Hyeun-Suk Rhee, Cheongtag Kim, and Young U Ryu. Self-efficacy in information security: Its influence on end users' information security practice behavior. Computers & Security, 28(8):816–826, 2009. doi:10.1016/j.cose.2009.05.008.
@article{rhee_selfefficacy_2009,
abstract = {The ultimate success of information security depends on appropriate information security practice behaviors by the end users. Based on social cognitive theory, this study models and tests relationships among self-efficacy in information security, security practice behavior and motivation to strengthen security efforts. This study also explores antecedents to individuals' self-efficacy beliefs in information security. Results provide support for the many hypothesized relationships. This study provides an initial step toward understanding of the applicability of social cognitive theory in a new domain of information security. The results suggest that simply listing what not to do and penalties associated with a wrong doing in the users' information security policy alone will have a limited impact on effective implementation of security measures. The findings may help information security professionals design security awareness programs that more effectively increase the self-efficacy in information security.},
author = {Rhee, Hyeun-Suk and Kim, Cheongtag and Ryu, Young U},
doi = {10.1016/j.cose.2009.05.008},
issn = {0167-4048},
journal = {Computers \& Security},
number = {8},
pages = {816--826},
shorttitle = {Self-Efficacy in Information Security},
title = {Self-Efficacy in Information Security: {{Its}} Influence on End Users' Information Security Practice Behavior},
volume = {28},
year = {2009}
}