Unpacking security policy compliance: The motivators and barriers of employees’ security behaviors

John Blythe, Lynne Coventry, Linda Little

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

20 Downloads (Pure)


The body of research that focuses on employees’ information Security Policy compliance is problematic as it treats compliance as a single behavior. This study explored the underlying behavioral context of information security in the workplace, exploring how individual and organizational factors influence the interplay of the motivations and barriers of security behaviors. Investigating factors that had previously been explored in security research, 20 employees from two organizations were interviewed and the data was analyzed using framework analysis. The analysis indicated that there were seven themes pertinent to information security: Response Evaluation, Threat Evaluation, Knowledge, Experience, Security Responsibility, Personal and Work Boundaries, and Security Behavior. The findings suggest that these differ by security behavior and by the nature of the behavior (e.g. on- and offline). Conclusions are discussed highlighting barriers to security actions and implications for future research and workplace practice.
Original languageEnglish
Title of host publicationEleventh Symposium On Usable Privacy and Security (SOUPS 2015)
Place of PublicationBerkeley
PublisherUSENIX Association
ISBN (Print)978-1-931971-249
Publication statusPublished - 22 Jul 2015


Dive into the research topics of 'Unpacking security policy compliance: The motivators and barriers of employees’ security behaviors'. Together they form a unique fingerprint.

Cite this