Is Cybersecurity a Team Sport? A Multilevel Examination of Workgroup Information Security Effectiveness

In stock
Organizations maintain their desired level of cybersecurity by evaluating the information security (ISec) effectiveness of their organizational units. Numerous ISec studies have delved into examining individual compliance, yet studies that develop an understanding about achieving the desired effect of the workgroup ISec have been scarce in the literature. Against this backdrop, this research note draws on the input–process– output framework to take a multilevel approach and examines how an individual security factor (“individual self-efficacy”) and two core workgroup mechanisms (“workgroup collective efficacy” and “security knowledge coordination”) can together affect workgroup information security effectiveness (WISE). Using a survey, data for the independent variables of the study was collected from 68 branch offices (with 536 employees in total) of a law enforcement agency in South Korea. Separately, for WISE, we obtained the branch offices’ annual security assessment scores from the organization. The results reveal the cross-level nature of WISE, suggesting that group mechanisms significantly mediate the relationship between individual self-efficacy and WISE. The results support the view that group mechanisms are important in ISec management and need to be considered alongside the individual-level analysis in the pursuit of workgroup ISec performance. The findings provide insightful implications for both theory and practice. 5/31/2020
Additional Details
Author Chul Woo Yoo, Jahyun Goo, and H. Raghav Rao
Year 2020
Volume 44
Issue 2
Keywords Workgroup information security effectiveness, collective efficacy, security knowledge coordination, multilevel structural equation model, social cognitive theory
Page Numbers 907-931; DOI: 10.25300/MISQ/2020/15477
Copyright © 2023 MISQ. All rights reserved.