Episode 8

full
Published on:

20th Jan 2022

Neutralization Theory - How Users Rationalize Policy Violations

In this episode of Cyber Ways, Tom and Craig discuss a classic behavioral security paper that explores how users rationalize their purposeful violations of security policy. Listen and learn the six common rationalizations and what security managers can do to reduce their effects.

Citation:

Siponen, M., & Vance, A. (2010). Neutralization: new insights into the problem of employee information systems security policy violations,  MIS Quarterly, 34(3), 487-502.

Intro audio for the Cyber Ways Podcast

Outro audio for Cyber Ways Podcast

Cyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.

https://business.latech.edu/cyberways/

Listen for free

Show artwork for Cyber Ways Podcast

About the Podcast

Cyber Ways Podcast
The Cyber Ways Podcast brings academic cyber security research into the "real world." We interview top academic researchers to find how their research can be put into practice by cyber security professionals. Our focus is on behavioral aspects of cyber security. Occasionally, we touch on related topics, such as information privacy and surveillance.Each episode discusses one published, peer-reviewed article to reveal the practical implications of the research. Your hosts, Tom Stafford and Craig Van Slyke, are both widely published information systems academics who keep one foot in the world of practice.The Cyber Ways Podcast is brought to you by the Center for Information Assurance at the Louisiana Tech University's College of Business. The Cyber Ways podcast is funded through a Just Business grant, made possible through the generosity of donors to the Louisiana Tech University College of Business.

About your host

Profile picture for Craig Van Slyke

Craig Van Slyke

Dr. Tom Stafford and Dr. Craig Van Slyke are both widely published information systems academics who keep one foot in the world of practice.

Stafford serves as editor-in-chief of The DATA BASE for Advances in Information Systems, the longest continually-published MIS journal, and has previously edited 13 special issues of notable journals including Communications of the ACM, IEEE Transactions, and MIS Quarterly. He co-chaired the 2018 Americas Conference for Information Systems and chaired 2019 Dewald Roode Workshop on Information Systems Security Research. He has been selected to serve as the chair for the 2025 International Conference for Information Systems, one of the most notable yearly research meetings in the field of business technology.

Van Slyke, former dean of the W.A. Franke College of Business at Northern Arizona University, has published over 40 articles in respected academic journals including Decision Sciences, Communications of the ACM, European Journal of Information Systems, and Journal of the Association for Information Systems. His fourth co-authored textbook, “Information Systems in Business: An Experiential Approach,” is in its fourth edition, and his first trade book, “On Leadership and Life: Essays on Leading and Living Well,” was published in 2017.