The Workplace Information Sensitivity Appraisal (WISA) scale
Human error in security plays a significant role in the majority of cyber-attacks on businesses. Security behaviours are impacted by numerous factors, including individual perceptions of information sensitivity. However, there is currently a lack of empirical measurement of information sensitivity a...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Elsevier
2022-12-01
|
Series: | Computers in Human Behavior Reports |
Subjects: | |
Online Access: | http://www.sciencedirect.com/science/article/pii/S2451958822000744 |
_version_ | 1811181956732289024 |
---|---|
author | John Blythe Richard Brown Lynne Coventry |
author_facet | John Blythe Richard Brown Lynne Coventry |
author_sort | John Blythe |
collection | DOAJ |
description | Human error in security plays a significant role in the majority of cyber-attacks on businesses. Security behaviours are impacted by numerous factors, including individual perceptions of information sensitivity. However, there is currently a lack of empirical measurement of information sensitivity and its role in determining security behaviours. This research presents a measure of information sensitivity appraisal that predicts security behaviour. We outline the design, development and validation of the Workplace Information Sensitivity Appraisal scale. The psychometric properties were assessed with data from an online sample of 326 employees in the UK. The scale comprises of five subscales: Privacy, Worth, Consequences, Low proximity interest by others and High proximity interest by others. The final 16-item WISA scale, alongside its five subscales, represents a comprehensive measure of information sensitivity appraisal in the workplace. The WISA scale has been found to have strong factorial validity, confirmed across eight information types, strong content validity, good criterion-related validity, adequate discriminant validity, and high internal reliability. This research utilised the WISA scale to explore sensitivity differences across eight information types: four concerning living individuals (Personal, Health, Financial & Lifestyle) and four organisationally-focused information types (IP, day to day, commercial & HR). Financial information was found to have the highest ratings for overall sensitivity followed by health and HR. Finally, scores for the WISA scale predicted a range of security behaviours including password usage, secure Wi-Fi usage, physical security and avoiding security risks. This demonstrates the potential role for information sensitivity appraisal as a determinant of security behaviours. |
first_indexed | 2024-04-11T09:24:20Z |
format | Article |
id | doaj.art-145456ae946f43ec9d9be76bd172902a |
institution | Directory Open Access Journal |
issn | 2451-9588 |
language | English |
last_indexed | 2024-04-11T09:24:20Z |
publishDate | 2022-12-01 |
publisher | Elsevier |
record_format | Article |
series | Computers in Human Behavior Reports |
spelling | doaj.art-145456ae946f43ec9d9be76bd172902a2022-12-22T04:32:03ZengElsevierComputers in Human Behavior Reports2451-95882022-12-018100240The Workplace Information Sensitivity Appraisal (WISA) scaleJohn Blythe0Richard Brown1Lynne Coventry2Immersive Labs, Bristol, United KingdomPsychology Department at Northumbria University, Newcastle, United Kingdom; Corresponding author. Department of Psychology, Northumberland Building, Northumbria University, Newcastle, NE1 8SG, United Kingdom.Immersive Labs, Bristol, United Kingdom; Psychology Department at Northumbria University, Newcastle, United Kingdom; Abertay cyberQuarter, Abertay University, Dundee, United KingdomHuman error in security plays a significant role in the majority of cyber-attacks on businesses. Security behaviours are impacted by numerous factors, including individual perceptions of information sensitivity. However, there is currently a lack of empirical measurement of information sensitivity and its role in determining security behaviours. This research presents a measure of information sensitivity appraisal that predicts security behaviour. We outline the design, development and validation of the Workplace Information Sensitivity Appraisal scale. The psychometric properties were assessed with data from an online sample of 326 employees in the UK. The scale comprises of five subscales: Privacy, Worth, Consequences, Low proximity interest by others and High proximity interest by others. The final 16-item WISA scale, alongside its five subscales, represents a comprehensive measure of information sensitivity appraisal in the workplace. The WISA scale has been found to have strong factorial validity, confirmed across eight information types, strong content validity, good criterion-related validity, adequate discriminant validity, and high internal reliability. This research utilised the WISA scale to explore sensitivity differences across eight information types: four concerning living individuals (Personal, Health, Financial & Lifestyle) and four organisationally-focused information types (IP, day to day, commercial & HR). Financial information was found to have the highest ratings for overall sensitivity followed by health and HR. Finally, scores for the WISA scale predicted a range of security behaviours including password usage, secure Wi-Fi usage, physical security and avoiding security risks. This demonstrates the potential role for information sensitivity appraisal as a determinant of security behaviours.http://www.sciencedirect.com/science/article/pii/S2451958822000744Cyber securityInformation sensitivityBehavior changeEmployee behaviorsInformation securityOrganizational security culture |
spellingShingle | John Blythe Richard Brown Lynne Coventry The Workplace Information Sensitivity Appraisal (WISA) scale Computers in Human Behavior Reports Cyber security Information sensitivity Behavior change Employee behaviors Information security Organizational security culture |
title | The Workplace Information Sensitivity Appraisal (WISA) scale |
title_full | The Workplace Information Sensitivity Appraisal (WISA) scale |
title_fullStr | The Workplace Information Sensitivity Appraisal (WISA) scale |
title_full_unstemmed | The Workplace Information Sensitivity Appraisal (WISA) scale |
title_short | The Workplace Information Sensitivity Appraisal (WISA) scale |
title_sort | workplace information sensitivity appraisal wisa scale |
topic | Cyber security Information sensitivity Behavior change Employee behaviors Information security Organizational security culture |
url | http://www.sciencedirect.com/science/article/pii/S2451958822000744 |
work_keys_str_mv | AT johnblythe theworkplaceinformationsensitivityappraisalwisascale AT richardbrown theworkplaceinformationsensitivityappraisalwisascale AT lynnecoventry theworkplaceinformationsensitivityappraisalwisascale AT johnblythe workplaceinformationsensitivityappraisalwisascale AT richardbrown workplaceinformationsensitivityappraisalwisascale AT lynnecoventry workplaceinformationsensitivityappraisalwisascale |