인터넷과 정보기술(IT)서비스의 활성화로 보안위협의 유형이 다양해지고 그 심각성도 커지고 있다. 이러한 현실에서 컴퓨터 사용자의 데이터에 대한 보안위협을 줄이고 데이터를 보호하기 위한 대응방법을 생각해 볼 필요가 있다. 기술적 보안대책만으로 보안위협을 완벽히 방어할 수 없으므로 데이터 백업과 같은 추가대응을 통해 데이터를 복구함으로써 정보보호를 실현할 수 있을 것이다.
본 연구에서는 보호동기이론을 중심으로 컴퓨터 사용자의 백업에 대한 영향요인을 파악하고자 하였다. 특히, 개인의 백업행동을 유발하는 과정에 선행하는 배경요인에 주목한다. 일상에서 형성된 보안습관과 다른 사람의 보호행동을 접한 결과인 가시성을 배경요인으로 설정하고 보호동기를 일으키는 개인의 평가를 통해 개인의 백업행동에 미치는 영향에 대해 논의하였다.
선행연구를 바탕으로 측정항목을 구성하고 분석도구로는 SPSS 21.0과 Smart PLS 2.0을 사용하였다. 분석결과 첫째, 컴퓨터 사용자의 백업의도에 대하여 사용자의 인지적 평가가 유의한 설명력을 가지는 것을 확인했다. 둘째, 컴퓨터 사용자의 인지적 평가에 대한 배경요인의 강한 중요성을 확인했다. 셋째, 위협평가에 대하여 보안습관이 가시성에 비해 상대적으로 2배 이상의 중요한 역할을 확인했다. 마지막으로 인지적 평가의 간접적 영향력을 검증함으로써 보호동기이론의 전체 모형 관점과 일치하는 결과를 나타냈다.
본 연구는 정보보호를 위한 보호조치 중에서 상대적으로 다뤄지지 않았던 개인적 관점의 데이터백업에 대한 연구를 시도하였으며, 보호동기이론의 전체 모형에 대한 접근을 바탕으로 보다 넓은 범위에서 컴퓨터 사용자의 인지구조를 이해하고자 했음에 의의가 있다. 백업을 통한 데이터 보호는 컴퓨터만의 문제가 아니므로 다양해진 IT기기에 적용함으로써 폭 넓은 연구로 발전할 것을 기대한다.

This study uses overall model of Protection Motivation Theory as a theoretical framework to test empirically what people make back up data on their personal computers. To address this, we integrated security habit and visibility as the background factors with Protection Motivation Theory to investigate sources of information antecedent to the Protection Motivation Theory process.
The measuring instruments were constructed based on prior research. And statistical analyses were performed using SPSS 21.0 and SmartPLS 2.0. The results showed that threat and coping appraisals had power of explanation on back up intention. The results also showed that background factors had a significant effect on threat and coping appraisals. Especially, it was confirmed that security habit and visibility have played an important role in improving the intention of back up. The effect of security habit is more than twice as big as visibility.
In the field of the countermeasures for information security, this study will contribute to the data backup researches from the personal perspective, which have not been relatively dealt with. Also, this study tries to understand the computer users’ structure of cognition more widely, based on the approaching method for the overall model of Protection Motivation Theory. Data security through the backup is not only the problem of computer but also the diversified IT instruments. It contributes to the wide use of backup and lead to improve the level of security and develop the wide research against the threat of security.

• 요약
• ABSTRACT
• I. 서론
• Ⅱ. 이론적 배경
• Ⅲ. 연구모형 및 가설
• Ⅳ. 연구방법
• Ⅴ. 실증분석
• Ⅵ. 결론
• 참고문헌

1 한국정보통신기술협회, "정보통신용어사전"

2 신승중, "정보보호의 기초" 인터비젼 2005

3 양원석, "정보보호위협하에서 경제적인 데이터백업 운영 정책 분석" 한국콘텐츠학회 14 (14): 270-278, 2014

4 이스트소프트, "정보보호 보안 인식 실태조사"

5 김수연, "서비스보증정책과 서비스 종업원의 직무수행의지: 종업원의 자기효능감과 책임감의 영향을 중심으로" 경영연구소 49 (49): 169-186, 2012

6 한국인터넷진흥원, "랜섬웨어 피해 예방 5대 수칙"

7 안호주, "금융기관 종사자들을 정보보안 위험관리로 이끄는 요인" 한국경영정보학회 17 (17): 39-64, 2015

8 Tyre, M. J., "Windows of opportunity : Temporal patterns of technological adaptation in organizations" 5 (5): 98-118, 1994

9 Pahnila, S., "Which factors explain employees’adherence to information security policies? An empirical study" 2007

10 Boss, S. R., "What do users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors" 39 (39): 837-864, 2015

11 Chuah, S. H. W., "Wearable technologies : The role of usefulness and visibility in smartwatch adoption" 65 : 276-284, 2016

12 Liang, H., "Understanding security behaviors in personal computer usage : A threat avoidance perspective" 11 (11): 394-413, 2010

13 Ifinedo, P., "Understanding information systems security policy compliance : An integration of the theory of planned behavior and the protection motivation theory" 31 (31): 83-95, 2012

14 Lee, Y., "Understanding anti-plagiarism software adoption : An extended protection motivation theory perspective" 50 (50): 361-369, 2011

15 Diamantopoulos, A., "The error term in formative measurement models : interpretation and modeling implications" 1 (1): 7-17, 2006

16 Polites, G. L., "The embeddedness of information systems habits in organizational and individual level routines : Development and disruption" 37 (37): 221-246, 2013

17 Gefen, D., "TAM or just plain habit : A look at experienced online shoppers" 15 (15): 1-13, 2003

18 Ng, B. Y., "Studying users’ computer security behavior : A health belief perspective" 46 (46): 815-825, 2009

19 Lazarus, R. S., "Stress, appraisal, and coping" Springer 1984

20 Cohen, J., "Statistical power analysis for the behavioral sciences" Lawrence Erlbaum 1988

21 Bandura, A., "Social learning through imitation" University of Nebraska Press 1962

22 Bandura, A., "Social learning theory" Prentice-Hall 1977

23 Bandura, A., "Social foundations of thought and action: A social cognitive theory" Prentice-Hall 1986

24 Maddux, J. E., "Social cognitive models of health and exercise behavior : An introduction and review of conceptual issues" 5 (5): 116-140, 1993

25 Rogers, R. W., "Social Psychophysiology: A Sourcebook" Guilford 153-176, 1983

26 Rhee, H. S., "Self-efficacy in information security : Its influence on end users’information security practice behavior" 28 (28): 816-826, 2009

27 박현선, "SNS 피로감의 선행요인과 결과요인에 관한 연구: 습관의 조절효과" 경영연구소 53 (53): 43-73, 2016

28 Segars, A. H., "Re-examining perceived ease of use and usefulness : A confirmatory factor analysis" 17 (17): 517-525, 1993

29 Nunnally, J. C., "Psychometric theory" McGraw-Hill 1994

30 Crossler, R. E., "Protection motivation theory: Understanding determinants to backing up personal data" 2010

31 Maddux, J. E., "Protection motivation and self-efficacy : A revised theory of fear appeals and attitude change" 19 (19): 469-479, 1983

32 Ajzen, I., "Prediction and Change of Health Behavior: Applying the Reasoned Action Approach" Lawrence Erlbaum Associates 1-22, 2007

33 Fishbein, M., "Predicting and changing behavior: The reasoned action approach" Psychology Press 2010

34 Aarts, H., "Predicting Behavior from Actions in the Past: Repeated Decision Making or a Matter of Habit?" 28 (28): 1355-1374, 1998

35 Anderson, C. L., "Practicing safe computing : A multimedia empirical examination of home computer user security behavioral intentions" 34 (34): 613-643, 2010

36 Thompson, R. L., "Personal computing : Toward a conceptual model of utilization" 15 (15): 125-143, 1991

37 Tenenhaus, M., "PLS path modeling" 48 (48): 159-205, 2005

38 Vance, A., "Motivating IS security compliance : Insights from habit and protection motivation theory" 49 (49): 190-198, 2012

39 Chin, W. W., "Modern Methods for Business Research" Psychology Press 295-336, 1998

40 Wilson, B., "Modeling reflective higher-order constructs using three approaches with PLS path modeling: A Monte Carlo comparison" 2007

41 Tu, Z., "Learning to cope with information security risks regarding mobile device loss or theft : An empirical examination" 52 (52): 506-517, 2015

42 Lee, Y., "Investigating factors affecting the adoption of antispyware systems" 48 (48): 72-77, 2005

43 Karahanna, E., "Information technology adoption across time : A cross-sectional comparison of pre-adoption and postadoption beliefs" 23 (23): 183-213, 1999

44 최맑음, "Individual Learning and Team Atmosphere: A Multilevel Analysis" 경영연구소 53 (53): 147-173, 2016

45 Karabacak, B., "ISRAM : information security risk analysis method" 24 (24): 147-159, 2005

46 Limayem, M., "How habit limits the predictive power of intention : The case of information systems continuance" 31 (31): 705-737, 2007

47 Götz, O., "Handbook of Partial Least Squares" Springer 691-711, 2010

48 Rogers, R. W., "Handbook of Health Behavior Research I: Personal and Social Determinants" Springer 113-132, 1997

49 Chung, W., "Fighting cybercrime : A review and the Taiwan experience" 41 (41): 669-682, 2006

50 Johnston, A. C., "Fear appeals and information security behaviors : An empirical study" 34 (34): 549-566, 2010

51 Siponen, M., "Factors influencing protection motivation and IS security policy compliance" IEEE 2006

52 Yoon, C., "Exploring factors that influence students’behaviors in information security" 23 (23): 407-415, 2012

53 Burns, A. J., "Examining the relationship of organizational insiders’ psychological capital with information security threat and coping appraisals" 68 : 190-209, 2017

54 Fornell, C., "Evaluating structural equation models with unobservable variables and measurement error" 18 (18): 39-50, 1981

55 Rogers, E. M., "Diffusion of Innovations" Free Press 1983

56 Moore, G. C., "Development of an instrument to measure the perceptions of adopting an information technology innovation" 2 (2): 192-222, 1991

57 Bergeron, F., "Determinants of EIS use : Testing a behavioral model" 14 (14): 131-146, 1995

58 Dhillon, G., "Current directions in IS security research : Towards socio-organizational perspectives" 11 (11): 127-153, 2001

59 Milne, S., "Combining motivational and volitional interventions to promote exercise participation : Protection motivation theory and implementation intentions" 7 (7): 163-184, 2002

60 Preacher, K. J., "Asymptotic and resampling strategies for assessing and comparing indirect effects in multiple mediator models" 40 (40): 879-891, 2008

61 Wu, M. C., "An empirical investigation of habitual usage and past usage on technology acceptance evaluations and continuance intention" 39 (39): 48-73, 2008

62 Hsu, C. L., "Adoption of the mobile Internet : An empirical study of multimedia message service(MMS)" 35 (35): 715-726, 2007

63 Rogers, R. W., "A protection motivation theory of fear appeals and attitude change" 91 (91): 93-114, 1975

64 Woon, I., "A protection motivation theory approach to home wireless security" 2005

65 Hair, J. F., "A primer on partial least squares structural equation modeling(PLS-SEM)" Sage 2016

66 Floyd, D. L., "A meta-analysis of research on protection motivation theory" 30 (30): 407-429, 2000

67 Kim, S. S., "A longitudinal model of continued IS use : An integrative view of four mechanisms underlying postadoption phenomena" 51 (51): 741-755, 2005

68 이스트소프트, "2016 상반기 랜섬웨어 동향"