Job Quitters, Information Security Awareness, and Knowledge Management Strategies

Information security culture plays a crucial role in improving employees’ security awareness within a firm. Knowledge management initiatives can help transform culturally unfit workers into those who will possess the necessary level of security awareness and are aligned with a firm’s information security culture. This research analytically models and studies the best knowledge management performance quotient (KMPQ) in a firm to convert workers who are unfit into those who fit with its security culture in order to improve the firm’s organizational level of security awareness (OLSA) and maximize its total payoff. When the potential security threat comes from all the workers who depart the firm, either voluntarily or involuntarily, findings in this study suggest that the firm should implement full knowledge management initiatives to achieve a KMPQ as high as possible if the loss from the security threat is less than a specific threshold level. This study further differentiates three sources of a security threat (voluntary unfit quitters, voluntary fit quitters, and involuntary quitters), and assesses the firm’s best KMPQ accordingly. In addition, this article illustrates the implementation process of the firm’s knowledge management strategies based on the study’s decision framework. This research provides valuable guidance for practitioners to effectively implement knowledge management strategies to build a successful information security culture within organizations.

[1]  Atreyi Kankanhalli,et al.  Impact of Security Measures on the Usefulness of Knowledge Management Systems , 2005, PACIS.

[2]  Markus Rittenbruch,et al.  Sustained knowledge management by organizational culture , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[3]  Mikko T. Siponen,et al.  Improving Employees' Compliance Through Information Systems Security Training: An Action Research Study , 2010, MIS Q..

[4]  Izak Benbasat,et al.  Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness , 2010, MIS Q..

[5]  Roberto J. Mejias,et al.  A Model of Information Security Awareness for Assessing Information Security Risk for Emerging Technologies , 2014 .

[6]  Dorothy E. Leidner,et al.  An Empirical Examination of the Influence of Organizational Culture on Knowledge Management Practices , 2005, J. Manag. Inf. Syst..

[7]  Vincent Ribière,et al.  Critical attributes of organizational culture that promote knowledge management technology implementation success , 2004, J. Knowl. Manag..

[8]  Shalini Kesar,et al.  Knowledge management within information security: the case of Barings Bank , 2008, Int. J. Bus. Inf. Syst..

[9]  Dorothy E. Leidner,et al.  The Role of Culture in Knowledge Management: A Case Study of Two Global Firms , 2006, Int. J. e Collab..

[10]  Dennis Lupiana,et al.  Development of a framework to leverage knowledge management systems to improve security awareness. , 2008 .

[11]  Zuopeng Justin Zhang,et al.  Knowledge management strategy and organizational culture , 2014, J. Oper. Res. Soc..

[12]  Peng Zhang,et al.  Family Work Conflict and Information Security Policy Compliance - An Empirical Study , 2016, AMCIS.

[13]  R. Wigand,et al.  Organizational Privacy Strategy: Four Quadrants of Strategic Responses to Information Privacy and Security Threats , 2014 .

[14]  Fátima Guadamillas,et al.  The effect of organizational culture on knowledge management practices and innovation , 2010 .

[15]  Wm. Arthur Conklin,et al.  Introducing the Information Technology Security Essential Body of Knowledge Framework , 2009 .

[16]  Li Yang,et al.  Supporting Case-Based Learning in Information Security with Web-Based Technology , 2013, J. Inf. Syst. Educ..

[17]  Frank Pallas,et al.  Information Security and Knowledge Management: Solutions Through Analogies? , 2007 .

[18]  Alain Bensoussan,et al.  When Hackers Talk: Managing Information Security Under Variable Attack Rates and Knowledge Dissemination , 2011, Inf. Syst. Res..

[19]  Patrick S. W. Fong,et al.  Organizational Culture and Knowledge Management Success at Project and Organizational Levels in Contracting Firms , 2009 .

[20]  Suzanne Zyngier,et al.  Security as a contributor to knowledge management success , 2007, Inf. Syst. Frontiers.

[21]  Pauline Ratnasingam,et al.  A knowledge architecture for IT security , 2007, CACM.

[22]  Dennis F. Galletta,et al.  User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach , 2009, Inf. Syst. Res..