To Calculate or To Follow Others: How Do Information Security Managers Make Investment Decisions? Shao, Xiuyan Siponen, Mikko Pahnila, Seppo 2019-01-03T00:31:49Z 2019-01-03T00:31:49Z 2019-01-08
dc.description.abstract Economic models of information security investment suggest estimating cost and benefit to make an information security investment decision. However, the intangible nature of information security investment prevents managers from applying cost- benefit analysis in practice. Instead, information security managers may follow experts’ recommendations or the practices of other organizations. The present paper examines factors that influence information security managers’ investment decisions from the reputational herding perspective. The study was conducted using survey questionnaire data collected from 106 organizations in Finland. The findings of the study reveal that the ability and reputation of the security manager and the strength of the information about the security investment significantly motivate the security manager to discount his or her own information. Herding, as a following strategy, together with mandatory requirements are significant motivations for information security investment.
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2019.588
dc.identifier.isbn 978-0-9981331-2-6
dc.language.iso eng
dc.relation.ispartof Proceedings of the 52nd Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.subject Innovative Behavioral IS Security and Privacy Research
dc.subject Internet and the Digital Economy
dc.subject Decision-making; Herding strategy; Information security investment
dc.title To Calculate or To Follow Others: How Do Information Security Managers Make Investment Decisions?
dc.type Conference Paper
dc.type.dcmi Text
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
482.21 KB
Adobe Portable Document Format