Towards a Process Model of Collective Deviance of InfoSec Policies (CISD)
Main funder
Funder's project number: 348333
Funds granted by main funder (€)
- 232 451,00
Funding program
Project timetable
Project start date: 01/09/2022
Project end date: 31/08/2025
Summary
Information systems security (ISS) has become an imperative for organizations, emerging as a vital pillar for business resilience and continuity because the more organizations and society get digitalized, the higher the risk of cyber-attacks. In IS literature, it is well known the crucial role of employees’ behavior to achieve and maintain ISS. Nonetheless, prior IS research on deviant behavior or non-compliance primarily focused on individual-level studies. The absence of group-level studies blinds researchers in understanding how workgroups influence individual and organizational cybersecurity measures. Studies on deviance at group level, known as collective deviance or co-offending (e.g., McGloin and Thomas 2016), have gathered more attention from social psychology and criminology researchers. It is suggested that larger collectives can motivate deviant behavior and push someone who may be naturally disinclined toward crime, delinquency, or different sorts of deviance. Accordingly, this project suggests a group-level perspective to explain collective deviance in IS and extend clarity on reasons behind IS non-compliance in the workplace. The current proposal aims to investigate IS deviance within workgroups and to uncover how collective IS deviance occurs in the workplace. I will conduct an interpretive qualitative study with real-life narratives because of its ability to uncover cognitive and cultural elements of respondents and important aspects of social structure. This project seeks to unveil how group behavior influences organizational ISS efforts and helps managers to prevent deviance by developing group-oriented strategies.
