Understanding information security stress: Focusing on the type of information security compliance activity

Chunghun Lee, Choong C. Lee, Suhyun Kim

Research output: Contribution to journalArticlepeer-review

54 Citations (Scopus)


Organizations are intensifying their information security levels, as information security has become an essential element in business management. However, excessive focus on the mere reinforcement of information security has placed employees under stress. Studies have confirmed that the negative effects of stress include reduced employee productivity. Therefore, it is important to manage employee stress while enforcing information security in an organization. Based on person-environment fit theory, this study examines how employees become stressed, the factors behind information security stress (ISS), and the differences between managerial and technical security-oriented organizations. The results show that work overload and invasion of privacy are information security stressors. Furthermore, work overload has a greater effect on ISS in managerial security-oriented organizations, while invasion of privacy exerts a greater influence on ISS in technical security-oriented organizations. In addition, attitude to compliance with the information security policy mitigates work overload and invasion of privacy. These findings can be used as a basic reference for the establishment of employee stress management measures and the evaluation of information security stress levels.

Original languageEnglish
Pages (from-to)60-70
Number of pages11
JournalComputers and Security
Publication statusPublished - 2016 Jun 1

Bibliographical note

Publisher Copyright:
© 2016 Elsevier Ltd. All rights reserved.

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Law


Dive into the research topics of 'Understanding information security stress: Focusing on the type of information security compliance activity'. Together they form a unique fingerprint.

Cite this