Recent research to minimizing user-related faults in information systems (IS) security can be roughly summarized as follows. First, since ancient times, punishment has been used to discourage ’wrongdoing’. It has been debated whether punishment as deterrence is relevant in the context of contemporary IS security or not. Results that support the economic theories of punishment have been published.
















