Effects of Organizational Citizenship Behavior and Social Cognitive Factors on Employees' Non-Malicious Counterproductive Computer Security Behaviors: An Empirical Analysis

Employees’ non-malicious counterproductive computer security behaviors (CCSB) at work could put organizations’ information-related assets at risk, if unchecked. Using concepts from the social cognitive and organizational citizenship behavior (OCB) theoretical frameworks, this study examined the effects of observational learning/modeling, social support, and OCB (i.e., helping behaviors and civic virtue) on employees’ desire to indulge in CCSB. A research model including the aforementioned factors was proposed and tested using the partial least squares (PLS) technique. A survey of Canadian professionals’ opinions was used. The result did not affirm the relationship between employees’ observational learning/modeling and intentions to engage in CCSB. The results, however, confirmed that social support and OCB (i.e., helping behaviors and civic virtue) have significant negative effects on intentions to engage in CCSB, which, in turn, has a significant positive effect on employees’ self-reported indulgence of CCSB at work.

[1]  Young U. Ryu,et al.  Self-efficacy in information security: Its influence on end users' information security practice behavior , 2009, Comput. Secur..

[2]  Wynne W. Chin Issues and Opinion on Structural Equation Modeling by , 2009 .

[3]  Ritu Agarwal,et al.  Practicing Safe Computing: A Multimedia Empirical Examination of Home Computer User Security Behavioral Intentions , 2010, MIS Q..

[4]  Eldon Y. Li,et al.  Do organizational citizenship behaviors lead to information system success?: Testing the mediation effects of integration climate and project management , 2008, Inf. Manag..

[5]  A. Bandura Health Promotion by Social Cognitive Means , 2004, Health education & behavior : the official publication of the Society for Public Health Education.

[6]  Patrick Y. K. Chau,et al.  Development and validation of instruments of information security deviant behavior , 2014, Decis. Support Syst..

[7]  Scott B. MacKenzie,et al.  Organizational Citizenship Behavior and the Quantity and Quality of Work Group Performance , 1997, The Journal of applied psychology.

[8]  Izak Benbasat,et al.  Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness , 2010, MIS Q..

[9]  V. Tilden,et al.  Social support and the chronically ill individual. , 1987, The Nursing clinics of North America.

[10]  Catherine E. Connelly,et al.  Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model , 2011, J. Manag. Inf. Syst..

[11]  Ken H. Guo Security-related behavior in using information systems in the workplace: A review and synthesis , 2013, Comput. Secur..

[12]  Princely Ifinedo,et al.  Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory , 2012, Comput. Secur..

[13]  A. Bandura Social Foundations of Thought and Action: A Social Cognitive Theory , 1985 .

[14]  Terrance Weatherbee Counterproductive use of technology at work: Information & communications technologies and cyberdeviancy , 2010 .

[15]  Blair H. Sheppard,et al.  THEORY OF REASONED ACTION , 2014 .

[16]  Detmar W. Straub,et al.  Specifying Formative Constructs in Information Systems Research , 2007, MIS Q..

[17]  Fred D. Davis,et al.  Developing and Validating an Observational Learning Model of Computer Software Training and Skill Acquisition , 2003, Inf. Syst. Res..

[18]  R. Bies,et al.  Organizational Citizenship Behavior: The Good Soldier Syndrome , 1989 .

[19]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[20]  Tejaswini Herath,et al.  Understanding Employee Responses to Stressful Information Security Requirements: A Coping Perspective , 2014, J. Manag. Inf. Syst..

[21]  Sarv Devaraj,et al.  Employee Misuse of Information Technology Resources: Testing a Contemporary Deterrence Model , 2012, Decis. Sci..

[22]  Hui Liao,et al.  Interpersonal aggression in work groups , 2003 .

[23]  Houston H. Carr,et al.  Threats to Information Systems: Today's Reality, Yesterday's Understanding , 1992, MIS Q..

[24]  P. Sheeran Intention—Behavior Relations: A Conceptual and Empirical Review , 2002 .

[25]  Eirik Albrechtsen,et al.  A qualitative study of users' view on information security , 2007, Comput. Secur..

[26]  Princely Ifinedo,et al.  SOCIAL-COGNITIVE MECHANISMS AND COUNTERPRODUCTIVE COMPUTER SECURITY BEHAVIORS (CCSB): AN ANALYSIS OF LINKS , 2014 .

[27]  Brian P. Niehoff,et al.  Organizational Citizenship Behaviors: Their Relationship to Organizational Effectiveness , 2000 .

[28]  Princely Ifinedo,et al.  Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition , 2014, Inf. Manag..

[29]  Daniel G. Bachrach,et al.  Organizational Citizenship Behaviors: A Critical Review of the Theoretical and Empirical Literature and Suggestions for Future Research , 2000 .

[30]  I. Sarason,et al.  Assessing Social Support: The Social Support Questionnaire. , 1983 .

[31]  Princely Ifinedo,et al.  Social Cognitive Determinants of non-Malicious, counterproductive Computer Security Behaviors (Ccsb): an Empirical Analysis , 2014, MCIS.

[32]  Jeffrey M. Stanton,et al.  Analysis of end user security behaviors , 2005, Comput. Secur..

[33]  Paul E. Spector,et al.  Counterproductive Work Behavior and Organisational Citizenship Behavior: Are They Opposite Forms of Active Behavior? , 2010 .

[34]  Tejaswini Herath,et al.  Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness , 2009, Decis. Support Syst..

[35]  Mikko T. Siponen,et al.  Using the theory of interpersonal behavior to explain non-work-related personal use of the Internet at work , 2013, Inf. Manag..

[36]  Scott B. MacKenzie,et al.  Common method biases in behavioral research: a critical review of the literature and recommended remedies. , 2003, The Journal of applied psychology.

[37]  C. Fornell,et al.  Evaluating structural equation models with unobservable variables and measurement error. , 1981 .