Access the full text.
Sign up today, get DeepDyve free for 14 days.
Loading next page...
/lp/emerald-publishing/perception-deception-security-risks-created-by-optimistic-perceptions-ES1hJRj36I
References (78)
-
高橋 進 (1995)
サイアート, マーチの「A Behavioral Theory of the Firm」 -
P. Slovic (1987)
Perception of risk.Science, 236 4799
-
P. Bromiley, K. Euske (1986)
THE USE OF RATIONAL SYSTEMS IN BOUNDED RATIONALITY ORGANIZATIONS: A DILEMMA FOR FINANCIAL MANAGERSFinancial Accountability and Management, 2
-
10.1016/j.geb.2011.11.004
-
K. Daniels (2003)
Asking a Straightforward Question: Managers' Perceptions and Managers' EmotionsBritish Journal of Management, 14
-
10.1111/j.1468-0408.1986.tb00042.x
-
R. Taylor (2015)
Potential Problems with Information Security Risk AssessmentsInformation Security Journal: A Global Perspective, 24
-
J. Brice, M. Nelson, N. Gunby (2011)
THE GOVERNANCE OF TELECOMMUTERS: AN AGENCY AND TRANSACTION COST ANALYSISAcademy of Strategic Management Journal, 10
-
10.1007/978-1-4899-0445-4_9
-
L. Vassie, P. Slovic, Baruch Fischhoff, S. Lichtenstein (2005)
Facts and Fears: Understanding Perceived RiskPolicy and Practice in Health and Safety, 3
-
Kevin Taylor, J. Shepperd (1998)
Bracing for the Worst: Severity, Testing, and Feedback Timing as Moderators of the Optimistic BiasPersonality and Social Psychology Bulletin, 24
-
D. Straub, R. Welke (1998)
Coping With Systems Risk: Security Planning Models for Management Decision MakingMIS Q., 22
-
N. Weinstein (1980)
Unrealistic optimism about future life eventsJournal of Personality and Social Psychology, 39
-
Cynthia Klein, M. Helweg-Larsen (2002)
Perceived Control and the Optimistic Bias: A Meta-Analytic ReviewPsychology & Health, 17
-
K. Eisenhardt (1988)
Agency- and Institutional-Theory Explanations: The Case of Retail Sales CompensationAcademy of Management Journal, 31
-
David Rosenthal (2002)
Intrusion Detection Technology: Leveraging the Organization's Security PostureInformation Systems Management, 19
-
Tamás Vasvári (2015)
Risk, Risk Perception, Risk Management – a Review of the LiteraturePublic Finance Quarterly, 60
-
Stephen Whitlock (1998)
Internet Security -
James Jones (1993)
The Continuing Significance of Race.Psyccritiques, 38
-
Nathanael Fast, Niro Sivanathan, Nicole Mayer, A. Galinsky (2012)
Power and overconfident decision-makingOrganizational Behavior and Human Decision Processes, 117
-
Matthew Billett, Yiming Qian (2007)
Are Overconfident CEOS Born or Made? Evidence of Self-Attribution Bias from Frequent AcquirersERN: Governance & Ownership (Topic)
-
Nber mbaker (2005)
Behavioral Corporate Finance : A Survey -
O. Svenson (1981)
ARE WE ALL LESS RISKY AND MORE SKILLFUL THAN OUR FELLOW DRIVERSActa Psychologica, 47
-
P. Nystrom, W. Starbuck (1984)
To Avoid Organizational Crises, UnlearnOrganizations & Markets: Policies & Processes eJournal
-
M. Frolick (2003)
A New Webmaster's Guide to Firewalls and SecurityInformation Systems Management, 20
-
D. Kahneman (2003)
Maps of Bounded Rationality: Psychology for Behavioral EconomicsThe American Economic Review, 93
-
G. Dhillon, Steve Moores (2001)
Refereed papers: Computer crimes: theorizing about the enemy withinComputers & Security, 20
-
A. Bandura (1985)
Social Foundations of Thought and Action: A Social Cognitive Theory -
R. Taylor (2006)
Management Perception of Unintentional Information Security Risks -
Andrew Zacharakis, D. Shepherd (2001)
The nature of information and overconfidence on venture capitalists' decision makingJournal of Business Venturing, 16
-
P. Barr, J. Stimpert, A. Huff (1993)
Cognitive change, strategic action and organizational renewalLong Range Planning, 26
-
P. Koellinger, M. Minniti, C. Schade (2007)
"I Think I Can, I Think I Can": Overconfidence and Entrepreneurial BehaviorJournal of Economic Psychology, 28
-
E. Langer, J. Roth (1975)
Heads I win, tails it's chance: The illusion of control as a function of the sequence of outcomes in a purely chance task.Journal of Personality and Social Psychology, 32
-
J. Atkinson, N. Feather (1966)
A theory of achievement motivation -
E. Johnsen (1964)
Richard M. Cyert & James G. March, A Behavioral Theory of The Firm, Prentice-Hall, Inc., Englewood Cliffs, New Jersey, 1963, 332 s.Ledelse and Erhvervsøkonomi, 28
-
JeongWook Son, Eddy Rojas (2011)
Impact of Optimism Bias Regarding Organizational Dynamics on Project Planning and ControlJournal of Construction Engineering and Management-asce, 137
-
Kim Buch, David Wetzel (2001)
Analyzing and realigning organizational cultureLeadership & Organization Development Journal, 22
-
L. Bourgeois (1985)
STRATEGIC GOALS, PERCEIVED UNCERTAINTY, AND ECONOMIC PERFORMANCE IN VOLATILE ENVIRONMENTSAcademy of Management Journal, 28
-
10.2307/2095676
-
Anat Bracha, Donald Brown (2010)
Affective Decision-Making: A Theory of Optimism-BiasCognitive Social Science eJournal
-
John Mezias, W. Starbuck (2003)
Studying the Accuracy of Managers' Perceptions: A Research OdysseyBritish Journal of Management, 14
-
R. Yin (1993)
Applications of case study research -
Frances Chua, R. Job (1999)
Event-Specific Versus Unitary Causal Accounts of Optimism BiasJournal of Behavioral Medicine, 22
-
10.1145/286238.286251
-
L. Perloff, B. Fetzer (1986)
Self–other judgments and perceived vulnerability to victimization.Journal of Personality and Social Psychology, 50
-
I. Benbasat, D. Goldstein, Melissa Mead (1987)
The Case Research Strategy in Studies of Information SystemsMIS Q., 11
-
M. Whitman (2003)
Enemy at the gate: threats to information securityCommun. ACM, 46
-
W. Starbuck (2014)
Strategizing in the real worldInternational Journal of Technology Management
-
Carolyn Youssef, F. Luthans (2007)
Positive Organizational Behavior in the WorkplaceJournal of Management, 33
-
J. Tudorhart (1961)
On the nature of prejudice.The Eugenics review, 53 2
-
P. Slovic, H. Kunreuther, G. White (1974)
Decision processes, rationality and adjustment to natural hazards -
P. Barr, A. Huff (1997)
Seeing isn’t Believing: Understanding Diversity in the Timing of Strategic ResponseJournal of Management Studies, 34
-
(1992)
M.,&Palmer. L -
H. Simon (1956)
Rational choice and the structure of the environment.Psychological review, 63 2
-
T. Bonoma (1985)
Case Research in Marketing: Opportunities, Problems, and a ProcessJournal of Marketing Research, 22
-
H. Krieken (2016)
New developments in the pathology of malignant lymphoma. A review of the literature published from September 2015–December 2015Journal of Hematopathology, 9
-
G. Dhillon, J. Backhouse (2001)
Current directions in IS security research: towards socio‐organizational perspectivesInformation Systems Journal, 11
-
B. Boyd, Gregory Dess, A. Rasheed (1993)
Divergence between Archival and Perceptual Measures of the Environment: Causes and ConsequencesAcademy of Management Review, 18
-
G. Dhillon (2001)
Refereed Papers: Violation of Safeguards by Trusted Personnel and Understanding Related Information Security ConcernsComputers & Security, 20
-
10.2307/256457
-
(1995)
“ The effects of optimism bias and fear on protective behavior ” -
M. Siegrist, G. Cvetkovich (2000)
Perception of Hazards: The Role of Social Trust and KnowledgeRisk Analysis, 20
-
Steven Heine, D. Lehman (1995)
Cultural variation in unrealistic optimism: Does the West feel more vulnerable than the East?Journal of Personality and Social Psychology, 68
-
10.1207/S15327957PSPR0501_5
-
W. Starbuck, John Mezias (1996)
Opening Pandora's Box: Studying the Accuracy of Managers' PerceptionsEconometrics: Data Collection & Data Estimation Methodology eJournal
-
10.1002/smj.4250131004
-
T. Miller, L. Bell (2012)
Consenting to what? Issues of access, gatekeeping and ‘informed’ consent -
P. Lindsay, D. Norman (1972)
Human Information Processing: An Introduction to Psychology -
10.1016/B978-0-12-450960-3.50010-5
-
M. Helweg-Larsen (1999)
(The Lack of) Optimistic Biases in Response to the 1994 Northridge Earthquake: The Role of Personal ExperienceBasic and Applied Social Psychology, 21
-
F. McKenna (1993)
It won't happen to me: Unrealistic optimism or illusion of control?British Journal of Psychology, 84
-
A. Cavaye (1996)
Case study research: a multi‐faceted research approach for ISInformation Systems Journal, 6
-
A. Giddens (1990)
The consequences of modernity -
10.1016/0090-2616(84)90011-1
-
R. Taylor, J. Brice (2012)
Fact or Fiction? a Study of Managerial Perceptions Applied to an Analysis of Organizational Security RiskJournal of Organizational Culture, Communications and Conflict, 16
-
R. Taylor (2008)
The Social Side of Security -
J. Burger, Michele Palmer (1992)
Changes in and Generalization of Unrealistic Optimism Following Experiences with Stressful Events: Reactions to the 1989 California EarthquakePersonality and Social Psychology Bulletin, 18
-
10.2307/256113
- Publisher
- Emerald Publishing
- Copyright
- Copyright © Emerald Group Publishing Limited
- ISSN
- 1328-7265
- DOI
- 10.1108/JSIT-07-2015-0062
- Publisher site
- See Article on Publisher Site
Abstract
Purpose – The purpose of the paper is to determine whether management’s optimistic perceptions of their organization’s level of information security preparedness can ultimately result in increased information security risks. Design/methodology/approach – A case study was conducted in a financial institution. In all, 24 employees were interviewed. These employees came from all functional areas and various positions, from tellers to executives. Interviews were conducted, internal policies and examiners’ reports were made available and access was given to observe the employees during working hours and to observe the facilities after hours. Findings – Executives were overly optimistic about the level of information security at their organization. These optimistic perceptions guided security priorities; however, the findings show that their perceptions were misguided leaving their organization open to increased security threats. More specifically, the results show that optimist perceptions by management can put an organization’s information at risk. Originality/value – The paper uses existing theory and evaluates it in a “real-world” setting. For security research, it can be difficult to get honest responses from questionnaires; however, the hands-on approach provided a deeper insight to the problem of optimistic perceptions in an organizational setting. For practitioners, the case can raise managements’ awareness of perceptional inaccuracies, resulting in more informed information security decisions and ultimately improved security for their organization.
Journal
Journal of Systems and Information Technology – Emerald Publishing
Published: Mar 14, 2016