CEC Faculty Proceedings, Presentations, Speeches and Lectures


Initial validation and empirical development of the construct of computer security self-efficacy (CSSE)

Event Location / Date(s)

Orlando, FL / 2012

Document Type

Conference Proceeding

Presentation Date


Conference Name / Publication Title

Proceedings of the Pre-International Conference of Information Systems (ICIS) SIGSEC - Workshop on Information Security and Privacy (WISP) 2012

First Page


Last Page



As organizations have become more dependent on networked information systems (IS) to conduct their business operations, their susceptibility to various threats to information security has also increased. Research has consistently identified the inappropriate security behavior of the users as the most significant of these threats. Various factors have been identified in prior research as contributing to these inappropriate security behaviors, however, not enough is known about the role of social factors in mediating these behaviors. This study developed a new Computer Security Self-Efficacy (CSSE) construct, identified 35 highly reliable items of CSSE in the context of individuals’ use of encrypted e-mail, and identified four significant factors of CSSE. The four factors were named Performance Accomplishments and Technical Support, Goal Commitment and Resource Availability, Experience Level, and Individual Characteristics. We conclude with a discussion on limitations and recommended future research that can result from the findings of this study.


Conference website: http://aisel.aisnet.org/wisp2012/