{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T15:59:30Z","timestamp":1726070370671},"publisher-location":"Cham","reference-count":41,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030432751"},{"type":"electronic","value":"9783030432768"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-43276-8_10","type":"book-chapter","created":{"date-parts":[[2020,3,7]],"date-time":"2020-03-07T08:03:08Z","timestamp":1583568188000},"page":"131-144","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Theorising Information Security Policy Violations"],"prefix":"10.1007","author":[{"given":"Indren","family":"Govender","sequence":"first","affiliation":[]},{"given":"Bruce","family":"Watson","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,3,8]]},"reference":[{"key":"10_CR1","unstructured":"PwC. http:\/\/www.pwc.com\/gx\/en\/issues\/cyber-security\/information-security-survey.html . Accessed 21 Nov 2018"},{"issue":"6","key":"10_CR2","doi-asserted-by":"publisher","first-page":"643","DOI":"10.1057\/ejis.2011.23","volume":"20","author":"J D\u2019Arcy","year":"2011","unstructured":"D\u2019Arcy, J., Herath, T.: A review and analysis of deterrence theory in the IS security literature: making sense of the disparate findings. Eur. J. Inf. Syst. 20(6), 643\u2013658 (2011)","journal-title":"Eur. J. Inf. Syst."},{"issue":"11","key":"10_CR3","first-page":"179","volume":"36","author":"C Posey","year":"2015","unstructured":"Posey, C., Roberts, T.L., Lowry, P.B., Bennett, R.J.: Multiple indicators and multiple causes (MIMIC) models as a mixed-modeling technique: a tutorial and annotated example. Commun. Assoc. Inf. Syst. 36(11), 179\u2013204 (2015)","journal-title":"Commun. Assoc. Inf. Syst."},{"issue":"1","key":"10_CR4","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.cose.2012.09.010","volume":"32","author":"RE Crossler","year":"2013","unstructured":"Crossler, R.E., Johnston, A.C., Lowry, P.B., Hu, Q., Warkentin, M., Baskerville, R.: Future directions for behavioral information security research. Comput. Secur. 32(1), 90\u2013101 (2013)","journal-title":"Comput. Secur."},{"issue":"2","key":"10_CR5","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1057\/ejis.2009.12","volume":"18","author":"M Warkentin","year":"2009","unstructured":"Warkentin, M., Willison, R.: Behavioral and policy issues in information systems security: the insider threat. Eur. J. Inf. Syst. 18(2), 101\u2013105 (2009)","journal-title":"Eur. J. Inf. Syst."},{"key":"10_CR6","unstructured":"Richardson, R.: CSI\/FBI Computer Crime and Security Survey. Computer Security Institute (2011). http:\/\/www.gocsi.com\/survey"},{"key":"10_CR7","unstructured":"PwC. http:\/\/www.pwc.com\/gx\/en\/consulting\u2010services\/information\u2010security\u2010survey\/download.jhtml . Accessed 23 Sept 2017"},{"key":"10_CR8","unstructured":"SpectorSoft. https:\/\/www.sans.org\/reading\u2010room\/whitepapers\/analyst\/insider-threats\u2010fast\u2010directed\u2010response\u201035892 . Accessed 23 Sept 2017"},{"issue":"1","key":"10_CR9","doi-asserted-by":"publisher","first-page":"1","DOI":"10.25300\/MISQ\/2013\/37.1.01","volume":"37","author":"R Willison","year":"2013","unstructured":"Willison, R., Warkentin, M.: Beyond deterrence: an expanded view of employee computer abuse. MIS Q. 37(1), 1\u201320 (2013)","journal-title":"MIS Q."},{"key":"10_CR10","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1016\/j.cose.2012.10.003","volume":"32","author":"KH Guo","year":"2013","unstructured":"Guo, K.H.: Security-related behavior in using information systems in the workplace: a review and synthesis. Comput. Secur. 32, 242\u2013251 (2013)","journal-title":"Comput. Secur."},{"key":"10_CR11","first-page":"262","volume-title":"Human Computer Interaction and Management Information Systems: Foundations","author":"JM Stanton","year":"2006","unstructured":"Stanton, J.M., Stam, K.R., Mastrangelo, P.M., Jolton, J.A.: Behavioral information security: an overview, results, and research agenda. In: Zhang, P., Galletta, D.F. (eds.) Human Computer Interaction and Management Information Systems: Foundations, pp. 262\u2013280. M.E. Sharpe, Armonk (2006)"},{"issue":"6","key":"10_CR12","doi-asserted-by":"publisher","first-page":"605","DOI":"10.1057\/s41303-017-0059-9","volume":"26","author":"WA Cram","year":"2017","unstructured":"Cram, W.A., Proudfoot, J.G., D\u2019Arcy, J.: Organizational information security policies: a review and research framework. Eur. J. Inf. Syst. 26(6), 605\u2013641 (2017)","journal-title":"Eur. J. Inf. Syst."},{"issue":"3","key":"10_CR13","doi-asserted-by":"publisher","first-page":"523","DOI":"10.2307\/25750690","volume":"34","author":"B Bulgurcu","year":"2010","unstructured":"Bulgurcu, B., Cavusoglu, H., Benbasat, I.: Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness. MIS Q. 34(3), 523\u2013548 (2010)","journal-title":"MIS Q."},{"key":"10_CR14","series-title":"IFIP International Federation for Information Processing","doi-asserted-by":"publisher","first-page":"133","DOI":"10.1007\/978-0-387-72367-9_12","volume-title":"New Approaches for Security, Privacy and Trust in Complex Environments","author":"M Siponen","year":"2007","unstructured":"Siponen, M., Pahnila, S., Mahmood, A.: Employees\u2019 adherence to information security policies: an empirical study. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) SEC 2007. IIFIP, vol. 232, pp. 133\u2013144. Springer, Boston, MA (2007). https:\/\/doi.org\/10.1007\/978-0-387-72367-9_12"},{"issue":"3","key":"10_CR15","doi-asserted-by":"publisher","first-page":"487","DOI":"10.2307\/25750688","volume":"34","author":"M Siponen","year":"2010","unstructured":"Siponen, M., Vance, A.: Neutralization: new insights into the problem of employee information systems security policy violations. MIS Q. 34(3), 487\u2013502 (2010)","journal-title":"MIS Q."},{"issue":"2","key":"10_CR16","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1016\/j.im.2013.08.006","volume":"51","author":"M Siponen","year":"2014","unstructured":"Siponen, M., Mahmood, M.A., Pahnila, S.: Employees\u2019 adherence to information security policies: an exploratory field study. Inf. Manag. 51(2), 217\u2013224 (2014)","journal-title":"Inf. Manag."},{"issue":"6","key":"10_CR17","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1145\/1953122.1953142","volume":"54","author":"Q Hu","year":"2011","unstructured":"Hu, Q., Xu, Z., Dinev, T., Ling, H.: Does deterrence work in reducing information security policy abuse by employees? Commun. ACM 54(6), 54\u201360 (2011)","journal-title":"Commun. ACM"},{"issue":"1","key":"10_CR18","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1111\/isj.12173","volume":"29","author":"J D\u2019Arcy","year":"2019","unstructured":"D\u2019Arcy, J., Lowry, P.B.: Cognitive-affective drivers of employees\u2019 daily compliance with information security policies: a multilevel, longitudinal study. Inf. Syst. J. 29(1), 43\u201369 (2019)","journal-title":"Inf. Syst. J."},{"key":"10_CR19","unstructured":"Dell. https:\/\/software.dell.com\/whitepaper\/insider\u2010threat\u2010spotlight\u2010report890546\/ . Accessed 23 Sept 2017"},{"issue":"4","key":"10_CR20","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1016\/j.jsis.2010.10.002","volume":"19","author":"S Goel","year":"2010","unstructured":"Goel, S., Chengalur-Smith, I.N.: Metrics for characterizing the form of security policies. J. Strateg. Inf. Syst. 19(4), 281\u2013295 (2010)","journal-title":"J. Strateg. Inf. Syst."},{"issue":"1","key":"10_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4018\/joeuc.2006010101","volume":"18","author":"TP Cronan","year":"2006","unstructured":"Cronan, T.P., Douglas, D.E.: Toward a comprehensive ethical behavior model for information technology. J. Organ. End User Comput. 18(1), 1\u201311 (2006)","journal-title":"J. Organ. End User Comput."},{"issue":"4","key":"10_CR22","doi-asserted-by":"publisher","first-page":"837","DOI":"10.25300\/MISQ\/2015\/39.4.5","volume":"39","author":"SR Boss","year":"2015","unstructured":"Boss, S.R., Galletta, D.F., Lowry, P.B., Moody, G.D., Polak, P.: What do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Q. 39(4), 837\u2013864 (2015)","journal-title":"MIS Q."},{"key":"10_CR23","unstructured":"Siponen, M., Willison, R., Baskerville, R.: Power and practice in information systems security research. In: International Conference on Information Systems, pp. 1\u201313. Association for Information Systems, Paris (2008)"},{"issue":"6","key":"10_CR24","doi-asserted-by":"publisher","first-page":"472","DOI":"10.1016\/j.cose.2005.05.002","volume":"24","author":"M Theoharidou","year":"2005","unstructured":"Theoharidou, M., Kokolakis, S., Karyda, M., Kiountouzis, E.: The insider threat to information systems and the effectiveness of ISO17799. Comput. Secur. 24(6), 472\u2013484 (2005)","journal-title":"Comput. Secur."},{"issue":"6","key":"10_CR25","doi-asserted-by":"publisher","first-page":"1143","DOI":"10.5465\/amj.2005.19573114","volume":"48","author":"TR Tyler","year":"2005","unstructured":"Tyler, T.R., Blader, S.L.: Can business effectively regulate employee conduct? The antecedents of rule following in work settings. Acad. Manag. J. 48(6), 1143\u20131158 (2005)","journal-title":"Acad. Manag. J."},{"key":"10_CR26","doi-asserted-by":"publisher","first-page":"1113","DOI":"10.1080\/08870446.2011.613995","volume":"26","author":"I Ajzen","year":"2011","unstructured":"Ajzen, I.: The theory of planned behaviour: reactions and reflections. Psychol. Health 26, 1113\u20131127 (2011)","journal-title":"Psychol. Health"},{"issue":"3","key":"10_CR27","first-page":"218","volume":"22","author":"A Rivis","year":"2003","unstructured":"Rivis, A., Sheeran, P.: Current psychology: developmental, learning, personality, social. Fall 22(3), 218\u2013233 (2003)","journal-title":"Fall"},{"issue":"2","key":"10_CR28","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1057\/ejis.2009.6","volume":"18","author":"T Herath","year":"2009","unstructured":"Herath, T., Rao, H.: Protection motivation and deterrence: a framework for security policy compliance in organisations. Eur. J. Inf. Syst. 18(2), 106\u2013125 (2009)","journal-title":"Eur. J. Inf. Syst."},{"key":"10_CR29","doi-asserted-by":"publisher","first-page":"173","DOI":"10.2307\/249574","volume":"16","author":"KD Loch","year":"1992","unstructured":"Loch, K.D., Carr, H.H., Warkentin, M.E.: Threats to information systems: today\u2019s reality, yesterday\u2019s understanding. MIS Q. 16, 173\u2013186 (1992)","journal-title":"MIS Q."},{"key":"10_CR30","unstructured":"The cyber security experience: Cyber security pros from Mars; users from Mercury. http:\/\/www.meritalk.com\/cybersecurityexperience . Accessed 23 Oct 2017"},{"issue":"6","key":"10_CR31","doi-asserted-by":"publisher","first-page":"664","DOI":"10.2307\/2089195","volume":"22","author":"GM Sykes","year":"1957","unstructured":"Sykes, G.M., Matza, D.: Techniques of neutralization: a theory of delinquency. Am. Sociol. Rev. 22(6), 664\u2013670 (1957)","journal-title":"Am. Sociol. Rev."},{"key":"10_CR32","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1016\/j.cose.2013.05.006","volume":"39","author":"JB Barlow","year":"2013","unstructured":"Barlow, J.B., Warkentin, M., Ormond, D., Dennis, A.R.: Don\u2019t make excuses! Discouraging neutralization to reduce IT policy violation. Comput. Secur. 39, 145\u2013159 (2013)","journal-title":"Comput. Secur."},{"issue":"2","key":"10_CR33","doi-asserted-by":"publisher","first-page":"iii","DOI":"10.2307\/25148727","volume":"30","author":"GA Marcoulides","year":"2006","unstructured":"Marcoulides, G.A., Saunders, C.: PLS: a silver bullet? MIS Q. 30(2), iii\u2013ix (2006)","journal-title":"MIS Q."},{"key":"10_CR34","unstructured":"Warkentin, M., Willison, R., Johnston, A.C.: The role of perceptions of organizational injustice and techniques of neutralization in forming computer abuse intentions. In: AMCIS (2011)"},{"key":"10_CR35","doi-asserted-by":"crossref","DOI":"10.1515\/9781503621794","volume-title":"A General Theory of Crime","author":"MR Gottfredson","year":"1990","unstructured":"Gottfredson, M.R., Hirschi, T.: A General Theory of Crime. Stanford University Press, Palo Alto (1990)"},{"issue":"4","key":"10_CR36","doi-asserted-by":"publisher","first-page":"334","DOI":"10.1080\/01639620701588131","volume":"24","author":"J Ingram","year":"2008","unstructured":"Ingram, J., Hinduja, S.: Neutralizing Music Piracy: An Empirical Examination. Deviant Behav. 24(4), 334\u2013366 (2008)","journal-title":"Deviant Behav."},{"issue":"4","key":"10_CR37","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1016\/j.im.2013.02.006","volume":"50","author":"JD Jackson","year":"2013","unstructured":"Jackson, J.D., Mun, Y.Y., Park, J.S.: An empirical test of three mediation models for the relationship between personal innovativeness and user acceptance of technology. Inf. Manag. 50(4), 154\u2013161 (2013)","journal-title":"Inf. Manag."},{"issue":"1","key":"10_CR38","doi-asserted-by":"publisher","first-page":"1","DOI":"10.17705\/1atrr.00016","volume":"3","author":"S Olbrich","year":"2017","unstructured":"Olbrich, S., Frank, U., Gregor, S., Niederman, F., Rowe, F.: On the merits and limits of replication and negation for IS research. AIS Trans. Replication Res. 3(1), 1\u201319 (2017)","journal-title":"AIS Trans. Replication Res."},{"issue":"1","key":"10_CR39","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1177\/0022427893030001004","volume":"30","author":"T Hirschi","year":"1993","unstructured":"Hirschi, T., Gottfredson, M.: Commentary: testing the general theory of crime. J. Res. Crime Delinq. 30(1), 47\u201354 (1993)","journal-title":"J. Res. Crime Delinq."},{"issue":"3","key":"10_CR40","doi-asserted-by":"publisher","first-page":"331","DOI":"10.1177\/1477370808090836","volume":"5","author":"CJ Rebellon","year":"2008","unstructured":"Rebellon, C.J., Straus, M.A., Medeiros, R.: Self-control in global perspective: An empirical assessment of Gottfredson and Hirschi\u2019s general theory within and across 32 national settings. Eur. J. Criminol. 5(3), 331\u2013361 (2008)","journal-title":"Eur. J. Criminol."},{"issue":"3","key":"10_CR41","doi-asserted-by":"publisher","first-page":"718","DOI":"10.1016\/j.chb.2008.12.029","volume":"25","author":"J Malin","year":"2009","unstructured":"Malin, J., Fowers, B.J.: Adolescent self-control and music and movie piracy. Comput. Hum. Behav. 25(3), 718\u2013722 (2009)","journal-title":"Comput. Hum. Behav."}],"container-title":["Communications in Computer and Information Science","Information and Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-43276-8_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,17]],"date-time":"2022-10-17T22:41:54Z","timestamp":1666046514000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-43276-8_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030432751","9783030432768"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-43276-8_10","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"8 March 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISSA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Information Security Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Johannesburg","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"South Africa","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"issa2019a","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.infosecsa.co.za","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"35","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"34% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}