Organizational data breach: Building conscious care behavior in incident response

Document Type

Article

Publication Date

1-1-2022

Abstract

Organizational and end user data breaches are highly implicated by the role of information security conscious care behavior in respective incident responses. This research study draws upon the literature in the areas of informa-tion security, incident response, theory of planned behaviour, and protection moti-vation theory to expand and empirically validate a modified framework of information security conscious care behaviour formation. The applicability of the theoretical framework is shown through a case study labelled as a cyber-attack of unprecedented scale and sophistication in Singapore's history to-date, the 2018 SingHealth data breach. The single in-depth case study observed informa-tion security awareness, policy, experience, attitude, subjective norms, perceived behavioral control, threat appraisal and self-efficacy as emerging prominently in the framework's applicability in incident handling. The data analysis did not sup-port threat severity relationship with conscious care behaviour. The findings from the above-mentioned observations are presented as possible key drivers in the shaping information security conscious care behaviour in real-world cyber inci-dent management.

Keywords

End user computing, Organizational behavior, Incident response, Data breach, Computer emergency response team, Cyber-attack

Divisions

fsktm

Funders

[TURSP-2020/98]

Publication Title

Computer Systems Science and Engineering

Volume

40

Issue

2

Publisher

Tech Science Press

Publisher Location

871 CORONADO CENTER DR, SUTE 200, HENDERSON, NV 89052 USA

This document is currently not available here.

Share

COinS