Applying an extended model of deterrence across cultures: An investigation of information systems misuse in the U.S. and South Korea

Intentional employee misuse of IS is a global problem. Research suggests that security countermeasures can deter misuse by increasing the perceived certainty and severity of punishment for such behavior. However, the value of generalizing this work beyond Western cultures is open to question. In our study, we examined whether national culture influenced the deterrent capabilities of security policies, security education, training, and awareness programs and computer monitoring. Using U.S. and Korean samples, we found evidence that the deterrent effect of certain security countermeasures varied between the two countries, as did the influence of age and gender. The results have implications for information security management practices in global businesses.

[1]  Travis C. Pratt,et al.  The Empirical Status of Deterrence Theory: A Meta-Analysis , 2006 .

[2]  Qing Hu,et al.  User behaviour towards protective information technologies: the role of national cultural differences , 2009, Inf. Syst. J..

[3]  James Noble,et al.  Persuasive interaction for collectivist cultures , 2006, AUIC.

[4]  Peter Strelan,et al.  Why drug testing in elite sport does not work: Perceptual deterrence theory and the role of personal moral beliefs , 2006 .

[5]  Jin Wang,et al.  Correlates of formal and informal social/crime control in China: An exploratory study , 2007 .

[6]  Frantz Rowe,et al.  Development of shared understanding between the Chief Information officer and top management team in U.S. and French Organizations: a cross-cultural comparison , 2006, IEEE Transactions on Engineering Management.

[7]  A. Hwang,et al.  The Relationship Between Individualism-Collectivism, Face, And Feedback And Learning Processes In Hong Kong, Singapore, And The United States , 2003 .

[8]  Jin Wang,et al.  Correlates of support for capital punishment in China , 2008 .

[9]  D'ArcyJohn,et al.  User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse , 2009 .

[10]  Jintae Lee,et al.  A holistic model of computer abuse within organizations , 2002, Inf. Manag. Comput. Secur..

[11]  Bruce A. Jacobs,et al.  DETERRENCE AND DETERRABILITY , 2010 .

[12]  Rathindra Sarathy,et al.  Understanding compliance with internet use policy from the perspective of rational choice theory , 2010, Decis. Support Syst..

[13]  Elizabeth Monk-Turner,et al.  Gender differences in occupational status in the South Korean labor market: 1988‐1998 , 2007 .

[14]  Il Im,et al.  An international comparison of technology adoption: Testing the UTAUT model , 2011, Inf. Manag..

[15]  Qing Hu,et al.  Assimilation of Enterprise Systems: The Effect of Institutional Pressures and the Mediating Role of Top Management , 2007, MIS Q..

[16]  Jong-min Choe,et al.  The consideration of cultural differences in the design of information systems , 2004, Inf. Manag..

[17]  Michael T. Rehg,et al.  The Influence of Confucian Ethics and Collectivism on Whistleblowing Intentions: A Study of South Korean Public Employees , 2005 .

[18]  Hock-Hai Teo,et al.  An integrative study of information systems security effectiveness , 2003, Int. J. Inf. Manag..

[19]  Dan J. Kim,et al.  Self-Perception-Based Versus Transference-Based Trust Determinants in Computer-Mediated Transactions: A Cross-Cultural Comparison Study , 2008, J. Manag. Inf. Syst..

[20]  Harold G. Grasmick,et al.  workplace deviance in japan: applying an extended model of deterrence , 2002 .

[21]  Bruce G. S. Hardie,et al.  Why Managers Fail to Do the Right Thing , 2007 .

[22]  Dennis F. Galletta,et al.  User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach , 2009, Inf. Syst. Res..

[23]  Ming-chung Yu On the universality of face: evidence from chinese compliment response behavior , 2003 .