@techreport{oai:ipsj.ixsq.nii.ac.jp:00241413, author = {堺, 祐一 and 稲葉, 緑 and Yuichi, Sakai and Midori, Inaba}, issue = {5}, month = {Nov}, note = {脆弱性が残るサプライチェーン内の企業を利用した標的企業へのサイバー攻撃の脅威が増加している.その中でも,対策の遅れが顕著な中小企業が利用されることが多い.本研究は,中小企業の情報セキュリティ対策導入・実施を促進・阻害する経営者の心理的要因を明らかにし,これらの要因に働きかけて対策実施を促すことを目的とした説得的アプローチのうち,効果的なものを明らかにすることを目的とした.中小企業経営者を対象として Web アンケート調査を行った.結果,中小企業の経営者の対策実施・導入に関する 4 つの心理的要因が得られた.また,これらの要因に対する説得的アプローチの効果を実験で評価した.自社の感染が発注元に被害を発生させる場合や,それによって自社の被害がさらに大きくなる可能性を説明することが,対策実施を経営者に動機づけるうえで最も効果的であることを明らかにした.この成果は,中小企業の脆弱性を減らすための対策導入・実施を経営者に働きかける際のアプローチに活用できる., The threat of cyberattacks on target companies using vulnerable companies within the supply chain is increasing. Among these, Small and Medium-sized Enterprises (SMEs) with significant delays in implementing countermeasures are often exploited. This study aims to identify the psychological factors of CEOs that promote or hinder the adoption and implementation of information security measures in SMEs and to determine the most effective persuasive approaches that influence these factors and encourage the implementation of such measures. A web survey was conducted targeting SME CEOs. As a result, four psychological factors related to the implementation and adoption of measures by SME CEOs were identified. Furthermore, the effectiveness of persuasive approaches that influence these factors was evaluated through experiments. It was revealed that explaining the possibility that an infection in their company could cause damage to their clients and consequently lead to greater damage to their own company is the most effective way to motivate CEOs to implement measures. This outcome can be used in approaches to encourage the introduction and implementation of measures by CEOs to reduce vulnerabilities in SMEs.}, title = {中小企業の情報セキュリティ対策推進を目的とした経営者への心理的アプローチに関する研究}, year = {2024} }