Use of Structural Equation Modeling for Agent-based Modeling and Simulation in the Analysis of Information Security Knowledge Sharing

Document Type : Original Research Paper

Authors

1 Department of Information Technology Management, Science and Research Unit, Islamic Azad University, Tehran, Iran.

2 Assistant Professor, Department of Information Technology Management, Management Faculty, Electronic Branch, Islamic Azad University, Tehran, Iran

Abstract

In this study, the information security knowledge sharing model is presented from the integration of the theories of planned behavior, motivation, triandis and behavior change stages in an organization by combining the statistical method of structural equation modeling and agent-based modeling and simulation; Also, in this study, structural equation modeling has been used to build models as inputs for factor-based modeling and to improve and improve their reliability and validity. in other words; In this study, structural equation modeling has been applied for factor-based modeling. The data collection method is a questionnaire made by the researcher and collected by simple random sampling method. After testing the validity and reliability of the questionnaire, data was collected from 217 participants. Using SmartPLS3.2.6 and Anylogic software, hypothesis testing and simulation based on statistical results are analyzed in order to analyze the change of behavior over time. The findings have shown that the factors of the theory of planned behavior, including attitude, mental norms, perceived behavioral control and motivation theory, which include internal and external motivational factors, and the Triandis model, in order to facilitate the conditions, have positive effects on the stages of behavior change from It includes the stages of pre-reflection, reflection, preparation, action, maintenance and termination. In addition, the change in information security knowledge sharing behavior in the organization increases over time until reaching the end stage. The innovation of this study is factor-based modeling in order to test hypotheses over time along with the statistical method of structural equation modeling. In addition, the behavior change model has also been applied to analyze the behavior change stages of information security knowledge sharing. Knowledge sharing plays an important role in the field of information security; Because it has a positive effect on the awareness of employees' information security.

Keywords

Main Subjects

References

  •  

    • Afshar Jalili, Y., Ghaleh, S. (2020), “Knowledge sharing and the theory of planned behavior: a meta-analysis review”, VINE Journal of Information and Knowledge Management Systems, Vol. 51, No. 2, pp. 2059-5891, DOI 10.1108/VJIKMS-02-2019-0023
    • Ajzen, I. (1985), " From intentions to actions: A theory of planned behavior ", Kuhl J. and Beckmann J. (Eds.), Action-Control: From Cognition to Behavior (pp. 11-39), Springer, Heidelberg.
    • Al-Ahmari, S, Renaud, K., Omoronyia, I. (2018), "A systematic review of information security knowledge-sharing research", Proceedings of the Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018), 101-110.
    • Amabile, T.A., (1993), "Motivational synergy: Toward new conceptualizations of intrinsic and extrinsic motivation in workplace", Human Resource Management Review, Vol. 3, No. 3, pp.185–201.
    • Australian Computer Society (2016), Cybersecurity threats challenges opportunities, Sydney, Australia.
    • Bello, O. W., and Oyekunle, R. A. (2014), “Attitude, perceptions, motivation towards knowledge sharing: views from universities in kwara state,” African Journal of Library, Vol. 24, No. 2, pp. 123–134.
    • Bulgurcu, B., Cavusoglu, H. & Benbasat, I. (2010), "Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness", MIS Quarterly, Vol. 34, No. 3, pp. 523-548.
    • Bulgurcu, B., Cavusoglu, H. & Benbasat, L. (2009), Roles of information security awareness and perceived fairness in information security policy compliance, Americas Conference on Information Systems, AMCIS2009, San Francisco, California.
    • Chatzoglou, V. (2009), "Knowledge-sharing behavior of bank employees in Greece", Business Process Management Journal, Vol.١٥, No. ٢, pp.٢٤٥-٢٦٦.
    • Cruz, N.M., Pe ́rez, V.M., and Cantero, C.T. (2009), "The influence of employee motivation on knowledge transfer", Journal of Knowledge Management, Vol. 13, No. 6, pp. 478-490.
    • D'Arcy, J., Anat H., and Dennis G. (2009). "User awareness of security countermeasures and its impact on information systems misuse: a deterrence approach", Information Systems Research, Vol. 20, No.1, pp. 79-98.
    • de Luna I. R., Liébana-Cabanillas F., Sánchez-Fernández J., Muñoz-Leiva F., (2019). “Mobile payment is not all the same: The adoption of mobile payment systems depending on the technology applied”, Technological Forecasting and Social Change, Vol 146, 931-944.
    • Ebrahimi, M. (2019), "An analysis of the impact of business networks on technology development: Using agent-based modeling", Ebrahimi, M. (Eds.), Private Sector Innovations and Technological Growth in the MENA Region (pp. 20-44), IGI Global, USA.
    • Ebrahimi, M, (2021a), "Analysis of the impact of customer relationship management on innovation acquisition using agent-based modeling", Amini, A., Bushell, S., and Mahmood, A. (Eds.), Driving Innovation and Productivity Through Sustainable Automation (1-28), IGI Global, USA.
    • Ebrahimi, M. (2021b), "Analysis of the effect for customer relationship management on digital enterprises: Using agent-based modeling", Sandhu, K. (Eds.), Emerging Challenges, Solutions, and Best Practices for Digital Enterprise Transformation (pp. 138-163), IGI Global, USA.
    • Feng, X., Wang, L., Yan, Y., Zhang, Q., Sun, L., Chen, J., Wu, Y. (2021), “The sustainability of knowledge-sharing behavior based on the theory of planned behavior in Q&A social network community”, Special Issue of Collective Behavior Analysis and Graph Mining in Social Networks, Complexity, Vol. 2021, Article ID 1526199, PP.1-12, https://doi.org/10.1155/2021/1526199
    • Fishbein, M., and Ajzen, I. (1975), "Belief, attitudes, intention and behavior: An introduction to theory and research", Reading, Addison-Wesley, MA.
    • Feledi, D., Fenz, S. and Lechner, L. (2013) “Toward web-based information security knowledge sharing.” Information Security Technical Report, Vol. 17, No. 4, pp. 199-209.
    • Flores, W.R., Antonsen, E., Ekstedt, M. (2014), "Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture, Computers & Security, Vol. 43, pp. 90-110.
    • Gagne, M. (2009), “A model of knowledge-sharing motivation”, Human Resource Management, Vol. 48, No. 4, pp. 571-589.
    • Hassabdoust, F., Subasinghage, M., Johnston, A.C. (2022). A neo-institutional perspective on the establishment of information security knowledge sharing practices”, Information & Management, Vol.59, pp. 1-11.
    • Hazari, S., Hargrave, W., Clenney, B. (2008), "An empirical investigation of factors influencing information security behavior", Journal of Information Privacy & Security, Vol. 4, No. 4, pp. 3-20.
    • Henlein, M., and Kaplan, A. M. (2004), "A beginner’s guide to partial least squares analysis", Understanding Statistics, Vol. 3, No. 4, pp. 283–297.
    • Huang, C.C. (2009). "Knowledge sharing and group cohesiveness on performance: an empirical study of technology R&D teams in Taiwan", Technovation, Vol. 29, pp. 786-797.
    • Ifinedo, P. (2012). "Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory", Computers & Security, Vol. 31, No. 1, pp. 83-95.
    • Johnston, A.C., Warkentin, M., Dennis, A.R., Siponen, M. (2019). “Speak their language designing effective messages to improve employees’ information security decision making”, Decision Sciences, Vol. 50 No.2, pp.245-264.
    • Madden, T.J., Ellen, P.S., and Ajzen, I. (1992), "A comparison of the theory of planned behavior and the theory of reasoned action", Personality and Social Psychology Bulletin, Vol. 18, No. 3, pp. 3-9.
    • Mathieson, K. (1991), "Predicting user intentions: Comparing the technology acceptance model with the theory of planned behavior", Information Systems Research, Vol. 2, No. 3, pp. 173-191.
    • Mayfield, M. (2010), "Tacit knowledge sharing: techniques for putting a powerful tool in practice", Development and Learning in Organizations, Vol. 24, No. 1, pp. 24-26.
    • Mertens, K.G., Lorscheid, I., and Meyer, M. (2017), "Using structural equation-based modeling for agent-based models", Chan, W. K. V., D'Ambrogio, A., Zacharewicz, G., Mustafee, N., Wainer, G., and Page, E. (Eds.), Proceedings of the 2017 Winter Simulation Conference.
    • Morris, M.G., and Dillon, A. (1997), "How user perceptions influence software use", IEEE Software, Vol. 14, No. 4, pp. 58-65.
    • Nguyen, T.M., Nham, T.P., Froese, F.J., Malik, A. (2019), “Motivation and knowledge sharing: a meta-analysis of main and moderating effects, Journal of Knowledge Management, Vol. 23, No. 5, ISSN: 1367-327.
    • Obrenovic, B., Jianguo, D., Tsoy, D., Obrenovic, S., Shafique Khan, M.A., Anwar, F. (2014), “The enjoyment of knowledge sharing: Impact of altruism on tacit knowledge-sharing behavior”, Frontiers in Psychology, Vol. 16, https://doi.org/10.3389/fpsyg.2020.01496
    • Pahnila, S., Siponen, M. & Mahmood, M. (2007), "Employees’ behavior towards IS security policy compliance", Proceedings of the 40th Hawaii International Conference on System Sciences, DOI: 10.1109/HICSS.2007.206.
    • Prochaska, J. O. & DiClemente, C. (1983), “Stages and processes of self-change of smoking: Toward an integrative model of change”, Journal of Consulting and Clinical Psychology, Vol. 51, pp. 390–395.
    • Prochaska J.O., Diclemente C.C. (1986), “Toward a Comprehensive Model of Change”. In: Miller W.R., Heather N. (eds) Treating Addictive Behaviors. Applied Clinical Psychology, vol 13. Springer, Boston, MA. https://doi.org/10.1007/978-1-4613-2191-0_1
    • Rasoulkhani, K., Logasa, B., Reyes, M.P., and Mostafavi, A. (2017), "Agent-based modeling framework for simulation of complex adaptive mechanisms underlying household water conservation technology adoption", Chan, W. K. V., D'Ambrogio, A., Zacharewicz, G., Mustafee, N., Wainer, G., and Page, E. (Eds.), Proceedings of the 2017 Winter Simulation Conference.
    • Reddy, G. N., Reddy, G.J.U. (2014), "A study of cyber security challenges and its emerging trends on latest technologies", available at: https://arxiv.org/ftp/arxiv/papers/1402/1402.1842.pdf (accessed 3 June 2021)
    • Ransbotham, S., and Sabyasachi M. (2009), "Choice and chance: A conceptual model of paths to information security compromise", Information Systems Research, Vol. 20, No. 1, pp. 121-139
    • Safa, N.S., Solms, R.V. (2016), "An information security knowledge sharing model in organizations", Computer in Human Behavior, Vol. 57, pp. 442-451.
    • Silic, M., Lowry, P.B. (2019). “Using design-science based gamification to improve organizational security training and compliance”, Journal of Management Information Systems, Vol. 37, No.1, pp. 129-161.
    • Stanton, J. M.. Stam, K. R., Mastrangelo, P. and Jolton, J. (2005) “Analysis of end user security behaviors.” Computers & Security, Vol. 24, No. 2, pp.124-133.
    • Siponen, M., Pahnila, S. & Mahmood, M. (2006), "Factors influencing protection motivation and IS security policy compliance", Innovations in Information Technology Conference, Dubai, DOI: 10.1109/INNOVATIONS. 2006.301907.
    • Sun, P.Y.T. and Scott, J.L. (2005). "An investigation of barriers to knowledge transfer”, Journal of Knowledge Management, Vol. 9, No. 2, pp. 75-90.
    • Tim, T.T., and Lee, G. (2012), “A modified and extended Triandis model for the enablers–process–outcomes relationship in hotel employees' knowledge sharing”, Service Industries Journal, Vol.32, No. 13, pp. 2059-2090
    • Triandis, H. C. (1977), Interpersonal behavior, Brooks/Cole, CA.
    • Wang, S., Raymond A. N. (2010). "Knowledge sharing: A review and directions for future research", Human Resource Management Review, Vol. 20, pp. 115–131.
    • Wang, J., Shan, Z., Gupta, M., Rao, H.R. (2019). “A longitudinal study of unauthorized access attempts on information systems the role of opportunity contexts”, MIS Quarterly, Vol. 43, No.2, pp. 601-622.
    • Zieba, M., Bongiovanni, I. (2022). “Knowledge management and knowledge security—Building an integrated framework in the light of COVID-19”, Knowledge and Process Management, Vol. 29, No. 2, pp.1-11.
Strategic Management of Organizational Knowledge
Volume 5, Issue 3 - Serial Number 18
September 2022
Pages 151-199

Files

History

  • Receive Date: 01 August 2022
  • Revise Date: 10 August 2022
  • Accept Date: 14 August 2022

Share

How to cite

Statistics