ABSTRACT:
Cyberdeviance, intentional use of information technology (IT) in the workplace that is contrary to the explicit and implicit norms of the organization and that threatens the well-being of the organization and/or its members, is an important research stream that has gained attention in academia and industry. Prior studies have treated different forms of cyberdeviance as different phenomena, resulting in a lack of a collective underlying conceptualization of cyberdeviance. This work inductively and empirically derives a typology of cyberdeviance with 439 respondents across three phases. Our results suggest that cyberdeviance varies along 3 dimensions: cyberdeviant behaviors that are minor versus serious; cyberdeviant behaviors that target individuals versus organizations; and cyberdeviant behaviors that require low versus high technical skill. We thus provide a comprehensive framework that fosters a logical linkage of various research programs related to cyberdeviance to guide future research investigation. The typology will help managers to distinguish different cyberdeviant behaviors and implement suitable interventions depending on the behavior.
Key words and phrases: : cyberdeviance, workplace deviance, typology, systematics, multidimensional scaling, IS security threats, IS use, cyberslacking, cyberloafing, cyberaggression, unauthorized IT use, computer abuse, inductive approach