Understanding information security stress: Focusing on the type of information security compliance activity

Chunghun Lee, Choong C. Lee, Suhyun Kim

Research output: Contribution to journalArticle

23 Citations (Scopus)

Abstract

Organizations are intensifying their information security levels, as information security has become an essential element in business management. However, excessive focus on the mere reinforcement of information security has placed employees under stress. Studies have confirmed that the negative effects of stress include reduced employee productivity. Therefore, it is important to manage employee stress while enforcing information security in an organization. Based on person-environment fit theory, this study examines how employees become stressed, the factors behind information security stress (ISS), and the differences between managerial and technical security-oriented organizations. The results show that work overload and invasion of privacy are information security stressors. Furthermore, work overload has a greater effect on ISS in managerial security-oriented organizations, while invasion of privacy exerts a greater influence on ISS in technical security-oriented organizations. In addition, attitude to compliance with the information security policy mitigates work overload and invasion of privacy. These findings can be used as a basic reference for the establishment of employee stress management measures and the evaluation of information security stress levels.

Original languageEnglish
Pages (from-to)60-70
Number of pages11
JournalComputers and Security
Volume59
DOIs
Publication statusPublished - 2016 Jun 1

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Law

Fingerprint Dive into the research topics of 'Understanding information security stress: Focusing on the type of information security compliance activity'. Together they form a unique fingerprint.

  • Cite this