Comment les facteurs de motivation à la protection et du lien social influencent les comportements en matière de sécurité de l’information

Auteurs

  • Jean-François Berthevas IAE Orleans, Université d'Orléans

Mots-clés :

Protection motivation theory, social bond theory, malware protection, information security awareness, gender, work experience, PLS-SEM.

Résumé

Les technologies numériques sont omniprésentes, avec pour corollaire la prolifération des attaques contre les actifs informationnels. Ainsi, la sécurité de l’information (IS) semble être une question cruciale pour les individus et les gestionnaires. Si les tentatives d’identification des facteurs qui guident le comportement des acteurs en matière de sécurité de l’information (ISB) ne sont pas nouvelles, cette identification reste plus nécessaire et actuelle que jamais. De ce point de vue, cette étude empirique contribue à une meilleure compréhension des facteurs cognitifs et de socialisation qui influencent les comportements en matière de sécurité de l’information. En utilisant un modèle hiérarchique de second ordre avec modélisation partielle par équations structurelles des moindres carrés (PLS-SEM), nous testons pour la première fois l’applicabilité de la théorie de la motivation de protection (PMT) et de la théorie du lien social (SBT) à la sensibilisation aux technologies de la sécurité de l’information (ISTA) et au comportement de protection contre les logiciels malveillants (MPB) de 430 étudiants. Premièrement, nos résultats démontrent que la combinaison de la PMT et de la SBT produit un modèle plus robuste pour l’analyse de l’ISTA et de la MPB que si l’on considère chacune de ces théories séparément. Deuxièmement, l’ISTA agit en partie comme médiateur des liens sociaux et de la motivation de protection et pourrait donc être un comportement de sécurité fondamental. Si nous soulignons le rôle prépondérant de l’implication, la différence significative observée dans les ISB des deux sexes est liée à la plus forte influence pour les femmes, des liens sociaux sur l’ISTA. Ce résultat s’explique notamment par des effets plus homogènes des facteurs de socialisation chez les femmes que chez les hommes. Nous suggérons que la conception des programmes et de l’enseignement de l’ISTA soit mieux adaptée aux différents facteurs cognitifs et de socialisation des individus, notamment en mettant l’accent sur les liens sociaux et, plus spécifiquement, sur l’implication. Nous fournissons également des recommandations détaillées sur la manière dont les praticiens peuvent améliorer les ISB des individus.

Biographie de l'auteur

Jean-François Berthevas, IAE Orleans, Université d'Orléans

Jean-Francois Berthevas est Maître de Conférences à l’École de Management de l’Université d’Orléans, France. Il est membre du Centre de Recherche Val de Loire Recherche en Management (VALLOREM, Tours et Orléans). Ses recherches actuelles portent sur la sécurité de l’information et les questions comportementales, ainsi que sur la transformation numérique des organisations. Il a été directeur de l’école de management de l’université d’Orléans (France). Il a 21 ans d’expérience en entreprise, dont 10 ans comme informaticien et 7 ans comme manager dans le domaine des télécommunications et de la cybersécurité dans de grandes entreprises (IBM GNS, AT&T GNS, Engie).

Références

Ahuja, MK & Thatcher, J.B. (2005, “Moving beyond intention and toward the theory of trying: effects of work environment and gender on post-adoption information technology use”, MIS Quarterly, vol. 29, n°3, p. 427-459.

Adya, M. & Kaiser, K. (2005), “Early determinants of women in the IT workforce: A model of girls’ career choice”, Information Technology and People, vol.18, n°3, p. 230-259.

Anderson, C.L., R. Agarwal, R. (2010). “Practicing safe computing: a multimethod empirical examination of home computer user security behavioral intentions”, MIS Quarterly, vol. 34, n°33, p. 613-643.

Anwar, M., He, W., Ivan Ash, I., Yuan, X., Li, L., & Xu, L. (2017), “gender difference and employees’ cybersecurity behaviors”, Computers in Human Behavior, vol. 69, p. 437-443.

Baillette, P., Barlette, Y., Leclercq-Vandelannoitte, A. (2018), “Bring Your Own Device in organizations: extending the reversed IT adoption logic to security paradoxes for CEOs and end-users”, International Journal of Information Management, vol. 43, p. 76-84.

Bandura, A. (1986), “Social foundations of thought and action: A social cognitive theory”, Englewood Cliffs, NJ: Prentice Hall.

Berthevas, J-F., (2018), “Students’ computers safety behaviors, under effects of cognition and socialization: when gender and job experience influence information security behaviors”, IEEE International Conference on Technology Management, Operations and Decisions (ICTMOD).

Berthevas, J-F., (2019), “Students' computers safety behaviors, under effects of cognition and socialization: when gender and job experience influence information security behaviors”, 24eme conférence de l’Assocition Information & Management (AIM), Nantes, France.

Boss, S. R., Galletta, D. F., Lowry, P. B., Moody, G. D., & Polak, P. (2015), “What do users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors”, MIS Quaterly, vol. 39, n°4, p. 837-864.

Brown, S.A, Massey, A.P., Montoya-Weiss M. M. and Burkman JR. (2002), “Do I really have to? User acceptance of mandated technology”, European Journal of Information Systems, vol. 11, n°4, p.283-295.

Buffalo, M. D. & Rogers, J. W. (1971), “Behavioral norms, moral norms, and attachment: problems of deviance and conformity”, Social Problems, vol. 19, n°1, p. l0l-113.

Bulgurcu, B., Cavusoglu, H., Benbasat, I.I. (2010), “Information Security Policy compliance: an empirical study of rationality-based beliefs and information security awareness”, MIS Quarterly, vol. 34, n°3, p. 523–548.

Casper W.J., C.M. Harris, C.M. (2007), “Work-life benefits and organizational attachment: Selfinterest utility and signaling theory models”, Journal of Vocational Behavior, vol. 72, n°1, p. 95-109.

Chandon, P., Morwitz, V. G., Reinartz, W., J. (2005), “Do Intentions Really Predict Behavior? Self-Generated Validity Effects in Survey Research”, Journal of Marketing, vol. 69, n°2, p. 1-14.

Chattopadhyay, P., George, E., Shulman, A. (2008), “The asymmetrical influence of sex dissimilarity in distributive vs. colocated work groups”, Organization Science, vol. 19n n°4, p. 581-593.

Cheng, L., Li, Y., Li, W., Holm, E., & Zhai, Q, (2013), “Understanding the violation of IS security policy in organizations: An integrated model based on social control and deterrence theory”, Computers and Security, vol. 39, p. 447‑459.

Chriss, J. J. (2007), “The functions of social bond”, The Sociological Quarterly, vol.48, p. 689-712.

Claar CL, Johnson J. (2012), “Analyzing home PC security adoption behavior”, Journal of Computer Information System, vol. 52, n°4, p. 20–29.

Cohen, J. (1988). “Statistical Power Analysis for the Behavioral Sciences”, Lawrence Erlbaum Associates, Hillsdale, NJ.

Cram, A., D’Arcy., J., Proudfout, J.G. (2019), “A meta-analysis of the antecedents to information security Policy Compliance”, MIS Quarterly, vol. 43, n°2, p. 525-554.

Crossler, R.E, Long, J.H, Loraas, T.M. Trinkle B.S. (2014), “Understanding compliance with BYOD (bring your own device) policies utilizing protection motivation theory: bridging the intention behavior gap” Journal of Information System, vol. 28, n°1, p. 209-226.

D’Arcy, J., Hovav, A., & Galletta, D. (2009). “User Awareness of Security Countermeasures and Its Impact on Information Systems Misuse: A Deterrence Approach”, Information Systems Research, vol. 20, n°1, p. 79-98.

Diamantopoulos, A., and Winklhofer, H. M. (2001)., “Index Construction with Formative Indicator’s: An Alternative to Scale Development”, Journal of Marketing Research, vol. 38, n°2, p. 269-277.

Dinev, T., & Hu, Q. (2007), “The centrality of awareness in the formation of user behavioral intention toward protective information technologies”, Journal of the Association for Information Systems, vol. 8, n°7, p. 386-408.

Durkin, K.F., Wolfe, T.W., Clark G. (1999), “Social bond theory and binge drinking among college students: a multivariate analysis”, College Student Journal, vol. 33, p. 450-461.

Ellison, N. B., Steinfield, C., Lampe, C. (2007), “The benefits of facebook friends:social capital and college students’ use of online social network sites”, Journal of Computer-Mediated Communication, vol. 12, n°4, p. 1143-1168.

ENISA, (2018), “Cyber Security Culture in Organizations”, available at https://www.enisa.europa.eu/publications/cyber-security-culture-in- organisations.

Feldman, J. M., Lynch, J. G. (1998), “Self-Generated Validity and Other Effects of Measurement on Belief, Attitude, Intention, and Behavior”, Journal of Applied Psychology, vol. 73, n°3, p. 422-435.

Floyd, D. L., Prentice-Dunn, S., & Rogers, R. W. (2000), “A meta-analysis of research on protection motivation theory”, Journal of applied social psychology, vol. 30, n°2, p. 407-429.

Foote, N., Matson, E., Weiss, L., & Wenger, E. (2002), “Leveraging group knowledge for high-performance decision-making”, Organizational Dynamics, vol. 31, n°33, p. 280-295.

Fornell, C., Larcker, D. F. (1981), “Evaluating structural equation models with unobservable variables and measurement error”, Journal of marketing research, vol. 18, p. 39-50.

Furnell, S.M., Bryant, P., Phippen, A.D. (2007). “Assessing the security perceptions of personal Internet users”, Computers & Security, vol. 26, p. 410-417.

Global Internet Report on the Futur of the Internet, (2017), “Path to Our Digital Futur”, Internet Society, available at https://future.internetsociety.org/wp-content/uploads/2017/09/2017-Internet-Society-Global-Internet-Report-Paths-to-Our-Digital-Future.pdf

Gorsuch, R. L. (1983), “Factor Analysis”, Hillsdale, NJ: Lawrence Erlbaum Associates.

Gudergan, S.P., Ringle, C.M., Wende, S., Will, A. (2008), “Confirmatory tetrad analysis in PLS path modeling”, Journal of Business Research, vol. 61, n°1, p. 1238-1249.

Haag, S., Eckhart, A., & Schwartz, A. (2019), “The Acceptance of Justifications among Shadow IT Users and Nonusers – An Empirical Analysis”, Information & Management, vol. 56, n°), p. 731-741.

Hair, J. F., Hult, G. T. M., Ringle, C., & Sarstedt, M. (2017). “A primer on partial least squares structural equation modeling (PLS-SEM)”, Thousand Oaks, CA: Sage Publications.

Hanus, B., & Wu, Y. “Andy”. (2016), “Impact of Users’ Security Awareness on Desktop Security Behavior: A Protection Motivation Theory Perspective”, Information Systems Management, vol. 33, n°1, p. 2-16.

Henseler, J., Hubona, G., & Ray, P. A. (2016), “Using PLS path modeling in new technology research: Updated guidelines”, Industrial Management & Data Systems, vol. 116, n°1, p. 2-20.

Henseler, J., Ringle, C.M., & Sarstedt, M. (2016). “Testing Measurement Invariance of Composites Using Partial Least Squares”, International Marketing Review, vol. 33, n°3, p. 405-431.

Henseler, J., Ringle, C.M., & Sarstedt, M. (2015). “A new criterion for assessing discriminant validity in variance-based structural equation modeling”, Journal of the Academy of Marketing Science, vol. 43, p. 115-135.

Herath, T., Rao, H.R. (2009), “Protection motivation and deterrence: a framework for security policy compliance in organisations”, European Journal of Information Systems, vol. 18, n°2, p. 106-125.

Hirschi, T. (2002), “Causes of Delinquency”, Transaction Publishers, New Brunswick, NJ.

Hu, Q., Dinev, T., Hart, P., Cooke, D. (2012), “Managing employee compliance with information pecurity Policies: the critical role of top management and organizational culture”, Decision Sciences Volume, vol. 43, n°4, p. 615-659.

Hoffman, L.W. (1972), “Early childhood experiences and women’s achievement motives”, Journal of Social Issues, vol. 28, n°2, p. 129-155.

Ifinedo, P. (2014). “Information systems security policy compliance: An empirical study of the effects of socialisation, influence, and cognition”, Information & Management, vol. 51, n°1, p. 69–79.

Ifinedo, P. (2012), “Understanding information systems security policy compliance: an integration of the theory of planned behavior and the protection motivation theory”, Computer & Security, vol. 31, n°1, p. 83–95.

Insee, (2017), « Usage de l’Internet pour les relations sociales », available at https://www.insee.fr/fr/statistiques/2411023

James, W. (1975), “Philosophical conceptions and practical results”, In F. H. Burkhardt (ed.).Pragmatism. Cambridge, MA: Harvard University Press, p. 257-270.

Jayanti, N.K., Burns, A.C. (1998), “The antecedents of preventive health care behavior: an empirical study”, Journal of the Academy of Marketing Science, vol. 26, n°1, p. 6-15.

Johnson, R. E., Rosen, C. C., Chang, C.-H. (Daisy). Djurdjevic, E., & Taing, M. U. (2012), “Recommendations for improving the construct clarity of higher-order multidimensional constructs”, Human Resource Management Review, vol. 22, n°2, p. 62-72.

Johnston, A. C., & Warkentin, M. (2010), “Fear appeals and information security behaviors: an empirical study”, MIS quarterly, vol. 34, n°3, p. 549-566.

Johnston, A. C., Warkentin, M., & Siponen, M. (2015), “An enhanced fear appeal rhetorical framework: Leveraging threats to the human asset through sanctioning rhetoric”, MIS Quarterly, vol. 39, n°1, p. 113-134.

Kim, M. J., Lee, C-K., Preis, M. W. (2016), “Seniors' loyalty to social network sites: Effects of social capital and attachment”, International Journal of Information Management, vol. 36, n°6, p. 1020-1032.

Klesel, M., Schuberth, F., Henseler, J. Niehaves, B. (2019), “A test for multigroup comparison using partial least squares path modeling”, Internet Research, vol. 29, n°3, pp. 464-477.

Krohn, M D., Massey, JL. (1980), “Social Control and Delinquent Behavior: An Examination of the Elements of the Social Bond”, The Socialogical Quarterly, vol. 21, n°4, p. 529-543.

LaRose, R., Rifon, N. J., and Enbody, R. (2008), “Promoting Personal Responsibility for Internet Safety”. Communications of the ACM, vol. 51, n°3, p. 71-76.

Law, K.S., Wong, C., Mobley, W.H. (1998), “Toward a taxonomy of multidimensional constructs”, Academy of Management Review, vol. 23, n°4, p.741-755.

Lebek, B., Uffen, J., Neumann, M., Hohler, B., Breitner, M. H. (2014), “Information security awareness and behavior: a theory-based literature review, Management Research Review, vol. 37, n°12, p. 1049-1092.

Lee, Y., & Larsen, K. R. (2009), “Threat or Coping Appraisal: Determinants of SMB Executives' Decision to Adopt Anti-Malware Software”, European Journal of Information Systems, vol. 1, n°2, p. 177-187.

Lee, D., Larose, R., & Rifon, N. (2008), “Keeping our network safe: a model of online protection behaviour”, Behaviour & Information Technology, vol. 27, n°5, p. 445‑454.

Lee, Y., Kozar, K.A., (2005), “Investigating factors affecting the adoption of anti-spyware systems”, Communications of the ACM, vol. 48, n°8, p. 72-77.

Lee, S.M., Lee, S-G., Yoo, S. (2004), “An integrative model of computer abuse based on social control and general deterrence theories”, Information & Management, vol. 41, n°6, p. 707-718.

Li, L., He, W., Li, X., Ash, I., Anwar, M., Yuan, Y. (2019), “Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior”, International Journal of Information Management, vol. 45, p. 13-24.

Liang, H., Xue, Y. (2010),”Understanding security behaviors in personal computer usage: A threat avoidance perspective”, Journal of the Association for Information Systems, vol. 11, n°7, p. 394-413.

Limayem, M., Hirt, S. G., Cheung, C. M.K. (2007), “How Habit Limits the Predictive Power of Intention: The Case of Information Systems Continuance”, MIS Quarterly, vol. 31, n°4, p. 705-737.

Lindell, M. K., Whitney, D. J. (2001), “Accounting for common method variance in cross-sectional research designs”, Journal of Applied Psychology, vol. 86, n°1, p. 114-121.

McCormac A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., Pattinson, M., (2017), “Individual differences and Information Security Awareness”, Computers in Human Behavior, vol. 69, p. 151-156.

MacKenzie, S. B., Podsakoff, P. M., & Jarvis, C. B. (2005), “The Problem of Measurement Model Misspecification in Behavioral and Organizational Research and Some Recommended Solutions”, Journal of Applied Psychology, vol. 90, n°4, p. 710-730.

Malhotra, N. K., Kim, S. S., & Patil, A. (2006), “Common method variance in IS research: A comparison of alternative approaches and a reanalysis of past research”, Management science, vol. 52, n°12, p.1865-1883.

Malhotra, N.K., Schaller, T.K., & Patil, A. (2017), “Common method variance in advertising research: When to be concerned and how to control for it”, Journal of Advertising, vol. 46, n°1, p. 193-212.

Maruping, O., M., Magmi, M. (2012), “What’s the Weather Like? The Effect of Team Learning Climate, Empowerment Climate, and Gender on Individuals’ Technology Exploration and Use”, Journal of Management Information Systems, vol. 29, n°1, p. 79-113.

Mwagwabi, F., McGill, T., Dixon, M. (2014), “Improving Compliance with Password Guidelines: How User Perceptions of Passwords and Security Threats Affect Compliance with Guidelines”, Proceedings of the Annual Hawaii International Conference on System Sciences.

Ng, B.-Y., Kankanhalli, A., & Xu, Y. (2009),”Studying users ’computer security behavior: A health belief perspective”, Decision Support Systems, vol. 46, n°4, p. 815-825.

Petter, S., Straub, D., & Rai, A. (2007), “Specifying formative constructs in information systems research” MIS Quarterly, vol. 31, n°4, p. 623-656.

Preacher, K. J., & Hayes, A. F. (2008),” Asymptotic and resampling strategies for assessing and comparing indirect effects in multiple mediator models”, Behavior research methods, vol. 40, n°3, p. 879-891.

Puhakainen, P., & Siponen, M. (2010), “Improving employees’ compliance through information systems security training: an action research study”, MIS Quarterly, vol.34, n°4, p. 757-778.

PWC Report. (2018). “The Global State of Information Security Survey”, available at https://www.pwc.com/us/en/services/consulting/cybersecurity/library/information-security-survey.html

Ransbotham, S., Fichman, R.G., Gopal, R., Gupta, A. (2016), “Ubiquitous IT and Digital Vulnerabilities”, Information Systems Research, vol. 27, n°4, p. 834-847.

Ridley, G., Young, J. (2012), “Theoretical approaches to gender and IT: examining some Australian evidence”, Information Systems Journal, vol. 22, p. 355-373.

Ringle, C.M., Sarstedt, M., Straub, D.W. (2012),”Editor’s comments: a critical look at the use of PLS-SEM”, MIS Quarterly, vol. 36, n°1, iii-xiv.

Ringle, C. M. & Sarstedt, M. (2016),”Gain More Insight from Your PLS-SEM Results: The Importance-Performance Map Analysis”, Industrial Management & Data Systems, vol. 116, n°9, p. 1865-1986.

Ringle, C. M., Sarstedt, M., Mitchell, R., and Gudergan, S. P. (2018), “Partial Least Squares Structural Equation Modeling in HRM Research”, International Journal of Human Resource Management, p. 1-27.

Richter, N. F., Cepeda, G., Roldán, J. L., & Ringle, C. M. (2016),”European management research using partial least squares structural equation modeling (PLS-SEM)”, European Management Journal, vol. 34, n°6, p. 589–597.

Rocha Flores, W., Antonsen, E., Ekstedt, M. (2014), “Information security knowledge sharing in organizations: investigating the effect of behavioral information security governance and national culture”, Computesr & Security, vol. 43, p. 90-110.

Rogers RW. (1975), “A protection motivation theory of fear appeals and attitude change”, Journal of Psychololgy, vol. 91, n°1, p. 93-114.

Rogers RW. (1983), “Cognitive and physiological processes in fear appeals and attitude change: a revised theory of protection motivation”, In: Cacioppo J, Petty R, editors. Social psychophysiology: a sourcebook. NewYork: Guilford Press, p. 153-177.

Rogers, R. W., & Prentice-Dunn, S. (1997), “Protection Motivation Theory,” in Handbook of Health Behavior Research I: Personal and Social Determinants, D. S. Gochman (ed.). New York: Plenum Press, p. 113-132.

Safa, N.S., von Solms, R., Furnell, S. (2016), “Information security policy compliance model in organizations”, Computers & security, vol. 56, p. 70-82.

Sarstedt, M., Ringle, C. M., & Hair, J. F. (2017). “Partial least squares structural equation modeling”, in C. Homburg, M. Klarmann, & A. Vomberg (Eds.). Handbook of market research. Heidelberg: Springer.

Simmering, M. J., Fuller, C. M., Richardson, H. A., Ocal, Y., & Atinc, G. M. (2015), “Marker variable choice, reporting, and interpretation in the detection of common method variance: A review and demonstration”, Organizational Research Methods, vol. 18, n°3, p. 473-511.

Siponen, M., Adam Mahmood, M., & Pahnila, S. (2014), “Employees’ adherence to information security policies: An exploratory field study”, Information & Management, vol. 51, n°2, p. 217-224.

Siponen, M. (2000), “A conceptual foundation for organizational information security awareness”, Information Management & Computer Security, vol. 8, p. 31-41.

Soomro, Z. A., Shah, M. H., Ahmed, J. (2016). “Information security management needs more holistic approach: A literature review”, International Journal of Information Management, vol. 36, n°2, p. 215-225.

Spears, J., L., Barki, H. (2010), “User Participation in IS Security Risk Management”, MIS Quarterly, vol. 4, n°3, p. 503-522.

Symantec, rapport Internet Security Threat. (2017), https://www.symantec.com/fr/fr/security- center/threat-report.

Tamjidyamcholo, A., Bin Baba, M. S., Shuib, N. L. M., & Rohani, V. A. (2014), “Evaluation model for knowledge sharing in information security professional virtual community”, Computers & Security, vol. 43, p. 19-34.

Tenenhaus, M., Vinzi, V. E., Chatelin, Y.-M., & Lauro, C. (2005), “PLS path modeling”, Computational Statistics & Data Analysis, vol. 48, n°1, p. 159-205.

Thompson, N., McGill, T. J., & Wang, X. (2017). “Security begins at home: Determinants of home computer and mobile device security behavior”, Computers & Security, vol. 70, p. 376-391.

Trauth, E. (2002),” Odd girl out: an individual differences perspective on women in the IT profession”, Information Technology and People, vol. 15, p. 98-118.

Trauth, E. (2006), “Theorizing gender and information technology research using the individual differences theory of gender and IT”, In: The Encyclopedia of Gender and Information Technology, Trauth, E. (Ed.). p. 1154-1159. Idea Group Publishing, Hershey, PA, USA.

Trauth, E. & Quesenberry, J. (2007), “Gender and the information technology workforce: issues of theory and practice.In: Managing IT Professions in the Internet Age”, Yoong, P. & Huff, S. (Ed). P. 18-36. Idea Group, Hershey, PA, USA.

Triandis, H. C. (1980). "Values, attitudes and interpersonal behavior." In H. E. Howe & M. Page (Eds.). Nebraska symposium on motivation, vol. 37, p. 195-259. Lincoln: University of Nebraska Press.

Tsai, H.S., Jiang, M., Alhabash, S., LaRose, R., Rifon, N.J., Cotten, S.R. (2016), “Understanding online safety behaviors: a protection motivation theory perspective, Computers & Security, vol. 59, p. 138-150.

Tu, Z., Turel, O., Yuan, Y., Archer, N. (2015), “Learning to cope with information security risks regarding mobile device loss or theft: an empirical examination” Information & Management, vol. 52, n°4, p. 506–17.

UE Commissiopn I2010 Report, Communiqué de press, available http ://europa.eu/rapid/press-release_IP-08-605_en.pdf

Vance, A., Siponen, M., & Pahnila, S. (2012), “Motivating IS security compliance: Insights from Habit and Protection Motivation Theory”, Information & Management, vol. 49, n°3‑4, p. 190-198.

Venkatesh, V., and Morris, M.G. (2000), “Why don’t men ever stop to ask for directions? Gender, social influence, and their role in technology acceptance and usage behavior”, MIS Quarterly, vol. 24, n°1, p. 115-139.

Venkatesh, V., Morris, M.G., Ackerman, P.L. (2000), “A longitudinal field investigation of gender differences in individual technology adoption decision-making processes”, Organizational Behavior and Human Decision Processes, vol. 83, n°1, p. 33-60.

Venkatesh, V., James Y. L. Thong, J. Y., Xu. X. (2012), “Consumer Acceptance and Use of Information Technology: Extending the Unified Theory of Acceptance and Use of Technology”, MIS Quaterly, vol. 36, n°1, p. 147-156.

Vroom, C. & von Solms, R. (2004). “Towards information security behavioural compliance”, Computers & Security, vol. 23, p. 191-198.

Warkentin, M., Johnston A. C., Shropshire, J., Barnett, W. D., (2016), “Continuance of protective security behavior: A longitudinal study”, Decision Support Systems, vol. 92, p. 25-35.

Wetzels, M. Odekerken-Schröder, G. & Van Oppen, C. (2009), “Using PLS path modeling for assessing hierarchical construct models: Guidelines and empirical illustration”, MIS Quarterly, vol. 33, n°1. P. 177-195.

Woon, G-W. Tan, Low, R. (2005). “A protection motivation theory approach to home wireless security”, ICIS proceedings, Paper n° 31.

Wu, J. Du, H. (2012), “Toward a better understanding of behavioral intention and system usage constructs”, European Journal of Information Systems, vol. 21, p. 680-698.

Yazdanmehr, A., Jingguo, W. (2016), “Employees' information security policy compliance: A norm activation perspective”, Decision Support Systems, vol. 92, p. 36-46.

Yoon, C., Hwang, J-W., Kim, R. (2012). “Exploring Factors That Influence Students’ Behaviors in Information Security”. Journal of Information Systems Education, vol. 23, n°4, p. 407–415.

Publiée

2021-04-01

Comment citer

Berthevas, J.-F. (2021). Comment les facteurs de motivation à la protection et du lien social influencent les comportements en matière de sécurité de l’information. Systèmes d’Information Et Management (French Journal of Management Information Systems), 26(2), 77–115. Consulté à l’adresse https://revuesim.org/index.php/sim/article/view/1095

Numéro

Vol. 26 No 2 (2021)

Rubrique

Article de recherche

Licence

L'auteur a la responsabilité de vérifier si le matériel soumis est soumis au droit d'auteur ou aux droits de propriété (par exemple, figures, tableaux, photographies, illustrations, documentation commerciale et données). L'auteur devra obtenir l'autorisation de reproduire ces éléments et inclure ces autorisations dans leur soumission finale.

Nous avons pour politique de demander à tous les auteurs de transférer gratuitement à la revue les droits d'auteur. Il y a deux grandes raisons à cela :

  • la propriété du droit d'auteur par le propriétaire du journal facilite la protection internationale contre la violation du droit d'auteur, la diffamation ou le plagiat;
  • il garantit également que les demandes de réimpression ou de reproduction d'une contribution, en totalité ou en partie, sous forme imprimée ou électronique, soient traitées efficacement conformément à notre politique générale qui encourage la diffusion des connaissances dans le cadre du droit d'auteur.

Conformément à la loi française sur la propriété intellectuelle, l'auteur d'un article conserve les droits moraux :

  • Le droit de paternité qui permet à l'auteur de voir son nom associé à chacune des exploitations de son œuvre.
  • Le droit au respect de l’œuvre qui peut être revendiqué par l'auteur s'il constate que lors d'une exploitation, son œuvre a été dénaturée (coupe, remontage…).