Disobedience and Deviance: An Empirical Categorization of Insider Cybersecurity Behaviors

Abstract

Employees pose a significant threat to organizational cybersecurity. Researchers have called for increased examination of the traits and antecedents related to poor cybersecurity compliance. The current study contributes to efforts to understand these cyberdeviant behaviors by presenting latent profile analytic evidence supporting the existence of “types” or categories of various insider violations. In particular, four patterns of cybersecurity behaviors and five patterns of cyberloafing behaviors were observed. Covariate analyses were conducted in order to link behavioral profiles to both previously identified and unexamined personal and contextual antecedents, pointing to the influence of burnout and psychological contract violations upon employee willingness to adhere to recommended cybersecurity behaviors and engage in cyberloafing. Results from these analyses further enhance current theoretical understanding of the importance, thus facilitating the accumulation of cybersecurity research into impactful interventions for selection, deterrence, and education.