What influences employees to follow security policies?

Research output: Contribution to journalArticlepeer-review

5 Citations (Scopus)


Data and information play a critical role in cyber security policies in organizations, so it is essential to protect them. Companies invest in the latest and most secured softwares, and specialized IT employees to protect the firm's data and information. Nevertheless, there are still incidents and huge losses of information because of the careless behaviour of the employees. Companies continue to spend considerable sums on security and yet remain in danger of attacks. By combining the value of congruence model (VC), the theory of planned behaviour model (TPB), and security conscious care behaviour we show that security behaviour can be influenced through effortless and low-cost measures that are a very advantageous solution for companies to protect their assets. With a sample of 193 respondents we demonstrate that companies need only to keep their employees motivated, happy, and satisfied in order to encourage them to adhere to the cyber security policies already in place. We show that information security awareness moderates the relationship between subjective norms and behaviour intention, and that job satisfaction moderates the relationship between behaviour intention and security behaviour. We show practical and theoretical implications based on our conclusions.

Original languageEnglish
Article number105595
Pages (from-to)1-10
Number of pages10
JournalSafety Science
Issue numberMarch
Early online date22 Nov 2021
Publication statusPublished - 1 Mar 2022


  • Data Security Behaviour
  • Employees
  • Job Satisfaction
  • Theory of Planned Behaviour
  • Value of Congruence


Dive into the research topics of 'What influences employees to follow security policies?'. Together they form a unique fingerprint.

Cite this