Organisational culture, procedural countermeasures, and employee security behaviour: A qualitative study
Connolly, Lena Yuryna
Tygar, Doug J.
MetadataShow full item record
This item's downloads: 51 (view details)
Cited 31 times in Scopus (view citations)
Yuryna Connolly, Lena, Lang, Michael, Gathegi, John, & Tygar, Doug J. (2017). Organisational culture, procedural countermeasures, and employee security behaviour. Information & Computer Security, 25(2), 118-136. doi:10.1108/ICS-03-2017-0013
Purpose - This paper provides new insights about security behaviour in selected US and Irish organisations by investigating how organisational culture and procedural security countermeasures tend to influence employee security actions. An increasing number of information security breaches in organisations presents a serious threat to the confidentiality of personal and commercially sensitive data. While recent research shows that humans are the weakest link in the security chain and the root cause of a great portion of security breaches, the extant security literature tends to focus on technical issues.Design/methodology/approach - This paper builds on general deterrence theory and prior organisational culture literature. The methodology adapted for this study draws on the analytical grounded theory approach employing a constant comparative method.Findings - This paper demonstrates that procedural security countermeasures and organisational culture tend to affect security behaviour in organisational settings.Research limitations/implications - This paper fills the void in information security research and takes its place among the very few studies that focus on behavioural as opposed to technical issues.Practical implications - This paper highlights the important role of procedural security countermeasures, information security awareness and organisational culture in managing illicit behaviour of employees.Originality/value - This study extends general deterrence theory in a novel way by including information security awareness in the research model and by investigating both negative and positive behaviours.
Showing items related by title, author, creator and subject.
Enhancing trust in detecting security threats using machine learning approaches and its application in the Internet of Things Mahbooba, Basim (NUI Galway, 2022-12-13)Identifying network attacks is a very crucial task for network security. The increasing amount of network devices is creating a massive amount of data and opening new security vulnerabilities that malicious users can ...
The impact of procedural security countermeasures on employee security behaviour: A qualitative study Connolly, Alena Yuryna; Lang, Michael; Tygar, Doug J. (Association for Information Systems (AIS), 2017-09-08)The growing number of information security breaches in organisations presents a serious risk to the confidentiality of personal and commercially sensitive data. Current research studies indicate that humans are the weakest ...
An investigation of employee security behaviour in organisational settings: the effect of procedural security countermeasures and cultural factors Connolly, Lena (2015-08-18)An increasing number of information security breaches in organisations presents a serious threat to the security of personal and commercially sensitive information. Recent research shows that humans are the weakest link ...