Nowadays, computer users are exposed to new types of threats, and the threats are also faced more often than ever before. Users have a very important role in the security of information systems and networks throughout their organizations, as they can pose a major threat to the organizations’ security - either intentionally or unintentionally. Usually, organizations try to improve the employees’ information security behavior by increasing their information security awareness by developing understanding about the information security and highlighting the potential security problems. However, training and exercises may not be able to eliminate, for example, negligence or recklessness, which may cause various security issues and threats. The aim of the study was to compile a model that could be used to detect information security behavior and its change. Previous studies have mainly attempted to verify only general and permanent factors that could predict information security behavior. Therefore, the focus was especially on the factors affecting information security behavior, which were not sufficiently considered in the previous studies. In addition, the thesis examined how the changing computing environment and cloud services affect information security behavior. To create a reference framework, a systematic literature review was carried out, in which the characteristics of information security behavior were reviewed based on previous scientific publications. Based on the literature review, eight characteristics of information security behavior and its most significant near-term concepts were identified. The literature review also focused on several different motivational content and process theories that could be used to model the change in information security behavior. Employees from small businesses in the tourism industry, who use a cloud-based reservation system in their business, were selected for the research’s target area. The research was carried out as a qualitative study and the material was collected via theme interviews (n = 20). Phenomenological-hermeneutical perspectives and narrative approaches were used to analyze the data. The study showed that numerous different situational factors influence information security behavior and its change. In addition, the cloud service context was found to have both positive and negative effects on users’ information security behavior. Based on the research, a model was built, and it seemed to describe well information security behavior and its change in the target population. Further research could analyze the functionality of the model in different industries and, for example, in team working.