

Washington State University - Department of Management, Information Systems, and Entrepreneurship (MISE) ( email )

Todd Hall 442
PO Box 644743
Pullman, WA 99164-4743
United States

Allen Johnston

University of Alabama at Birmingham - Department of Accounting and Information Systems ( email )

Birmingham, AL 35294
United States

Paul Benjamin Lowry (Contact Author)

The University of Hong Kong - School of Business ( email )

Meng Wah Complex
Pokfulam Road
Hong Kong
China

Qing Hu

Zicklin School of Business, Baruch College - The City University of New York ( email )

55 Lexington Ave
P. O. Box B13-276
New York, NY 10011
United States
646-312-3049 (Phone)

HOME PAGE: http://zicklin.baruch.cuny.edu/faculty/profiles/qing-hu

Merrill Warkentin

Mississippi State University - Department of Management and Information Systems ( email )

United States

Richard Baskerville

Georgia State University ( email )

35 Broad Street
Atlanta, GA 30303-3083
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
174
rank
156,288
Abstract Views
859
PlumX