Total views : 332

A Theoretical Review of Neutralization in Security Policy

Affiliations

  • Department of Business Administration, Chung-Ang University, 84 Heukseak-Ro, Dongjak-Gu, Seoul, 156-756, Korea
  • Department of Economics, Chung-Ang University, 84 Heukseak-Ro, Dongjak-Gu, Seoul, 156-756, Korea

Abstract


Objectives: In these days, security violation could lead to vulnerabilities of organization. Many scholars tried to explain the violation and suggested ways to prevent user from violating information security policy. Methods/Statistical Analysis: While neutralization is used to explain the behavior of juvenile delinquency, neutralization is utilized to show the behavior of the violation in information security. Neutralization was used to explain the software piracy and the violation of information security. This study tries to investigate the extensive literature review explaining the violation behavior of information security policy and summarizes the important mainstreams giving the implications. This paper invests theoretical ground on neutralization. Findings: This study suggests the extensive adaptability of neutralization techniques applied in the information security policy. Individuals consider the violation of information security the minor rule breaking behavior. Neutralization has been utilized to explain the minor deviant behavior, so it also can be accepted to explain the various violation behaviors in the field of information security policy. Improvements/Applications: Neutralization can be useful in understanding the violation behavior of information security policy and used in designing security management systems in various organizations.

Keywords

Deterrence Theory, Information Security, Neutralization, Organization Theory, Rational Theory, Violation Behavior.

Full Text:

 |  (PDF views: 260)

References


  • Herath T, Rao HR. Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decision Support Systems. 2009; 47:154-65.
  • Puhakainen P. Oulu, Finland: University of Oulu: A design theory for information security awareness. 2006.
  • Kankanhalli A, Teo HH, Tan BCY, Wei KK. An integrative study of information systems security effectiveness. International Journal of Information Management. 2003; 23:139-54.
  • Sykes G, Matza D. Techniques of neutralization: a theory of delinquency. American Sociological Review. 1957; 22(6):664-70.
  • Siponen M, Vance A. Neutralization: new insights into the problem of employee information systems security policy violations. MIS quarterly. 2010; 34(3):487-502.
  • Knapp KJ, Marshall TE, Rainer RK, Ford FN. Information security: management’s effect on culture and policy. Information Management & Computer Security. 2006; 14(1):24-36.
  • Agnew R, Ardith AR. The techniques of neutralization an analysis of predisposing and situational factors. Criminal Justice and Behavior. 1986; 13(1):81-97.
  • Kohn A. Why incentive plans cannot work. Harvard Business Review. 1993; 71(5):54–62.
  • Haines VJ, Diekhoff GM, LaBeff EE, Clark RE. College cheating: immaturity, lack of commitment, and the neutralizing attitude. Research in Higher Education. 1986; 25(4):342-54.
  • Hollingera RC. Neutralizing in the workplace: an empirical analysis of property theft and production deviance. Deviant Behavior. 1991; 12(2):169-202.
  • Doddera RA, Hughesb SP. Neutralization of drinking behavior. Deviant Behavior. 1993; 14(1):65-79.
  • Maruna S, Copes H. What have we learned from five decades of neutralization research? Crime and Justice. 2005; 32:221-320.
  • Straub DW. Effective IS security: an empirical study. Information Systems Research. 1990; 1(3):255-71.

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.