Exploring role of moral disengagement and counterproductive work behaviours in information security awareness

As security breaches in organisations are on the rise, developing an understanding of factors enabling and preventing such breaches is crucial. Even though previous studies have examined organisational aspects of information security, not much focus has been placed on human factors. In the present work we examined the tendency to morally disengage (MD), information security awareness (ISA), and counterproductive work behaviours (CWB), in a sample of 718 employees who used computers on daily basis, in order to establish predictors of CWB and the behavioural outcomes of ISA. The results showed that the propensity to morally disengage plays an important role in ISA, particularly the aspect of diffusion of responsibility. Secondly, ISA knowledge and ISA attitude, as expected, were part of a mediating mechanism underlying the relationship between MD and ISA behaviours, as well as MD and CWB. This demonstrates that ISA and CWB constructs overlap to a certain degree, and thus affecting one, should have effects also on the other. Targeted interventions need to consider ways of improving ISA knowledge and attitudes, as well as employees’ sense of responsibility for the information they work with.