An Empirical Examination of Employee Information Security Advice Sharing

In today's business world, information security is a top strategic issue. The security issues faced by organizations are complex and addressing them can be expensive. Key findings from previous research suggest that informal methods of enhancing employees' security awareness are effective and inexpensive. This study builds on previous research and introduces seven hypotheses related to informal security advice sharing in organizations. The model was tested on 334 currently employed technology-using professionals in security conscious organizations. The results indicated that employees' attitudes, perception of security climate, and perceptions about accountability affected their sharing of security advice. Their desire to earn a reputation was more pronounced with high self-efficacy. The direct association of desire to earn reputation and self-efficacy toward security advice sharing was not supported by data. These findings suggest that higher self-efficacy employees motivated to earn a reputation will likely facilitate the information security advice sharing process in a workplace.