Management of Technical Security Measures: An Empirical Examination of Personality Traits and Behavioral Intentions

Organizations are investing substantial resources in technical security measures that aim at preventively protecting their information assets. The way management -- or information security executives -- deals with potential security measures varies individually and depends on personality traits and cognitive factors. Based on the Theory of Planned Behavior, we examine the relationship between the personality traits of conscientiousness, neuroticism and openness with attitudes and intentions towards managing technical security measures. The highly relevant moderating role of compliance factors is also investigated. The hypothesized relationships are analyzed and validated using empirical data from a survey of 174 information security executives. Findings suggest that conscientiousness is important in determining the attitude towards the management of technical security measures. In addition, the findings indicate that when executives are confronted with information security standards or guidelines, the personality traits of conscientiousness and openness will have a stronger effect on attitude towards managing security measures than without moderators.