CCE Theses and Dissertations
Campus Access Only
All rights reserved. This publication is intended for use solely by faculty, students, and staff of Nova Southeastern University. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, now known or later developed, including but not limited to photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the author or the publisher.
Date of Award
2012
Document Type
Dissertation - NSU Access Only
Degree Name
Doctor of Philosophy in Information Systems (DISS)
Department
Graduate School of Computer and Information Sciences
Advisor
Yair Levy
Committee Member
Yoram Eshet
Committee Member
James L Parrish
Keywords
cognitive load, e-training security, Information security, perceived risk, protection motivation, reading preference
Abstract
The protection of proprietary information that users print from their information systems is a significant and relevant concern in the field of information security to both researchers and practitioners. Information security researchers have repeatedly indicated that human behaviors and perception are important factors influencing the information security of organizations and have called for more research. The aerospace and defense industry commonly deals with its own proprietary information as well its customers. Further, e-training is a growing practice in this industry, it frequently deals with proprietary information, and has unique information security challenge, thus, serves as additional context for this study.
This study focused on the investigation of two constructs, user reading preference and user perceived risk of compromising printed proprietary information, as well as seven user demographics. These constructs reflect human behavior and risk perceptions associated with compromising printed proprietary information and, thus, provide valuable insights applicable into information security. This study developed a Reading Preference and Risk (RPR) Taxonomy, which allows users to be classified according to the aforementioned two constructs under investigation and provides insightful characterizations of information security risks. A survey based on existing literature, the primary constructs, and several demographics was implemented to assess two research questions and seven associated hypotheses. The survey was sent to 1,728 employees of an aerospace and defense organization. The response rate was 18% with 311 usable records.
The results of the study showed that employees were dispersed across the RPR Taxonomy with 15.1% identified as potentially problematic to the protection of printed proprietary information. The overall results showed that the population had a reading preference for print materials and a high perceived risk for compromising printed proprietary information, as well as significantly higher print preference for e-training materials when it was necessary to retain the content in memory. Significant differences in the two constructs were also found across several demographics including age, gender, frequency of user exposure to proprietary information, the confidentiality level of the proprietary information a user is regularly exposed to, and previous user experience with the compromise of proprietary information. Recommendations for practice and research are provided. Moreover, several areas for future research are also presented.
NSUWorks Citation
Joshua D. Stalker. 2012. A Reading Preference and Risk Taxonomy for Printed Proprietary Information Compromise in the Aerospace and Defense Industry. Doctoral dissertation. Nova Southeastern University. Retrieved from NSUWorks, Graduate School of Computer and Information Sciences. (314)
https://nsuworks.nova.edu/gscis_etd/314.