論文使用權限 Thesis access permission:校內校外完全公開 unrestricted
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available
博碩士論文 etd-0627120-144819 詳細資訊
Title page for etd-0627120-144819
論文名稱 Title |
組織成員資訊安全警告注意力之研究—組織犬儒主義之影響 An information security warning study - effects of organizational cynicism |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
71 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2020-06-29 |
繳交日期 Date of Submission |
2020-07-27 |
關鍵字 Keywords |
組織犬主義、注意力、資訊安全管理、警告、眼動技術、組織承諾 warning, eye tracking, organizational commitment, information security, attention, Organizational cynicism |
||
統計 Statistics |
本論文已被瀏覽 5894 次,被下載 98 次 The thesis/dissertation has been browsed 5894 times, has been downloaded 98 times. |
中文摘要 |
注意力實驗長久以來為研究者所關心,本研究基礎為Anderson(2016)在DSS與MIS Quarterly上面發表的注意力研究,利用眼動追蹤技術去蒐集使用者對於資訊安全警告的注意力下降實驗。雖然過去對於注意力已經有很多的研究,但是在眾多警告注意力的研究中環境因素很少被提到,本研究認為組織的環境因素在實務上是不可或缺的。 根據Argyris(1974)提出的習慣性防衛機制(Defensive Routine),組織成員通常會單向地保護自己而不信任組織、具有防禦性,導致組織犬儒(Organizational Cynicism)的態度在許多組織內部產生,因此本研究將以Anderson眼動注意力實驗為基礎探討組織犬儒態度與資安警告注意力下降程度之間的關係。 實驗中共計招募103位國立中山大學的學生作為受測者,受測者依分組在閱讀完組織犬儒主義/一般組織情境後,被要求觀看一連串的警告,警告模式再根據Anderson眼動注意力實驗中的分組,分別觀看多態警告/靜態警告,以觀測組織情境與警告類別分別會如何影響受測者的注意力。 研究結果表明觀看組織犬儒情境的組別比觀看一般情境的組別注意力下降的更加快速,數據亦表明組織犬儒與組織承諾之間有負向關係、組織承諾與踰矩行為之間又存在著負向關係。除此之外注意力會負向調節組織承諾與踰矩行為之間的關係。 整體而言本研究除了成功在華人地區重複Anderson注意力實驗之外,亦證實犬儒主義這類負面組織態度對成員觀看警告注意力的影響,也提出了注意力在組織中的重要性,最後證實了Anderson提出的多態警告在組織環境之下依然能有效提升注意力。 |
Abstract |
Attention experiments have long been concerned by researchers. This research is based on Anderson's attention study which published on DSS and MIS Quarterly. Anderson used eye tracking technology to collect users' attention lost for information security warnings. Although there have been many studies on attention in the past, environmental factors are rarely mentioned in those studies. This study believes that organizational environmental factors are indispensable in practice. According to the defensive routine proposed by Argyris, the members of the organization usually protect themselves unilaterally without trusting the organization, resulting in the attitude of organizational cynicism in many organizations. In the experiment, a total of 103 students from Sun Yat-sen University were recruited as subjects. After reading the organizational cynicism/general organizational scenario, the subjects were asked to watch a series of warnings. They were set into two groups, one group watches polymorphic warnings and the other one watches static warnings to observe how organizational context and warning categories affect the subjects' attention. The results of the study show that the attention of those who read the cynicism scenario of the organization declines more rapidly than those who read the general scenario. The data also shows that there is a negative relationship between organization cynicism and organizational commitment, and there is also a negative relationship between organizational commitment and violation behavior. In addition, attention will negatively moderate the relationship between organizational commitment and excess behavior. Overall, in addition to successfully repeating Anderson's attention experiment in Chinese areas, this study also confirmed the impact of negative organizational attitudes such as cynicism on members' attention to watching warnings. And finally, it was confirmed that the polymorphic warning proposed by Anderson can still effectively increase attention in the organizational environment. |
目次 Table of Contents |
目錄 論文審定書............................................................. i 致謝................................................................. ii 摘要................................................................ iii ABSTRACT............................................................. iv 第一章、 緒論 ........................................................ 5 第一節 研究背景 ..................................................... 5 第二節 研究動機與研究目的 ........................................... 7 第三節 研究流程 ..................................................... 9 第二章、 文獻探討 ................................................... 10 第一節 犬儒主義CYNICISM ............................................. 10 一、人格犬儒主義 ................................................. 11 二、社會犬儒主義 ................................................. 11 三、職業犬儒主義 ................................................. 11 四、員工犬儒主義 ................................................. 12 五、組織變革犬儒主義 ............................................. 12 第二節 組織犬儒主義(ORGANIZATIONAL CYNICISM) ........................... 14 第三節 組織承諾 .................................................... 15 第四節 資訊安全與安全警告 .......................................... 18 一、安全警告 ..................................................... 18 二、 警告習慣化現象 .............................................. 19 第五節 眼動追蹤 .................................................... 20 一、眼動儀起源 ................................................... 20 二、研究上的眼動 ................................................. 21 第三章、 研究方法 ................................................... 22 第一節 研究架構與研究假說 .......................................... 22 一、研究一 ....................................................... 22 二、研究二 ....................................................... 23 第二節 研究方法 .................................................... 26 一、實驗環境 ..................................................... 26 二、實驗法與問卷法 ............................................... 27 第三節 研究工具 .................................................... 32 一、問卷工具 ..................................................... 32 二、眼動行為資料收集 ............................................. 35 三、警告設計規則 ................................................. 37 第四章、 資料分析 ................................................... 40 第一節 基本資料敘述統計 ............................................ 40 第二節 問卷信效度分析 .............................................. 41 第三節 研究一資料分析 .............................................. 43 第四節 研究二資料分析 .............................................. 48 第五章、 結論與建議 ................................................. 51 第一節 結論 ........................................................ 51 第二節 研究限制 .................................................... 53 第三節 研究貢獻與建議 .............................................. 53 參考文獻............................................................. 55 附錄................................................................. 61 附錄1.組織犬儒主義情境 ............................................ 61 附錄2.組織犬儒主義問卷 ............................................ 63 附錄3.組織承諾問卷 ................................................ 64 附錄4.資訊安全踰矩行為問項 ........................................ 65 附錄5.實驗警告 .................................................... 66 圖目錄 圖 1-1 2019五大資安威脅(來源:Check point 2019網路威脅趨勢研討會) .... 4 圖 1-2 研究流程 ....................................................... 7 圖 3-1研究架構 ...................................................... 23 圖 3-2實驗環境 ...................................................... 27 圖 3-3 多態警告示意圖(本研究自行繪製) ................................ 28 圖 3-4 眼動實驗流程圖(左為多態警告組,右為靜態警告組) ................ 29 圖3-5眼動儀......................................................... 35 圖 3-6眼動系統配置 .................................................. 36 圖 3-7眼動實驗固定式托架與固定式座椅 ................................ 37 圖 3-8警告設計與九種變形(20組其中一組) .............................. 36 圖 4-1警告類別分組之注意力下降曲線 .................................. 44 圖 4-2操弄情境分組之注意力下降曲線 .................................. 44 圖4-3模型路徑係數................................................... 46 圖 4-4模型假說成立 .................................................. 49 表目錄 表 2-1早期不同類型的犬儒主義研究 .................................... 12 表 2-2組織承諾過往研究彙整 .......................................... 16 表 3-1實驗流程表 .................................................... 28 表 3-2組織犬儒主義量表 .............................................. 32 表 3-3情感性組織承諾量表 ............................................ 33 表3-4資訊安全踰矩行為量表........................................... 34 表 3-5多態警告變形與支持的警告科學文獻 .............................. 38 表4-1基本資料統計................................................... 41 表4-2組織犬儒主義因素分析結果....................................... 41 表 4-3組織承諾因素分析結果 .......................................... 42 表 4-4資訊安全踰矩行為因素分析結果 .................................. 43 表4-5警告重複次數*情境類型REPEATED MEASURED ANOVA 組內效應結果 ......... 45 表4-6警告重複次數*警告類型REPEATED MEASURED ANOVA 組內效應結果 ......... 46 表4-7警告重複次數*警告類型*情境REPEATED MEASURED ANOVA 組內效應結果 .... 46 表4-8警告注視模型REPEATED MEASURED ANOVA 組間效應結果 .................. 47 表 4-9對第一次觀測到警告之注視次數做T檢定 .......................... 48 表4-10 PLS 路徑係數 ................................................. 50 表4-11 BOOTSTRAPPING 總效應各項結果 .................................... 50 表5-1研究結果....................................................... 52 |
參考文獻 References |
Anderson, B. B., et al. (2016). "Your memory is working against you: How eye tracking and memory explain habituation to security warnings." Decision Support Systems 92: 3-13. Andersson, L. M. and T. S. Bateman (1997). "Cynicism in the workplace: Some causes and effects." Journal of Organizational Behavior: The International Journal of Industrial, Occupational and Organizational Psychology and Behavior 18(5): 449-469. Bulgurcu, B., et al. (2010). "Information security policy compliance: an empirical study of rationality-based beliefs and information security awareness." MIS Quarterly 34(3): 523-548. Cook, W. W. and D. M. Medley (1954). "Proposed hostility and pharisaic-virtue scales for the MMPI." Journal of Applied Psychology 38(6): 414. Dean Jr, J. W., et al. (1998). "Organizational cynicism." Academy of Management review 23(2): 341-352. Eagly, A. H. and S. Chaiken (1993). The psychology of attitudes, Harcourt Brace Jovanovich College Publishers. Eaton, J. A. (2000). A social motivation approach to organizational cynicism, Citeseer. Graham, J. R. and J. R. Graham (1990). MMPI-2: Assessing personality and psychopathology, Oxford University Press New York. Hart, P. (1997). Personality, work-related experiences and organizational cynicism: A longitudinal study. Society for Industrial and Organizational Psychology Annual Meeting, St. Louis, MO. Hilgard, E. R. (1980). "The trilogy of mind: Cognition, affection, and conation." Journal of the History of the Behavioral Sciences 16(2): 107-117. Huey, E. B. (1908). The psychology and pedagogy of reading, The Macmillan Company. Izard, C. E. (1992). "Basic emotions, relations among emotions, and emotion-cognition relations." Kanter, D. L. and P. H. Mirvis (1989). The cynical Americans: Living and working in an age of discontent and disillusion, Jossey-Bass. Niederhoffer, A. (1967). Behind the shield: The police in urban society, Doubleday. Reichers, A. E., et al. (1997). "Understanding and managing cynicism about organizational change." Academy of management perspectives 11(1): 48-59. Smith, C. A. (1947). "Effects of maternal undernutrition upon the newborn infant in Holland (1944-1945)." Journal of Pediatrics 30: 229-243. Sunshine, J., et al. (2009). Crying Wolf: An Empirical Study of SSL Warning Effectiveness. USENIX security symposium, Montreal, Canada. Vance, A., et al. (2018). "Tuning Out Security Warnings: A Longitudinal Examination of Habituation Through fMRI, Eye Tracking, and Field Experiments." MIS Quarterly 42(2): 355-380. Xu, F., et al. (2019). "Anger or fear? Effects of discrete emotions on employee’s computer-related deviant behavior." Information & Management: 103180. C.C. Braun, B. Greeno, N.C. Silver, Differences in Behavioral Compliance as a Function ofWarning Color, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, Sage Publications 1994, pp. 379–383. K.R. Laughery, S.L. Young, K.P. Vaubel, J.W. Brelsford Jr., The noticeability ofwarnings on alcoholic beverage containers, Journal of Public Policy &Marketing 12 (1) (1993) 38–56. J.A. Strawbridge, The Influence of Position, Highlighting, and Imbedding onWarning Effectiveness, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, Sage, Dayton, OH 1986, pp. 716–720. S.L. Young, M.Wogalter, Effects of conspicuous print and pictorial icons on comprehension and memory of instruction manual warnings, Human Factors 32 (1990) 637–649. M.J. Kalsher, M.S. Wogalter, B.M. Racicot, Pharmaceutical container labels: enhancing preference perceptions with alternative designs and pictorials, International Journal of Industrial Ergonomics 18 (1) (1996) 83–90. R.J. Sojourner, M.S. Wogalter, The influence of pictorials on evaluations of prescription medication instructions, Drug Information Journal 31 (3) (1997) 963–972. M.J. Kalsher, B.M. Brewster, M.S.Wogalter, M.E. Spunar, Hazard Level Perceptions of Current and Proposed Warning Sign and Label Panels, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 39 (5), 1995, pp. 351–355. N.C. Silver,M.S.Wogalter, Broadening the Range of SignalWords, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, Sage, Denver, Colorado 1989, pp. 555–559. C.C. Braun, N.C. Silver, Interaction of signal word and colour on warning labels: differences in perceived hazard and behavioural compliance, Ergonomics 38 (11) (1995) 2207–2220. C.M. Rudin-Brown, M.P. Greenley, A. Barone, J. Armstrong, A.F. Salway, B.J. Norris, The design of child restraint system (crs) labels and warnings affects overall crsusability, Traffic Injury Prevention 5 (1) (2004) 8–17. M.S. Sanders, E.J. McCormick, Human Factors in Engineering and Design, 7th ed.McGraw-Hill, 1987. S.L. Young, Increasing the Noticeability ofWarnings: Effects of Pictorial, Color, Signal Icon and Border, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, Sage, San Francisco, VA 1991, pp. 580–584. W.J. Vigilante, M. Wogalter, Effects of label format on knowledge acquisition and perceived readability by younger and older adults, Ergonomics 46 (4) (2003) 327–344. M.Wogalter,W.J. Vigilante Jr., Attention Switch and Maintenance, in:M.S.Wogalter (Ed.), Handbook of Warnings, Lawrence Erlbaum Associates 2006, pp. 245–266. R.F. Thompson, W.A. Spencer, Habituation: a model phenomenon for the study of neuronal substrates of behavior, Psychological Review 73 (1) (1966) 16–43. C.H. Rankin, Introduction to special issue of neurobiology of learning and memory on habituation, Neurobiology of Learning and Memory 92 (2) (2009) 125–126. S.E. Schechter, R. Dhamija, A. Ozment, I. Fischer, The emperor's New Security Indicators, Security and Privacy, 2007, SP'07. IEEE Symposium on, IEEE, Berkeley, CA 2007, pp. 51–65. D. Sharek, C. Swofford, M. Wogalter, Failure to Recognize Fake Internet Popup Warning Messages, Proceedings of the Human Factors and Ergonomics Society Annual Meeting, Sage Publications, New York, New York 2008, pp. 557–560. C. Bravo-Lillo, S. Komanduri, L.F. Cranor, R.W. Reeder, M. Sleeper, J. Downs, S.Schechter, Your Attention Please: Designing Security-Decision Uis to Make Genuine Risks harder to Ignore, Proceedings of the Ninth Symposium on Usable Privacy and Security, ACM, Newcastle, United Kingdom 2013, pp. 1–12. D.E. Hannula, R.R. Althoff, D.E.Warren, L. Riggs, N.J. Cohen, J.D. Ryan,Worth a glance: using eye movements to investigate the cognitive neuroscience of memory,Frontiers in Human Neuroscience 4 (2010) 166. Trotter, V. K., Lambert, M. J., Burlingame, G. M., Rees, F., Carpenter, B. N., Steffen, P. R., Jackson, A., & Eggett, D. (2009). Measuring work productivity with a mental health self-report measure. Journal of Occupational and Environmental Medicine, 51(6), 739-746. Potter, B. (2005). Overcoming Job Burnout (3rd ed,). RONIN Publishing. 張雅婷 (2008). "華人組織中的犬儒主義: 概念分析與實徵研究." 中原大學心理學研究所學位論文: 1-162. https://ithome.com.tw/news/132114 釣魚成2019資安趨勢 Check point 2019網路威脅趨勢研討會 Chris Argris(2001)《哈佛商業評論,有效溝通》 陳亭儒(2003) 組織犬儒主義之前因與後果。台大心理學研究所碩士論文。 Chen, H.-t. (2009). 組織互動公平認知對 360 度評量受評者自我發展接受性之影響-以組織犬儒主義為中介變項, National Central University. 傅貴、陸柏、陳秀珍(2005)基於行為科學的組織安全管理方案模型。中國安全科學學報,2005,15(9):21~27。 |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS