Risk-Taking Propensity and Information Security Compliance Behavior

This study explores the intersection of risk-taking behavior and information security compliance within the context of a federal agency, aiming to illuminate the impact of individual behaviors on cybersecurity efforts. Amidst rising expenditures on information security by both corporations and governments, and an increasing trend of sophisticated cyber-attacks, this research underscores the critical role of the human factor in safeguarding digital assets. Utilizing a quantitative correlational methodology grounded in the Knowledge, Attitudes, and Behaviors (KAB) and Risk Propensity Model (RPM) frameworks, this study engaged 127 federal employees to examine the correlation between their propensity to take risks and their adherence to information security policies. Through descriptive statistics and multiple regression analysis, the study found that risk-taking propensity significantly influences information security compliance, contrary to age, which showed no significant effect. These findings suggest that enhancing organizational cybersecurity can be achieved by focusing on the individual risk profiles of employees, proposing the development of targeted strategies to address and mitigate risk-taking behaviors. This research contributes to the ongoing discourse on optimizing information systems for improved organizational performance and highlights the necessity of integrating psychological dimensions into cybersecurity management strategies.