Employees' non-malicious, counterproductive computer security behaviors (CCSB) in Nigeria and Canada: An empirical and comparative analysis

Employees indulgence in counterproductive computer security behaviors (CCSB) is a growing phenomenon worldwide. Essentially, CCSB are ill-prescribed computer use practices and general information security behaviors that go against the legitimate interests of an organization. While research on such issues is beginning to emerge in the developed West, information and perspectives from developing countries such as Nigeria is rare in the extant literature. This current study was designed to fill the gap in the literature by providing insights about employees' non-malicious, CCSB in Nigeria and Canada. Data for the study was collected from a field survey and secondary data sources. Relevant data analyses were performed. The results showed that employees' indulgence in CCSB differ by locations or contexts, and importantly socio-economic factors (i.e. national wealth (GDP), transparency, and literacy rates) and the cultural dimensions of individualism versus collectivism (EDV) and uncertainty avoidance (UAI) considered in this study were found to have significant bearings on participants' desire to indulge in CCSB at work. The implications of our findings to both research and practice were succinctly discussed.

[1]  Mikko T. Siponen,et al.  Motivating IS security compliance: Insights from Habit and Protection Motivation Theory , 2012, Inf. Manag..

[2]  Catherine E. Connelly,et al.  Understanding Nonmalicious Security Violations in the Workplace: A Composite Behavior Model , 2011, J. Manag. Inf. Syst..

[3]  Jeffrey M. Stanton,et al.  Analysis of end user security behaviors , 2005, Comput. Secur..

[4]  Qing Hu,et al.  Future directions for behavioral information security research , 2013, Comput. Secur..

[5]  Princely Ifinedo,et al.  The effects of national culture on the assessment of information security threats and controls in financial services industry , 2014, Int. J. Electron. Bus. Manag..

[6]  P. Ifinedo Measuring Africa's e-readiness in the global networked economy: A nine-country data analysis , 2005 .

[7]  Kallol Kumar Bagchi,et al.  Global software piracy , 2006, Commun. ACM.

[8]  Princely Ifinedo,et al.  Information technology security management concerns in global financial services institutions: Is national culture a differentiator? , 2009, Inf. Manag. Comput. Secur..

[9]  Diego Comin,et al.  An Exploration of Technology Diffusion , 2006 .

[10]  Houston H. Carr,et al.  Threats to Information Systems: Today's Reality, Yesterday's Understanding , 1992, MIS Q..

[11]  Miha Škerlavaj,et al.  Decoupling management and technological innovations: Resolving the individualism-collectivism controversy , 2013 .

[12]  Izak Benbasat,et al.  Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness , 2010, MIS Q..

[13]  Princely Ifinedo,et al.  Risk factors in the collaborative development of management information systems for Nigerian universities , 2006 .

[14]  Suleiman K. Kassicieh,et al.  Drivers of E-business activity in developed and emerging markets , 2005, IEEE Transactions on Engineering Management.

[15]  Princely Ifinedo Information Technology Security Concerns in Global Financial Services Institutions: Do Socio-Economic Factors Differentiate Perceptions? , 2009, Int. J. Inf. Secur. Priv..

[16]  Qing Hu,et al.  Does deterrence work in reducing information security policy abuse by employees? , 2011, Commun. ACM.

[17]  P. Ifinedo An Exploratory Study of the Relationships between Selected Contextual Factors and Information Security Concerns in Global Financial Services Institutions , 2011 .

[18]  Jared Freeman,et al.  Training organizational supervisors to detect and prevent cyber insider threats: two approaches , 2013, EAI Endorsed Trans. Security Safety.

[19]  Thomas H. Davenport,et al.  The New Industrial Engineering: Information Technology and Business Process Redesign , 2011 .

[20]  Princely Ifinedo,et al.  Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition , 2014, Inf. Manag..

[21]  Detmar W. Straub,et al.  Moving toward black hat research in information systems security: an editorial introduction to the special issue , 2010 .

[22]  Detmar W. Straub,et al.  Featured Talk: Measuring Secure Behavior: A Research Commentary , 2012 .