A1 Journal article (refereed)
Executives’ Commitment to Information Security : Interaction between the Preferred Subordinate Influence Approach (PSIA) and Proposal Characteristics (2020)


Menon, N. M., & Siponen, M. (2020). Executives’ Commitment to Information Security : Interaction between the Preferred Subordinate Influence Approach (PSIA) and Proposal Characteristics. Data Base for Advances in Information Systems, 51(2), 36-53. https://doi.org/10.1145/3400043.3400047


JYU authors or editors


Publication details

All authors or editors: Menon, Nirup M.; Siponen, Mikko

Journal or series: Data Base for Advances in Information Systems

ISSN: 1532-0936

eISSN: 2331-1622

Publication year: 2020

Volume: 51

Issue number: 2

Pages range: 36-53

Publisher: Association for Computing Machinery

Publication country: United States

Publication language: English

DOI: https://doi.org/10.1145/3400043.3400047

Persistent website address: https://dl.acm.org/citation.cfm?id=J219

Publication open access: Not open

Publication channel open access:

Publication is parallel published (JYX): https://jyx.jyu.fi/handle/123456789/63666


Abstract

Two aspects of decision-making on information security spending, executives' varying preferences for how proposals should be presented and the framing of the proposals, are developed. The proposed model of executives' commitment to information security is an interaction model (in addition to the cost of a security solution, and the risk and the potential loss of a security threat) consisting of the interaction between an executive's preferred subordinate influence approach (PSIA), rational or inspirational, and the framing, positive or negative, of a security proposal. The interaction of these two constructs affects the executive's commitment to an information security proposal. The model is tested using a scenario-based experiment that elicited responses from business executives across 100+ organizations. Results show that the interaction of the negative framing of a proposal and the inspirational PSIA of an executive affects his or her commitment to information security. Further, negative framing of a proposal and the cost of the security solution interact to decrease the executive's commitment to information security. This study underscores that prescriptions for business executives from normative models in information security spending must be complemented with appropriately framed messages to account for the differences in executives' PSIA (rational and inspirational) and cognitive biases.


Keywords: resources; allocation (active); data security; decision making; heuristic; resource allocation; cognitive biases

Free keywords: negative framing; prospect theory; cognitive bias; heuristic systematic model; information security


Contributing organizations

Other organizations:


Ministry reporting: Yes

Reporting Year: 2020

JUFO rating: 1


Last updated on 2022-14-09 at 11:55