Cracking the Code: A Comprehensive Analysis of Information Security Strategies Among Professionals

With the expanding reach of the Internet of Things, information security threats are increasing,
including from the very professionals tasked with defending against these threats. This study identified
factors impacting information security behavior among these individuals. Protection motivation
theory and the theory of planned behavior were employed along with work-related organizational
factors as a theoretical framework. Data were collected through a survey of 595 information security
professionals working in Saudi information technology companies. Structural equational modeling
was used to analyze the data. Threat susceptibility, threat severity, self-efficacy, response cost, fear
attitude, behavioral control, subjective norms, and organizational commitment were found to play
a significant role in information security protection motivation and behavior, while job satisfaction
did not.