Abstracts SoSe 2022
Sebastian Hengstler (Georg-August-Universität
Göttingen)
"How Employees Learn Information Security Policy
Compliance Behavior: Toward a Social Learning
Perspective."
Information security attacks typically exploit the weakest link in the chain, which in most cases is the IT end user at the workplace. While great strides have been made in understanding and explaining information security behavior, little is known about how such behavior is acquired by individuals in the first place. This research approaches the phenomenon through the lens of social learning theory. We argue that a new employee's behavior is initially learned through differential associations within the social network, rather than through knowledge of formal policies and associated sanctions. We used a scenario-based experimental approach and collected data from new employees with five years or less of work experience. Our results show that employee's behavior changes over time. Reinforcement through sanctions becomes more important in the maintenance phase, while imitation of others becomes less relevant.
Das zugrunde liegende Papier kann über Uni-(W)Lan kostenfrei herunter geladen werden: https://aisel.aisnet.org/ecis2022_rp/85
Dr. Christoph Feldhaus (Ruhr-Universität Bochum)
"Group decisions are more libertarian than
individual decisions."
We conduct laboratory experiments to study why, when, and how groups intervene in other people’s choices, and how the intervention behavior of groups differs from that of individuals. Across two different decision situations, we report robust evidence that groups are less likely to intervene in others’ choices than individuals. Exploiting the content of group chats, we show that the difference between groups and individuals seems due to social-image concerns: group members shy away from proposing interventions during the group discussions.