IDEAS home Printed from https://ideas.repec.org/a/spr/futbus/v11y2025i1d10.1186_s43093-025-00452-7.html
   My bibliography  Save this article

Factors influencing employee compliance with information security policies: a systematic literature review of behavioral and technological aspects in cybersecurity

Author

Listed:
  • Alberto-Tomas Delso-Vicente

    (Rey Juan Carlos University)

  • Luis Diaz-Marcos

    (Nebrija University)

  • Oscar Aguado-Tevar

    (Nebrija University)

  • María García Blanes-Sebastián

    (Rey Juan Carlos University)

Abstract

This study investigates the factors influencing employee compliance with information security policies, with a specific focus on the interplay between behavioral and technological elements shaping employee behavior. Compliance with these policies is critical in safeguarding organizational assets in an increasingly digital and interconnected world. Addressing the gap in current literature, this research highlights the integration of behavioral theories into cybersecurity, offering a unique perspective that bridges the human and technological dimensions. Unlike prior studies that predominantly emphasize technical solutions, this work underscores the importance of organizational culture, individual attitudes, and leadership in fostering compliance. The study employs a systematic literature review following the PRISMA methodology, analyzing 2001–2023 publications from leading databases such as ACM Digital Library, IEEE Xplore, ScienceDirect, and Web of Science. This rigorous approach ensures the inclusion of high-quality studies, facilitating a comprehensive analysis of the factors influencing compliance. The findings reveal that perceived effectiveness of security measures, top management support, and organizational culture are pivotal in shaping compliance behaviors. Strategies that combine intrinsic motivators, such as personal responsibility, with extrinsic incentives, like rewards and enforcement, are identified as the most effective. These results have significant implications for practice, particularly in designing cybersecurity awareness programs tailored to individual and contextual differences. Such initiatives can be instrumental for organizations and governments in strengthening security postures across diverse sectors. By addressing both technological vulnerabilities and human behavior, this study contributes to the development of more holistic and sustainable cybersecurity strategies.

Suggested Citation

  • Alberto-Tomas Delso-Vicente & Luis Diaz-Marcos & Oscar Aguado-Tevar & María García Blanes-Sebastián, 2025. "Factors influencing employee compliance with information security policies: a systematic literature review of behavioral and technological aspects in cybersecurity," Future Business Journal, Springer, vol. 11(1), pages 1-16, December.
    • Handle: RePEc:spr:futbus:v:11:y:2025:i:1:d:10.1186_s43093-025-00452-7
    DOI: 10.1186/s43093-025-00452-7
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1186/s43093-025-00452-7
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1186/s43093-025-00452-7?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:futbus:v:11:y:2025:i:1:d:10.1186_s43093-025-00452-7. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.