Abstract:
Information security analysts acknowledge that cyber-attacks, information theft, and internet fraud are prevalent within the banking industry. One of the issues precipitating this trend is non-compliance with standards and policies by employees. In Nigeria, employee behavioral factors that determine compliance with international information security standards and policies have not been empirically assessed. An understanding of these factors is critical in combatting cyber-related crimes, as this provides organizations with accurate information, which enables the strengthening of existing security mechanisms. An investigation into the effect of employee's behavioral factors on information security standards and policies (ISSsPs) was undertaken at selected Nigerian banks. Partial least squares structural equation modelling (PLS-SEM) was adopted for the analysis of data obtained from 370 employees of selected banks in South-West, Nigeria. The findings indicated that behavioral factors such as normative belief, security awareness, perception biases and certainty of detection positively influence employees’ ISSsPs compliance. However, the severity of the penalty for non-compliance and perceived effectiveness of ISSP did not influence employees’ actions.