Towards a Process Model of Collective Deviance of InfoSec Policies (CISD)

Main funder

Funder's project number: 348333

Funds granted by main funder (€)

  • 232 451,00

Funding program

Project timetable

Project start date: 01/09/2022

Project end date: 31/08/2025


Information systems security (ISS) has become an imperative for organizations, emerging as a vital pillar for business resilience and continuity because the more organizations and society get digitalized, the higher the risk of cyber-attacks. In IS literature, it is well known the crucial role of employees’ behavior to achieve and maintain ISS. Nonetheless, prior IS research on deviant behavior or non-compliance primarily focused on individual-level studies. The absence of group-level studies blinds researchers in understanding how workgroups influence individual and organizational cybersecurity measures. Studies on deviance at group level, known as collective deviance or co-offending (e.g., McGloin and Thomas 2016), have gathered more attention from social psychology and criminology researchers. It is suggested that larger collectives can motivate deviant behavior and push someone who may be naturally disinclined toward crime, delinquency, or different sorts of deviance. Accordingly, this project suggests a group-level perspective to explain collective deviance in IS and extend clarity on reasons behind IS non-compliance in the workplace. The current proposal aims to investigate IS deviance within workgroups and to uncover how collective IS deviance occurs in the workplace. I will conduct an interpretive qualitative study with real-life narratives because of its ability to uncover cognitive and cultural elements of respondents and important aspects of social structure. This project seeks to unveil how group behavior influences organizational ISS efforts and helps managers to prevent deviance by developing group-oriented strategies.

Principal Investigator

Primary responsible unit

Last updated on 2022-06-07 at 12:45