The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
Investigating the Concept of Information Security Culture
Abstract
The concept of an “information security culture” is relatively new. A review of published research on the topic suggests that it is not the information security panacea that has been suggested. Instead, it tends to refer to a range of existing techniques for addressing the human aspect of information security, oversimplifying the link between culture and behaviour, exaggerating the ease with which a culture can be adjusted, and treating culture as a monolith, set from the top. Evidence for some of the claims is also lacking. This chapter finds that the term “information security culture” is ambiguous and vague enough to suggest the possibility of achieving an almost mystical state, whereby behaviour consistent with information security is second nature to all employees, but when probed does not deliver. Instead, future research should be clear about what it considers information security culture to be, should provide evidence for claims, and should take complexity and context seriously.
Related Content
Chaymaâ Boutahiri, Ayoub Nouaiti, Aziz Bouazi, Abdallah Marhraoui Hsaini.
© 2024.
14 pages.
|
Imane Cheikh, Khaoula Oulidi Omali, Mohammed Nabil Kabbaj, Mohammed Benbrahim.
© 2024.
30 pages.
|
Tahiri Omar, Herrou Brahim, Sekkat Souhail, Khadiri Hassan.
© 2024.
19 pages.
|
Sekkat Souhail, Ibtissam El Hassani, Anass Cherrafi.
© 2024.
14 pages.
|
Meryeme Bououchma, Brahim Herrou.
© 2024.
14 pages.
|
Touria Jdid, Idriss Chana, Aziz Bouazi, Mohammed Nabil Kabbaj, Mohammed Benbrahim.
© 2024.
16 pages.
|
Houda Bentarki, Abdelkader Makhoute, Tőkési Karoly.
© 2024.
10 pages.
|
|
|