[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

To read this content please select one of the options below:

Theorising on risk homeostasis in the context of information security behaviour

Wayne D. Kearney (Department of Computer Science, North-West University, Potchefstroom, South Africa)
Hennie A. Kruger (Department of Computer Science, North-West University, Potchefstroom, South Africa)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 14 November 2016

997

Abstract

Purpose

The purpose of this paper is to discuss and theorise on the appropriateness and potential impact of risk homeostasis in the context of information security.

Design/methodology/approach

The discussion is mainly based on a literature survey backed up by illustrative empirical examples.

Findings

Risk homeostasis in the context of information security is an under-explored topic. The principles, assumptions and methodology of a risk homeostasis framework offer new insights and knowledge to explain and predict contradictory human behaviour in information security.

Practical implications

The paper shows that explanations for contradictory human behaviour (e.g. the privacy paradox) would gain from considering risk homeostasis as an information security risk management model. The ideas discussed open up the prospect to theorise on risk homeostasis as a framework in information security and should form a basis for further research and practical implementations. On a more practical level, it offers decision makers useful information and new insights that could be advantageous in a strategic security planning process.

Originality/value

This is the first systematic comprehensive review of risk homeostasis in the context of information security behaviour and readers of the paper will find new theories, guidelines and insights on risk homeostasis.

Keywords

Citation

Kearney, W.D. and Kruger, H.A. (2016), "Theorising on risk homeostasis in the context of information security behaviour", Information and Computer Security, Vol. 24 No. 5, pp. 496-513. https://doi.org/10.1108/ICS-04-2016-0029

Publisher

:

Emerald Group Publishing Limited

Copyright © 2016, Emerald Group Publishing Limited

Related articles