Advanced
search

To read this content please select one of the options below:

“SME executives’ perceptions and the information security preparedness model”

Kenneth Albert Saban (School of Business, Duquesne University, Pittsburgh, Pennsylvania, USA)
Stephen Rau (Accounting and Information Systems, Duquesne University, Pittsburgh, Pennsylvania, USA)
Charles A. Wood (Workforce Forecasting, Comcast Corp, West Chester, Pennsylvania, USA)

Information and Computer Security

ISSN: 2056-4961

Article publication date: 29 March 2021

Issue publication date: 3 August 2021

741

Abstract

Purpose

Information security has increasingly been in the headlines as data breaches continue to occur at alarming rates. This paper aims to propose an Information Security Preparedness Model that was developed to examine how SME executives’ perceptions of security importance, implementation challenges and external influences impact their awareness and commitment to security preparedness.

Design/methodology/approach

Funded by the Department of Justice, a national survey of SME executives’ perceptions of information security preparedness was conducted. Using PLS-SEM, the survey responses were used to test the proposed Information Security Preparedness Model.

Findings

The results indicate that as perceptions of security importance and external influences increase, SME executives’ awareness and commitment to information security also increases. In addition, as implementation challenges increase, awareness and commitment to information security decreases. Finally, as security importance and awareness and commitment to information security increases, executives’ perception of security preparedness also increases.

Research limitations/implications

Executive perceptions of information security were measured and not the actual level of security. Further research that examines the agreement between executive perceptions and the true state of information security within the organization is warranted.

Originality/value

Prior information security studies using Roger’s (1975, 1983) Protection Motivation Theory have produced mixed results. This paper develops and tests the Information Security Preparedness Model to more fully explain SME executive’s perceptions of information security.

Keywords

Acknowledgements

This project was supported by Grant No. 2008-DD-BX-0609 awarded by the Bureau of Justice Assistance. The Bureau of Justice Assistance is a component of the US Department of Justice's Office of Justice Programs, which also includes the Bureau of Justice Statistics, the National Institute of Justice, the Office of Juvenile Justice and Delinquency Prevention, the Office for Victims of Crime, and the SMART Office. Points of view or opinions in this document are those of the author and do not necessarily represent the official position or policies of the US Department of Justice.

The authors are grateful for the financial support received from US Department of Justice.

Citation

Saban, K.A., Rau, S. and Wood, C.A. (2021), "“SME executives’ perceptions and the information security preparedness model”", Information and Computer Security, Vol. 29 No. 2, pp. 263-282. https://doi.org/10.1108/ICS-01-2020-0014

Publisher

:

Emerald Publishing Limited

Copyright © 2021, Emerald Publishing Limited

Related articles

Manage cookies

All feedback is valuable

Please share your general feedback

Report an issue or find answers to frequently asked questions

Contact Customer Support