Article Review #01: Factors That Can Influence Security Compliance Behavior
Student Name: Benjamin Rivera Medina
School of Cybersecurity, Old Dominion University
CYSE 201S: Cybersecurity and The Social Sciences
Instructor Name: Dr. Jordan Quinn
Date: 02/24/26

Introduction
While technical security controls can mitigate cyber-attacks, organizations must go beyond the technical aspect. Employees tend to be the biggest weakness in cybersecurity frameworks due to the unpredictability of human behavior. However, human behavior involving security compliance may be able to be influenced positively or negatively based on internal factors. This research study investigates the organizational and psychological factors affecting employees’ security compliance behavior.

Relation/Connection to Social Science Principles
This research incorporates cumulative research findings by using past empirical studies from multiple scholarly sources to further support the claim. “To illustrate, previous studies have evidenced consistently that organizational culture servers as a directional factor influencing employee behavior regarding information security (Ghaleb & Pardaev, 202, p. 2).” In addition, the research is theoretical because this case study uses multiple theories to explain social patterns that can occur. The article mentions how the theory of planned behavior and social exchange theory can support the idea of influencing security compliance habits. The research methods that were conducted were ethical due to the strategy used in creating the test sample. Employees were selected by multiple different departments to ensure a diverse sample size. This ensured that the test groups were fair and diverse, and not discriminative against marginalized groups.

Research Question /Hypothesis/ Independent Variable/Dependent Variable
“The research question of the case study is to investigate the organizational and psychological determinants that affect employees’ information security compliance behavior in production companies” (Ghaleb & Pardaev, 202, p. 3). Hypothesis that was developed was that organizational culture and cybersecurity awareness has considerable influence on information security compliance behavior. Another hypothesis formulated was that employee engagement significantly moderates the relationship of cybersecurity awareness, organizational culture, and security compliance behavior. The last hypothesis developed was that trust in upper management immensely mediates the relationship between organizational culture, cybersecurity awareness, and security compliance behavior. Independent variables used in testing organizational culture on compliance behavior changes can include trust in management, leadership support, and importance of security practices. Dependent variables from this experiment can include amount of cybersecurity awareness and compliance behavior from employees. Independent variables revolving around cybersecurity awareness of employees can include cybersecurity training awareness and management involvement. Dependent variables can include employee proactiveness, vigilance, and commitment to cybersecurity safety and compliance.

Types of Research Methods used.
The research used quantitative research methods to observe the organizational and behavioral factors that can influence security compliance behavior. The test group consisted of employees in different departments of operations. This allows for a reliable diverse selection of employees to give a fair and unbiased testing group. The group would be rated based on employee engagement with security compliance from a five-point scale.

Types of Data Analysis used.
The measurement scales were used from cumulative research studies from past validated studies to ensure reliability. “Trust in upper management was measured using a seven-item scale created by Choi” (Ghaleb & Pardaev, 202, p. 12). Organizational culture was measured with a twenty-four-item scale created by Suvaci. “Cybersecurity awareness was measured using a six- item scale created by Ahamed” (Ghaleb & Pardaev, 202, p. 12). Employee engagement was measured with a twelve-item scale developed by Nurnida. Finally, a four-item scale was used to measure security compliance behavior from employees. “These items were rated on a five-point scale from strongly disagree to strongly agree” (Ghaleb & Pardaev, 202, p. 12).

Connections to other Course Concepts
Course concepts from the modules support the conclusions of the research. Module five mentions behavioral theories which explain that behaviors can be learned based on peers, media, and influences. In addition, module four mentions the field of human factors which uses interdisciplinary methods to develop technology. The results of this study align with this concept as both understand that human behavior has an impact on the effectiveness of security tools. The conclusions of the research conducted affirmed the idea that security compliance behavior can be influenced by trust in leadership, employee engagement, and a work culture that prioritizes security compliance.

Connections to the Concerns or contributions of Marginalized Groups
An implication with the study conducted was the test group would likely have disproportionate number of men as the base of the group sample compared to marginalized groups such as women or African Americans. However, Ghaleb and Pardaev attempted to resolve this bias by using multiple different departments as test groups. Using multiple departments helped create a more balanced sample size to ensure fairness and more precise results. In addition, fear of surveillance for marginalized groups may be an issue. Marginalized groups may feel that their responses could be traced to them. Marginalized groups may fear that if admitting to noncompliance, that disciplinary action may be involved.

Overall societal contributions of the study/Conclusion
The findings from the research conclude that cultivating strong security culture, trust in leadership, and increased employee engagement can influence human behavior towards security compliance. This research furthers our understanding by affirming that human behavior involving security compliance can be positively influenced with strong leadership, employee engagement, and a work culture that prioritizes cybersecurity. The research has also contributed to the field of human factors. Human factors can develop more effective tools by keeping in mind how human behavior can play a role in security compliance effectiveness. In addition, this research also suggests that consistent cybersecurity awareness training can be salubrious for promoting security compliance behavior. These conclusions were developed through the cumulative effort of multiple individuals who conducted experiments and test to further the understanding between the connection of security compliance and human behavior.

References
Ghaleb, M. M., & Pardaev, J. (202, January 1). Controlling Cyber Crime through Information
Security Compliance Behavior: Role of Cybersecurity Awareness, Organizational Culture
and Trust in Management. From https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/437/1
23