Praise and prize for paper on employee’s violation of security policy

Published: 2019-10-23

Congratulations Miranda Kajtazi for receiving a best paper award from the publisher Emerald, titled “Outstanding Paper in the 2019 Emerald Literati Awards”.

Miranda Kajtazi and her co-authors are awarded for their research on escalation of commitment – as a condition that can influence employee’s violation of security policy.

Your paper 'Escalation of Commitment as an Antecedent to Noncompliance with Information Security Policy' has been dubbed “Outstanding Paper in the 2019” by the Emerald Literati Awards. Emerald writes that is was one “of the most exceptional pieces of work the team has seen throughout 2018”. How does that feel, to have your paper being called “exceptional”?

“The approach we took in this paper was not easy, as we went the ‘road less travelled’. Daring to think differently is quite a risky business in science indeed. We looked at a specific theoretical lens – that of escalation of commitment – as a condition that can influence employee’s violation of security policy at an organisational context. The theory has not been applied in this context before, hence it was a daring task for us to hypothesise on security violation in a work context. I believe this is the main reason why our paper is called exceptional.”

In short, what is your paper about?
“The issue of violating security policies in organisations is at the top of the agenda of any organisation nowadays. Finding ways how to alleviate such an issue would be ground-breaking in terms of advancing safety of data in an organisational context. We therefore try to understand why violation occurs in the first place, and considered that an economic perspective (e.g. time, efforts and money spent) coupled with the psychological perspective (such as self-image) would turn around the discussion on this issue.”

What are you working on now?
“Currently, we are working on understanding how certain personality traits of employees are more prone to violation or compliance. We are looking at guilt and shame proneness as two different personality traits that would influence the decision of an employee to commit to compliance or the opposite. We are also looking into the development of new regulations that have recently taken the world by storm, GDPR and the California Act in particular. Such regulations have the potential to transform how organisations place attention on security thinking in their workplace, influencing their employees to be more positive to their policies.”

“In parallel to this, we also aim to analyse the 'Zuckerberg files'. It is no surprise that Facebook’s development over the years has taken security and privacy perspectives seriously, in particular when such regulations are taking place.”
 
Miranda Kajtazi plans to attend the conference ICIS in Munich this year, to receive the award and join related activities.

The article: Escalation of Commitment as an Antecedent to Noncompliance with Information Security Policy, published in Information and Computer Security.