Abstract
This study investigates the relationship between work overload and employee cybersecurity behavior, with a particular focus on the moderating role of self-efficacy in artificial intelligence (AI) use. Grounded in a multidisciplinary theoretical framework, the research integrates concepts from the Job Demands-Resources (JD-R) Model, Cognitive Load Theory, Social Identity Theory, and Protection Motivation Theory. Data were collected from 410 employees in South Korea through a three-wave time-lagged survey, analyzing the impact of work overload on cybersecurity behavior mediated by job stress and organizational identification, and moderated by self-efficacy in AI. The current study reveals a negative impact of work overload on employee cybersecurity behavior, mediated by job stress and organizational identification. Also, self-efficacy in AI use significantly moderates the relationship between work overload and job stress, mitigating the adverse effects of workload on cybersecurity behavior. The findings extend existing literature by demonstrating how organizational psychology theories can be applied to understand cybersecurity behavior in the workplace. This study highlights the importance of managing work overload and enhancing AI self-efficacy to improve cybersecurity practices in organizations. The study underscores the need for organizations to address work overload as a part of their cybersecurity strategy and to invest in AI self-efficacy training. The findings advocate for an interdisciplinary approach to cybersecurity, integrating insights from organizational psychology and AI technology. Future research should explore these dynamics in different cultural and organizational contexts and consider longitudinal designs to further validate the findings.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
The authors confirm that all data generated or analyzed during this study are included in this published article.
References
Alsharida, R. A., Al-rimy, B. A. S., Al-Emran, M., & Zainal, A. (2023). A systematic review of multi perspectives on human cybersecurity behavior. Technology in Society, 102258.
Anderson, J. C., & Gerbing, D. W. (1988). Structural equation modeling in practice: A review and recommended two-step approach. Psychological Bulletin, 103(3), 411–423.
Ashforth, B. E., & Mael, F. (1989). Social identity theory and the organization. Academy of Management Review, 14(1), 20–39.
Bakker, A. B., & Demerouti, E. (2007). The job demands-resources model: State of the art. Journal of Managerial Psychology, 22(3), 309–328.
Bakker, A. B., Demerouti, E., & Sanz-Vergel, A. I. (2014). Burnout and work engagement: The JD–R approach. Annual Review of Organizational Psychology and Organizational Behavior, 1(1), 389–411.
Bandura, A. (1982). Self-efficacy mechanism in human agency. American Psychologist, 37(2), 122–147.
Bandura, A. (1986). Social foundations of thought and action: A social cognitive theory. Prentice Hall, Inc.
Barriga Medina, H. R., Aguirre, C., Coello-Montecel, R., Pacheco, D. O., P., & Paredes-Aguirre, M. I. (2021). The influence of work–family conflict on burnout during the COVID-19 pandemic: The effect of teleworking overload. International Journal of Environmental Research and Public Health, 18(19), 10302.
Beehr, T. A., & Newman, J. E. (1978). Job stress, employee health, and organizational effectiveness: A facet analysis, model, and literature review. Personnel Psychology, 31(4), 665–699.
Brace, N., Kemp, R., & Snelgar, R. (2003). A guide to data analysis using SPSS for windows. Palgrave Macmillan.
Browne, M. W., & Cudeck, R. (1993). Alternative ways of assessing model fit. In K. A. Bollen, & J. S. Long (Eds.), Testing structural equation models (pp. 136–162). Sage.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34(3), 523–548.
Chen, Y., Ramamurthy, K., & Wen, K. W. (2012). Organizations’ information security policy compliance: Stick or carrot approach? Journal of Management Information Systems, 29(3), 157–188.
Compeau, D. R., & Higgins, C. A. (1995). Computer self-efficacy: Development of a measure and initial test. MIS Quarterly, 19(2), 189–211.
Compeau, D., Higgins, C. A., & Huff, S. (1999). Social cognitive theory and individual reactions to computing technology: A longitudinal study. MIS Quarterly, 23(2), 145–158.
Cousins, R., Mackay, C. J., Clarke, S. D., Kelly, C., Kelly, P. J., & McCaig, R. H. (2004). Management standards’ work-related stress in the UK: Practical development. Work & Stress, 18(2), 113–136.
Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers and Security, 32, 90–101.
Demerouti, E., Bakker, A. B., Nachreiner, F., & Schaufeli, W. B. (2001). The job demands-resources model of burnout. Journal of Applied Psychology, 86(3), 499–512.
Gélinas, D., Sadreddin, A., & Vahidov, R. (2022). Artificial intelligence in human resources management: A review and research agenda. Pacific Asia Journal of the Association for Information Systems, 14(6), 1.
Hwang, Y. S., & Kim, B. J. (2021). The power of a firm’s Benevolent Act: The influence of work overload on turnover intention, the mediating role of meaningfulness of work and the moderating effect of CSR activities. International Journal of Environmental Research and Public Health, 18(7), 3780.
Ifinedo, P. (2012). Understanding information systems security policy compliance: An integration of the theory of planned behavior and the protection motivation theory. Computers and Security, 31(1), 83–95.
Khan, N. F., Ikram, N., Murtaza, H., & Javed, M. (2023). Evaluating protection motivation based cybersecurity awareness training on Kirkpatrick’s Model (Vol. 125, p. 103049). Computers & Security.
Kumar, S., Hansiya Abdul Rauf, F., & Rathnasekara, H. (2021). Working to help or helping to work? Work-overload and allocentrism as predictors of organizational citizenship behaviours. The International Journal of Human Resource Management, 32(13), 2807–2828.
Landers, R. N., & Behrend, T. S. (2015). An inconvenient truth: Arbitrary distinctions between organizational, mechanical Turk, and other convenience samples. Industrial and Organizational Psychology, 8(2), 142–164.
Lian, H., Li, J. K., Du, C., Wu, W., Xia, Y., & Lee, C. (2022). Disaster or opportunity? How COVID-19-associated changes in environmental uncertainty and job insecurity relate to organizational identification and performance. Journal of Applied Psychology, 107(5), 693–707.
Mael, F. A., & Ashforth, B. E. (1992). Alumni and their alma mater: A partial test of the reformulated model of organizational identification. Journal of Organizational Behavior, 13(2), 103–123.
Marakas, G. M., Yi, M. Y., & Johnson, R. D. (1998). The multilevel and multifaceted character of computer self-efficacy: Toward clarification of the construct and an integrative framework for research. Information Systems Research, 9(2), 126–163.
Mhango, M., Dzobo, M., Chitungo, I., & Dzinamarira, T. (2020). COVID-19 risk factors among health workers: A rapid review. Safety and Health at Work, 11(3), 262–265.
Motowidlo, S. J., Packard, J. S., & Manning, M. R. (1986). Occupational stress: Its causes and consequences for job performance. Journal of Applied Psychology, 71(4), 618–629.
Posey, C., Roberts, T. L., & Lowry, P. B. (2015). The impact of organizational commitment on insiders’ motivation to protect organizational information assets. Journal of Management Information Systems, 32(4), 179–214.
Ragu-Nathan, T. S., Tarafdar, M., Ragu-Nathan, B. S., & Tu, Q. (2008). The consequences of technostress for end users in organizations: Conceptual development and empirical validation. Information Systems Research, 19(4), 417–433.
Riketta, M. (2005). Organizational identification: A meta-analysis. Journal of Vocational Behavior, 66(2), 358–384.
Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change1. The Journal of Psychology, 91(1), 93–114.
Sauter, S. L., Murphy, L. R., & Hurrell, J. J. (1990). Prevention of work-related psychological disorders. A national strategy proposed by the National Institute for Occupational Safety and Health (NIOSH). American Psychologist, 45(10), 1146–1158.
Schaufeli, W. B., & Bakker, A. B. (2004). Job demands, job resources, and their relationship with burnout and engagement: A multi-sample study. Journal of Organizational Behavior, 25(3), 293–315.
Selye, H. (1974). Stress without distress. Psychopathology of human adaptation (pp. 137–146). Springer US.
Sergent, K., & Stajkovic, A. D. (2020). Women’s leadership is associated with fewer deaths during the COVID-19 crisis: Quantitative and qualitative analyses of United States governors. Journal of Applied Psychology, 105(8), 771–783.
Shrout, P. E., & Bolger, N. (2002). Mediation in experimental and nonexperimental studies: New procedures and recommendations. Psychological Methods, 7(4), 422–445.
Sparks, K., & Cooper, C. (1999). Occupational differences in the work-strain relationship: Towards the use of situation-specific models. Journal of Occupational and Organizational Psychology, 72(2), 219–229.
Sweller, J. (1988). Cognitive load during problem solving: Effects on learning. Cognitive Science, 12(2), 257–285.
Tajfel, H., & Turner, J. C. (1979). An integrative theory of intergroup conflict. In W. G. Austin, & S. Worchel (Eds.), The social psychology of intergroup relations (pp. 33–47). Brooks/Cole.
Tambe, P., Cappelli, P., & Yakubovich, V. (2019). Artificial intelligence in human resources management: Challenges and a path forward. California Management Review, 61(4), 15–42.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Informed consent statement
Informed consent was obtained from all the participants.
Conflict of interest
The authors declare no conflict of interest.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Kim, BJ., Kim, MJ. & Lee, J. Examining the impact of work overload on cybersecurity behavior: highlighting self-efficacy in the realm of artificial intelligence. Curr Psychol 43, 17146–17162 (2024). https://doi.org/10.1007/s12144-024-05692-4
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12144-024-05692-4