ABSTRACT

Small and medium-sized enterprises (SMEs) make up a large percentage of businesses; they employ over 50% of all employees, and account for most partnerships in supply chain networks. This makes SME employees a target for cybercriminals. This study examines the factors that influence the security behaviour intention of SME employees to better understand how SMEs can manage cybersecurity risk caused by employee security behaviour. In a survey of 294 employees, the research model developed from the theory of planned behaviour and protection motivation theory, including the habit and hardiness personality trait, is empirically validated to understand employee security behaviour intention. The results of the study show that hardiness and habit have a significant effect on employee security behaviour intention. The findings contribute to the literature on personality traits and habit in the context of information security behaviour. The study's implications for research and practice are also discussed.

摘要

中小企业（SME）占企业的很大比例；他们雇用了超过 50% 的员工，并在供应链网络中占据了大多数合作伙伴。这使中小企业员工成为网络犯罪分子的目标。本研究考察了影响中小企业员工安全行为意愿的因素，以更好地了解中小企业如何管理员工安全行为引起的网络安全风险。在对 294 名员工的调查中，从计划行为理论和保护动机理论发展而来的研究模型，包括习惯和耐寒人格特质，在理解员工安全行为意图方面得到了实证验证。研究结果表明，坚韧和习惯对员工安全行为意向有显着影响。这些发现有助于信息安全行为背景下有关人格特征和习惯的文献。还讨论了该研究对研究和实践的影响。