Theses and Dissertations
ORCID
0000-0001-9610-3001
Issuing Body
Mississippi State University
Advisor
Warkentin, Merrill
Committee Member
Marett, Kent
Committee Member
Otondo, Robert F.
Committee Member
Collier, Joel
Committee Member
Nehme, Alaa
Date of Degree
5-15-2022
Document Type
Dissertation - Open Access
Major
Business Administration – Business Information Systems
Degree Name
Doctor of Philosophy (Ph.D)
College
College of Business
Department
Department of Management and Information Systems
Abstract
Employees’ information security policy (ISP) related behaviors have been paid attention by previous studies in the past decades. Among different factors that are influential on employees’ ISP behaviors, different leadership styles have been tested under the information security context; however, as one leadership style that is highly related to employees’ positive organization behaviors, the role of ethical leadership has been largely overlooked under the information security context. In addition, most research in the past decades overly focused on employees’ performance on ISP in-role behaviors, including ISP compliance and violation behaviors, where extra-role behaviors – security behaviors that are beneficial to an organization’s information security protection but not required by the organization – have long been overlooked as well. Therefore, this primary focus of this research is to test the role of ethical leadership in influencing employees’ ISP-related behaviors, including both in-role and extra-role behaviors through the mediation mechanism of the theory of planned behavior.
To test the 11 hypotheses in this research model, I conducted two studies using different methods following McGrath (1982)’s suggestion, including a survey-based experiment and a cross-sectional survey. Both studies were conducted using a two-phase study design, including a preliminary investigation and main investigation. The findings of this research showed positive influences of ethical leadership on both ISP in-role and extra-role behaviors directly and indirectly through three mediators, including subjective norm about security behavior, behavioral control over security behavior, and attitude toward security behavior. Furthermore, the findings suggested attitude toward security behavior did not significantly influence ISP extra-role behavior. This research contributed to research streams of information security, ethical leadership, and theory of planned behavior, and provided managerial suggestions to organizations by showing how the ethical leadership influences employees’ two information security behaviors and the paths of improving employees’ information security performances in the organization.
Recommended Citation
Xue, Botong, "The critical role of ethical leadership in employees’ information security behaviors: A two-study approach" (2022). Theses and Dissertations. 5496.
https://scholarsjunction.msstate.edu/td/5496