Examining the Neural Basis of Information Security Policy Violations: A Noninvasive Brain Stimulation Approach

Nonmalicious information security policy (ISP) violations can cause organizations significant harm. Here, we aim to extend the understanding of why employees engage in such acts. A large body of ISP violation research is based on the tenet that people violate ISPs to obtain personal benefits, as explained by rational choice and expectancy theories. But this assumption has only been weakly tested, using mostly correlational approaches. Our …