Designing a Messaging Strategy to Improve Information Security Policy Compliance

Federico Giovannetti; Alan Hevner; Gert Jan de Vreede

Designing a Messaging Strategy to Improve Information Security Policy Compliance

Federico Giovannetti, Alan Hevner, Gert Jan de Vreede

School of Business

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Lack of employee compliance with information security policies is a key factor driving security incidents. Information security practitioners struggle to enforce policy compliance while employees try to curtail controls in favor of expediency and other perceived business and personal goals. This research-in-progress project utilizes the Design Science Research framework to develop an intervention based on a novel messaging strategy that aims to help information security practitioners improve employees' behaviors through intrinsic motivation, thus increasing compliance with information security policies.

Original language	English
Title of host publication	28th Americas Conference on Information Systems, AMCIS 2022
ISBN (Electronic)	9781958200001
State	Published - 2022
Event	28th Americas Conference on Information Systems, AMCIS 2022 - Minneapolis, United States Duration: 10 Aug 2022 → 14 Aug 2022

Publication series

Name	28th Americas Conference on Information Systems, AMCIS 2022

Conference

Conference	28th Americas Conference on Information Systems, AMCIS 2022
Country/Territory	United States
City	Minneapolis
Period	10/08/22 → 14/08/22

Keywords

ambassadors
Employee compliance
intrinsic motivation
leadership
tailored messaging
target groups

Cite this

@inproceedings{eabc33271c3b42d190062bb3843ed3a7,

title = "Designing a Messaging Strategy to Improve Information Security Policy Compliance",

abstract = "Lack of employee compliance with information security policies is a key factor driving security incidents. Information security practitioners struggle to enforce policy compliance while employees try to curtail controls in favor of expediency and other perceived business and personal goals. This research-in-progress project utilizes the Design Science Research framework to develop an intervention based on a novel messaging strategy that aims to help information security practitioners improve employees' behaviors through intrinsic motivation, thus increasing compliance with information security policies.",

keywords = "ambassadors, Employee compliance, intrinsic motivation, leadership, tailored messaging, target groups",

author = "Federico Giovannetti and Alan Hevner and {de Vreede}, {Gert Jan}",

note = "Publisher Copyright: {\textcopyright} 2022 28th Americas Conference on Information Systems, AMCIS 2022. All Rights Reserved.; 28th Americas Conference on Information Systems, AMCIS 2022 ; Conference date: 10-08-2022 Through 14-08-2022",

year = "2022",

language = "English",

series = "28th Americas Conference on Information Systems, AMCIS 2022",

booktitle = "28th Americas Conference on Information Systems, AMCIS 2022",

}

Designing a Messaging Strategy to Improve Information Security Policy Compliance. / Giovannetti, Federico; Hevner, Alan; de Vreede, Gert Jan.
28th Americas Conference on Information Systems, AMCIS 2022. 2022. (28th Americas Conference on Information Systems, AMCIS 2022).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Designing a Messaging Strategy to Improve Information Security Policy Compliance

AU - Giovannetti, Federico

AU - Hevner, Alan

AU - de Vreede, Gert Jan

PY - 2022

Y1 - 2022

N2 - Lack of employee compliance with information security policies is a key factor driving security incidents. Information security practitioners struggle to enforce policy compliance while employees try to curtail controls in favor of expediency and other perceived business and personal goals. This research-in-progress project utilizes the Design Science Research framework to develop an intervention based on a novel messaging strategy that aims to help information security practitioners improve employees' behaviors through intrinsic motivation, thus increasing compliance with information security policies.

AB - Lack of employee compliance with information security policies is a key factor driving security incidents. Information security practitioners struggle to enforce policy compliance while employees try to curtail controls in favor of expediency and other perceived business and personal goals. This research-in-progress project utilizes the Design Science Research framework to develop an intervention based on a novel messaging strategy that aims to help information security practitioners improve employees' behaviors through intrinsic motivation, thus increasing compliance with information security policies.

KW - ambassadors

KW - Employee compliance

KW - intrinsic motivation

KW - leadership

KW - tailored messaging

KW - target groups

UR - http://www.scopus.com/inward/record.url?scp=85192512836&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85192512836&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85192512836

T3 - 28th Americas Conference on Information Systems, AMCIS 2022

BT - 28th Americas Conference on Information Systems, AMCIS 2022

T2 - 28th Americas Conference on Information Systems, AMCIS 2022

Y2 - 10 August 2022 through 14 August 2022

ER -

Designing a Messaging Strategy to Improve Information Security Policy Compliance

Abstract

Publication series

Conference

Keywords

Other files and links

Fingerprint

Cite this