SUSAN SQUIRES
University of North Texas MOLLY SHADE
University of North Texas
Information Technology (IT) professionals are racing to keep up with cyber-security threats in the workplace. But, as any cyber-security expert will tell you, security technology is only as good as the people who use it. And, people are a mystery to most cyber-security professionals making them the weak link for security interventions in organizations. To broadly impact current cyber-security awareness, interventions and education, it is crucial to understand how security is understood and applied by the users of technology. Thus, it is no surprise that more and more cyber-security studies are focusing on the individual employee to understand computer-user risk mediation. However, users and their actions do not exist in a vacuum, and their perceptions and subsequent behaviors regarding security risk are shaped by a vast array of beliefs, social relations and workplace practices. This paper reports on a fresh theoretical approach to cyber-security as a group...