%0期刊文章%@ 1438-8871 % JMIR出版物% v22 %卡塔尔世界杯8强波胆分析N 1 %P e16775 %为什么员工(仍然)点击网络钓鱼链接:医院调查%A Jalali,Mohammad S %A Bruckes,Maike %A Westmattelmann,Daniel %A Schewe,Gerhard %+明斯特大学管理中心,明斯特大学14-16,德国明斯特,49 2518323539,maike.bruckes@wiwi.uni-muenster.de %K信息安全管理%K网络钓鱼邮件%K遵从性%K信任%K计划行为理论%D 2020 %7 23.1.2020 %9原文%J J Med Internet Res %G English %X医院一直是网络钓鱼攻击的主要目标之一。尽管努力提高信息安全合规性,但医院仍然严重遭受此类攻击,影响了护理质量和患者安全。目的:本研究旨在通过分析实际点击数据,探讨医院员工选择点击网络钓鱼邮件的原因。方法:首先运用计划行为理论(TPB)和整合信任理论对影响点击行为的因素进行测量。然后,我们在医院进行了调查,并使用结构方程模型来研究依从性意愿的组成部分。我们将员工的调查结果与他们在网络钓鱼活动中的实际点击数据进行了匹配。结果:我们的分析(N=397)表明,TPB因素(态度、主观规范和感知行为控制)以及集体感觉信任和对信息安全技术的信任与合规意愿呈正相关。然而,合规意愿与合规行为之间的关系并不显著。 Only the level of employees’ workload is positively associated with the likelihood of employees clicking on a phishing link. Conclusions: This is one of the few studies in information security and decision making that observed compliance behavior by analyzing clicking data rather than using self-reported data. We show that, in the context of phishing emails, intention and compliance might not be as strongly linked as previously assumed; hence, hospitals must remain vigilant with vulnerabilities that cannot be easily managed. Importantly, given the significant association between workload and noncompliance behavior (ie, clicking on phishing links), hospitals should better manage employees’ workload to increase information security. Our findings can help health care organizations augment employees’ compliance with their cybersecurity policies and reduce the likelihood of clicking on phishing links. %M 32012071 %R 10.2196/16775 %U //www.mybigtv.com/2020/1/e16775/ %U https://doi.org/10.2196/16775 %U http://www.ncbi.nlm.nih.gov/pubmed/32012071