Mississippi State University
Otondo, Robert F.
Date of Degree
Dissertation - Campus Access Only
Business Administration – Business Information Systems
Doctor of Philosophy (Ph.D)
College of Business
Department of Management and Information Systems
Employees’ information security policy (ISP) related behaviors have been paid attention by previous studies in the past decades. Among different factors that are influential on employees’ ISP behaviors, different leadership styles have been tested under the information security context; however, as one leadership style that is highly related to employees’ positive organization behaviors, the role of ethical leadership has been largely overlooked under the information security context. In addition, most research in the past decades overly focused on employees’ performance on ISP in-role behaviors, including ISP compliance and violation behaviors, where extra-role behaviors – security behaviors that are beneficial to an organization’s information security protection but not required by the organization – have long been overlooked as well. Therefore, this primary focus of this research is to test the role of ethical leadership in influencing employees’ ISP-related behaviors, including both in-role and extra-role behaviors through the mediation mechanism of the theory of planned behavior.
To test the 11 hypotheses in this research model, I conducted two studies using different methods following McGrath (1982)’s suggestion, including a survey-based experiment and a cross-sectional survey. Both studies were conducted using a two-phase study design, including a preliminary investigation and main investigation. The findings of this research showed positive influences of ethical leadership on both ISP in-role and extra-role behaviors directly and indirectly through three mediators, including subjective norm about security behavior, behavioral control over security behavior, and attitude toward security behavior. Furthermore, the findings suggested attitude toward security behavior did not significantly influence ISP extra-role behavior. This research contributed to research streams of information security, ethical leadership, and theory of planned behavior, and provided managerial suggestions to organizations by showing how the ethical leadership influences employees’ two information security behaviors and the paths of improving employees’ information security performances in the organization.
Xue, Botong, "The critical role of ethical leadership in employees’ information security behaviors: A two-study approach" (2022). Theses and Dissertations. 5496.