CCE Theses and Dissertations

Campus Access Only

All rights reserved. This publication is intended for use solely by faculty, students, and staff of Nova Southeastern University. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, now known or later developed, including but not limited to photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the author or the publisher.

Date of Award

2012

Document Type

Dissertation - NSU Access Only

Degree Name

Doctor of Philosophy in Information Systems (DISS)

Department

Graduate School of Computer and Information Sciences

Advisor

Yair Levy

Committee Member

Yoram Eshet

Committee Member

James L Parrish

Keywords

cognitive load, e-training security, Information security, perceived risk, protection motivation, reading preference

Abstract

The protection of proprietary information that users print from their information systems is a significant and relevant concern in the field of information security to both researchers and practitioners. Information security researchers have repeatedly indicated that human behaviors and perception are important factors influencing the information security of organizations and have called for more research. The aerospace and defense industry commonly deals with its own proprietary information as well its customers. Further, e-training is a growing practice in this industry, it frequently deals with proprietary information, and has unique information security challenge, thus, serves as additional context for this study.

This study focused on the investigation of two constructs, user reading preference and user perceived risk of compromising printed proprietary information, as well as seven user demographics. These constructs reflect human behavior and risk perceptions associated with compromising printed proprietary information and, thus, provide valuable insights applicable into information security. This study developed a Reading Preference and Risk (RPR) Taxonomy, which allows users to be classified according to the aforementioned two constructs under investigation and provides insightful characterizations of information security risks. A survey based on existing literature, the primary constructs, and several demographics was implemented to assess two research questions and seven associated hypotheses. The survey was sent to 1,728 employees of an aerospace and defense organization. The response rate was 18% with 311 usable records.

The results of the study showed that employees were dispersed across the RPR Taxonomy with 15.1% identified as potentially problematic to the protection of printed proprietary information. The overall results showed that the population had a reading preference for print materials and a high perceived risk for compromising printed proprietary information, as well as significantly higher print preference for e-training materials when it was necessary to retain the content in memory. Significant differences in the two constructs were also found across several demographics including age, gender, frequency of user exposure to proprietary information, the confidentiality level of the proprietary information a user is regularly exposed to, and previous user experience with the compromise of proprietary information. Recommendations for practice and research are provided. Moreover, several areas for future research are also presented.

To access this thesis/dissertation you must have a valid nova.edu OR mynsu.nova.edu email address and create an account for NSUWorks.

Free My Thesis

If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the Free My Thesis button.

  Contact Author

  Link to NovaCat

Share

COinS