참고문헌
- IDC. (2016). Worldwide Semiannual Security Spending Guide, 2016.
- J. Do & J. Kim. (2014). A study on critical success factors for enterprise security collaboration. Journal of Digital Convergence, 12(10), 235-242. https://doi.org/10.14400/JDC.2014.12.10.235
- I. Hwang & O. Cha. (2018). Examining technostress creators and role stress as potential threats to employees' information security compliance. Computers in Human Behavior, 81, 282-293. https://doi.org/10.1016/j.chb.2017.12.022
- B. Bulgurcu, H. Cavusoglu & I. Benbasat. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523-548. https://doi.org/10.2307/25750690
- A. Vance, M. Siponen & S. Pahnila. (2012). Motivating IS security compliance: Insights from habit and protection motivation theory. Information & Management, 49(3), 190-198. https://doi.org/10.1016/j.im.2012.04.002
- I. Hwang, D. Kim, T. Kim & S. Kim. (2017). Why not comply with information security? An empirical approach for the causes of non-compliance. Online Information Review, 41(1), 1-17.
- S. R. Boss, D. F. Galletta, P. B. Lowry, G. D. Moody & P. Polak. (2015). What do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly, 34(3), 523-548.
- D. Kim, I. Hwang & J. Kim. (2016). A study on employee's compliance behavior towards information security policy: A modified triandis model. Journal of Digital Convergence, 14(4), 209-220. https://doi.org/10.14400/JDC.2016.14.4.209
- C. Park & M. Yim. (2012). An understanding of impact of security countermeasures on persistent policy compliance. Journal of Digital Convergence, 10(4), 23-35. https://doi.org/10.14400/JDPM.2012.10.4.023
- Y. Chen, K. Ramamurthy & K. W. Wen. (2012). Organizations' information security policy compliance: Stick or carrot approach?. Journal of Management Information Systems, 29(3), 157-188. https://doi.org/10.2753/MIS0742-1222290305
- J. D'Arcy, A. Hovav & D. Galletta. (2009). User awareness of security countermeasures and its impact on information systems misuse: A deterrence approach. Information Systems Research, 20(1), 79-98. https://doi.org/10.1287/isre.1070.0160
- Q. Hu, Z. Xu, T. Dinev & H. Ling. (2011). Does deterrence work in reducing information security policy abuse by employees?. Communications of the ACM, 54(6), 54-60. https://doi.org/10.1145/1953122.1953142
- K. H. Guo & Y. Yuan. (2012). The effects of multilevel sanctions on information security violations: A mediating model. Information & Management, 49(6), 320-326. https://doi.org/10.1016/j.im.2012.08.001
- T. Herath & H. R. Rao. (2009). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154-165. https://doi.org/10.1016/j.dss.2009.02.005
- J. Y. Son. (2011). Out of fear or desire? Toward a better understanding of employees' motivation to follow IS security policies. Information & Management, 48(7), 296-302. https://doi.org/10.1016/j.im.2011.07.002
- A. B. Ruighaver, S. B. Maynard & S. Chang. (2007). Organizational security culture: extending the end-user perspective. Computers & Security, 26(1), 56-62. https://doi.org/10.1016/j.cose.2006.10.008
- J. A. Colquitt. (2001). On the dimensionality of organizational justice: A construct validation of a measure. Journal of Applied Psychology, 86(3), 386-400. https://doi.org/10.1037/0021-9010.86.3.386
- Y. Zhang, J. A. LePine, B. R. Buckman & F. Wei. (2014). It's not fair… or is it? The role of justice and leadership in explaining work stressor-job performance relationships. Academy of Management Journal, 57(3), 675-697. https://doi.org/10.5465/amj.2011.1110
- R. West. (2008). The psychology of security. Communications of the ACM, 51(4), 34-40. https://doi.org/10.1145/1330311.1330320
- K. D. Loch, H. H. Carr & M. E. Warkentin. (1992). Threats to information systems: today's reality. yesterday's understanding, MIS Quarterly, 16(2), 173-186. https://doi.org/10.2307/249574
- Verizon. (2016). 2016 Data Breach Investigations Report.
- M. Siponen, S. Pahnila & M. A. Mahmood. (2010). Compliance with information security policies: An empirical investigation. Computer, 43(2), 64-71. https://doi.org/10.1109/MC.2010.35
- T. Jeong, M. Yim & J. Lee. (2012). A development of comprehensive framework for continuous information security. Journal of Digital Convergence, 10(2), 1-10. https://doi.org/10.14400/JDPM.2012.10.2.001
- J. Han & Y. Kim. (2015). Investigating of psychological factors affecting information security compliance intention: Convergent approach to information security and organizational citizenship behavior. Journal of Digital Convergence, 13(8), 133-144. https://doi.org/10.14400/JDC.2015.13.8.133
- M. Yim. (2012). A path way to increase the intention to comply with information security policy of employees. Journal of Digital Convergence, 10(10), 119-128. https://doi.org/10.14400/JDPM.2012.10.10.119
- I. Hwang & Y. Lee. (2016). The employee's information security policy compliance intention: Theory of planned behavior, goal setting theory, and deterrence theory applied. Journal of Digital Convergence, 14(7), 155-166. https://doi.org/10.14400/JDC.2016.14.7.155
- I. Ajzen. (1991). The theory of planned behavior. Organizational Behavior and Human Decision Processes, 50(2), 179-211. https://doi.org/10.1016/0749-5978(91)90020-T
- J. Cox. (2012). Information systems user security: A structured model of the knowing-doing gap. Computers in Human Behavior, 28(5), 1849-1858. https://doi.org/10.1016/j.chb.2012.05.003
- N. S. Safa, M. Sookhak, R. Von Solms, S. Furnell, N. A. Ghani & T. Herawan. (2015). Information security conscious care behaviour formation in organizations. Computers & Security, 53, 65-78. https://doi.org/10.1016/j.cose.2015.05.012
- J. Zhang, B. J. Reithel & H. Li. (2009). Impact of perceived technical protection on security behaviors. Information Management & Computer Security, 17(4), 330-340. https://doi.org/10.1108/09685220910993980
- A. C. Johnston & M. Warkentin (2010). Fear appeals and information security behaviors: An empirical study. MIS Quarterly, 34(3), 549-566. https://doi.org/10.2307/25750691
- W. R. Flores & M. Ekstedt. (2016). Shaping intention to resist social engineering through transformational leadership, information security culture and awareness. Computers & Security, 59, 26-44. https://doi.org/10.1016/j.cose.2016.01.004
- N. S. Safa & R. Von Solms. (2016). An information security knowledge sharing model in organizations. Computers in Human Behavior, 57, 442-451. https://doi.org/10.1016/j.chb.2015.12.037
- M. Siponen, M. A. Mahmood & S. Pahnila. (2014). Employees' adherence to information security policies: An exploratory field study. Information & Management, 51(2), 217-224. https://doi.org/10.1016/j.im.2013.08.006
- C. Posey, T. L. Roberts & P. B. Lowry (2015). The impact of organizational commitment on insiders' motivation to protect organizational information assets. Journal of Management Information Systems, 32(4), 179-214. https://doi.org/10.1080/07421222.2015.1138374
- H. L. Chou, & C. Chou. (2016). An analysis of multiple factors relating to teachers' problematic information security behavior. Computers in Human Behavior, 65, 334-345. https://doi.org/10.1016/j.chb.2016.08.034
- R. Cropanzano, L. Paddock, D. E. Rupp, J. Bagger & A. Baldwin. (2008). How regulatory focus impacts the process-by-outcome interaction for perceived fairness and emotions. Organizational Behavior and Human Decision Processes, 105(1), 36-51. https://doi.org/10.1016/j.obhdp.2006.06.003
- P. M. Muchinsky. (2006). Psychology Applied to Work: An Introduction to Industrial and Organizational Psychology. Cengage Learning.
- P. E. Spector. (2008). Industrial and Organizational Psychology. Research and. Practice.
- T. A. Judge & J. A. Colquitt. (2004). Organizational justice and stress: The mediating role of work-family conflict. Journal of Applied Psychology, 89(3), 395-404. https://doi.org/10.1037/0021-9010.89.3.395
- J. R. Fu, P. H. Ju & C. W. Hsu. (2015). Understanding why consumers engage in electronic word-of-mouth communication: Perspectives from theory of planned behavior and justice theory. Electronic Commerce Research and Applications, 14(6), 616-630. https://doi.org/10.1016/j.elerap.2015.09.003
- H. Zhang & N. C. Agarwal. (2009). The mediating roles of organizational justice on the relationships between HR practices and workplace outcomes: an investigation in China. The International Journal of Human Resource Management, 20(3), 676-693. https://doi.org/10.1080/09585190802707482
- M. L. Ambrose & M. Schminke. (2009). The role of overall justice judgments in organizational justice research: a test of mediation. Journal of Applied Psychology, 94(2), 491-500. https://doi.org/10.1037/a0013203
- T. Y. Chou, T. C. Seng-cho, J. J. Jiang & G. Klein. (2013). The organizational citizenship behavior of IS personnel: Does organizational justice matter?. Information & Management, 50(2), 105-111. https://doi.org/10.1016/j.im.2013.02.002
- O. Demirtas. (2015). Ethical leadership influence at organizations: Evidence from the field. Journal of Business Ethics, 126(2), 273-284. https://doi.org/10.1007/s10551-013-1950-5
- C. Yoon. (2011). Theory of planned behavior and ethics theory in digital piracy: An integrated model. Journal of Business Ethics, 100(3), 405-417. https://doi.org/10.1007/s10551-010-0687-7
- C. C. Pinder. (1998), Work motivation in organizational behavior. Upper Saddle River, NJ: Prentice Hall.
- E. M. Fair, & L. Silvestri. (1992). Effects of rewards, competition and outcome on intrinsic motivation. Journal of Instructional Psychology, 19(1), 3.
- K. H. Guo, Y. Yuan, N. P. Archer & C. E. Connelly. (2011). Understanding nonmalicious security violations in the workplace: A composite behavior model. Journal of Management Information Systems, 28(2), 203-236. https://doi.org/10.2753/MIS0742-1222280208
- H. Li, J. Zhang & R. Sarathy. (2010). Understanding compliance with internet use policy from the perspective of rational choice theory. Decision Support Systems, 48(4), 635-645. https://doi.org/10.1016/j.dss.2009.12.005
- J. E. Dutton, J. M. Dukerich & C. V. Harquail. (1994). Organizational images and member identification. Administrative Science Quarterly, 39(2), 239-263. https://doi.org/10.2307/2393235
- J. C. Nunnally. (1978). Psychometric theory (2nd ed.). New York: McGraw-Hill.
- B. H. Wixom & H. J. Watson. (2001). An empirical investigation of the factors affecting data warehousing success. MIS Quarterly, 25(1), 17-41. https://doi.org/10.2307/3250957
- C. Fornell & D. F. Larcker. (1981). Evaluating structural equation models with unobservable variables and measurement error. Journal of Marketing Research, 18(1), 39-50. https://doi.org/10.2307/3151312