CCE Theses and Dissertations

Campus Access Only

All rights reserved. This publication is intended for use solely by faculty, students, and staff of Nova Southeastern University. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, now known or later developed, including but not limited to photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the author or the publisher.

Date of Award


Document Type

Dissertation - NSU Access Only

Degree Name

Doctor of Philosophy in Information Systems (DISS)


Graduate School of Computer and Information Sciences


Yair Levy

Committee Member

Peixiang Liu

Committee Member

Diane ball


Computer security, Computer security self efficacy, Security behavior, Self-efficacy


As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors have been identified as contributing to these inappropriate security behaviors, however, not enough is known about the role of social factors in mediating these behaviors.

This study developed a new computer security self-efficacy (CSSE) construct, identified items of CSSE in the context of individuals' use of encrypted e-mail, and determined the validity and reliability of the items of CSSE. Further, significant factors of CSSE were identified. First, a qualitative phase comprising focus groups and an expert panel was used to identify valid items of CSSE, develop a new instrument to measure the new CSSE construct, and validate the new CSSE instrument. After completing the qualitative phase, a quantitative phase was employed to collect empirical data on the CSSE items. The CSSE measurement instrument was administered to IS users at a major university in the southeastern United States and 292 responses were received. The collected data was statistically analyzed to identify significant factors of CSSE and the items of CSSE that demonstrate high reliability. Factor analysis was performed using Principal Component Analysis (PCA) and identified four significant and highly reliable factors of CSSE with a cumulative variance of nearly 68%. The four factors were named Performance Accomplishments and Technical Support, Goal Commitment and Resource Availability, Experience Level, and Individual Characteristics. Additionally, 35 items of CSSE were identified as possessing high reliability.

This study contributes to advancing of the body of knowledge regarding the use of e-mail encryption by developing a new CSSE construct and extending Computer Self-Efficacy research into the area of computer security and e-mail encryption. Further, by identifying factors of CSSE, an understanding of what IS users believe will impact their ability to use encryption to send e-mail messages is obtained. This understanding can aid in enhancing the use of encryption mechanisms to send e-mail, promoting positive computer security behavior, and so contribute positively to IS practice.

To access this thesis/dissertation you must have a valid OR email address and create an account for NSUWorks.

Free My Thesis

If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the Free My Thesis button.

  Contact Author

  Link to NovaCat