Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths
Purpose – A growing number of studies have investigated the effect of ethical leadership on behavioral outcome of employees. However, considering the important role of ethics in IS security, the security literature lacks a theoretical and empirical investigation of the relationship between ethical l...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Emerald Publishing
2021-10-01
|
| Series: | Organizational Cybersecurity Journal |
| Subjects: | |
| Online Access: | https://www.emerald.com/insight/content/doi/10.1108/OCJ-02-2021-0002/full/pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850201196569034752 |
|---|---|
| author | Botong Xue Feng Xu Xin Luo Merrill Warkentin |
| author_facet | Botong Xue Feng Xu Xin Luo Merrill Warkentin |
| author_sort | Botong Xue |
| collection | DOAJ |
| description | Purpose – A growing number of studies have investigated the effect of ethical leadership on behavioral outcome of employees. However, considering the important role of ethics in IS security, the security literature lacks a theoretical and empirical investigation of the relationship between ethical leadership and employees' security behavior, such as information security policy (ISP) violation. Drawing on social learning and social exchange theories, this paper empirically tests the impact of ethical leadership on employees' ISP violation intention through both information security climate (i.e. from a moral manager's perspective) and affective commitment (i.e. from a moral person's perspective). Design/methodology/approach – The research was developed based on social learning theory and social exchange theory. To measure the variables in the model, the authors used and adapted measurement items from previous studies. The authors conducted a scenario-based survey with 339 valid responses to test and validate the research model. Findings – Results indicated that information security climate fully mediates the relationship between ethical leadership and ISP violation intention. The authors also found that information security climate enhances the negative effect of affective commitment on ISP violation intention. Originality/value – This research contributes to the literature of information security by introducing the role of ethical leadership and integrating two theories into our research model. This study also calls attention to how information security climate and affective commitment mediate the relationship between ethical leadership and employees' ISP violation intention. The theory-driven study provides important pragmatic guidance for enhancing the understanding of the importance of ethical leadership in information systems security research. |
| format | Article |
| id | doaj-art-c74a6a40920d457b8b4fec7b5af4514f |
| institution | OA Journals |
| issn | 2635-0270 2635-0289 |
| language | English |
| publishDate | 2021-10-01 |
| publisher | Emerald Publishing |
| record_format | Article |
| series | Organizational Cybersecurity Journal |
| spelling | doaj-art-c74a6a40920d457b8b4fec7b5af4514f2025-08-20T02:12:06ZengEmerald PublishingOrganizational Cybersecurity Journal2635-02702635-02892021-10-011152310.1108/OCJ-02-2021-0002Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation pathsBotong Xue0Feng Xu1Xin Luo2Merrill Warkentin3Mississippi State University, Mississippi State, Mississippi, USAMississippi State University, Mississippi State, Mississippi, USAThe University of New Mexico, Albuquerque, New Mexico, USAMississippi State University, Mississippi State, Mississippi, USAPurpose – A growing number of studies have investigated the effect of ethical leadership on behavioral outcome of employees. However, considering the important role of ethics in IS security, the security literature lacks a theoretical and empirical investigation of the relationship between ethical leadership and employees' security behavior, such as information security policy (ISP) violation. Drawing on social learning and social exchange theories, this paper empirically tests the impact of ethical leadership on employees' ISP violation intention through both information security climate (i.e. from a moral manager's perspective) and affective commitment (i.e. from a moral person's perspective). Design/methodology/approach – The research was developed based on social learning theory and social exchange theory. To measure the variables in the model, the authors used and adapted measurement items from previous studies. The authors conducted a scenario-based survey with 339 valid responses to test and validate the research model. Findings – Results indicated that information security climate fully mediates the relationship between ethical leadership and ISP violation intention. The authors also found that information security climate enhances the negative effect of affective commitment on ISP violation intention. Originality/value – This research contributes to the literature of information security by introducing the role of ethical leadership and integrating two theories into our research model. This study also calls attention to how information security climate and affective commitment mediate the relationship between ethical leadership and employees' ISP violation intention. The theory-driven study provides important pragmatic guidance for enhancing the understanding of the importance of ethical leadership in information systems security research.https://www.emerald.com/insight/content/doi/10.1108/OCJ-02-2021-0002/full/pdfEthical leadershipISP violation intentionInformation security climateAffective commitmentInsider threat |
| spellingShingle | Botong Xue Feng Xu Xin Luo Merrill Warkentin Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths Organizational Cybersecurity Journal Ethical leadership ISP violation intention Information security climate Affective commitment Insider threat |
| title | Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths |
| title_full | Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths |
| title_fullStr | Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths |
| title_full_unstemmed | Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths |
| title_short | Ethical leadership and employee information security policy (ISP) violation: exploring dual-mediation paths |
| title_sort | ethical leadership and employee information security policy isp violation exploring dual mediation paths |
| topic | Ethical leadership ISP violation intention Information security climate Affective commitment Insider threat |
| url | https://www.emerald.com/insight/content/doi/10.1108/OCJ-02-2021-0002/full/pdf |
| work_keys_str_mv | AT botongxue ethicalleadershipandemployeeinformationsecuritypolicyispviolationexploringdualmediationpaths AT fengxu ethicalleadershipandemployeeinformationsecuritypolicyispviolationexploringdualmediationpaths AT xinluo ethicalleadershipandemployeeinformationsecuritypolicyispviolationexploringdualmediationpaths AT merrillwarkentin ethicalleadershipandemployeeinformationsecuritypolicyispviolationexploringdualmediationpaths |