Data Protection and Employee Behaviour: The Role of Information Systems Security Culture
MetadataShow full item record
This item's downloads: 1169 (view details)
Connolly, L. & Lang, M. (2012) Data Protection and Employee Behaviour: The Role of Information Systems Security Culture IADIS WWW/Internet 2012 Conference
The proliferation of information in modern society, as enabled by technologies such as portable personal devices, social media, and 'cloud'-based services, presents a potentially serious threat to individual privacy and the security of corporate data. Despite various technology tools designed to protect organisations' vital information assets, security breaches within organisations continue to occur. In the 1990s, researchers realised that technical tools alone cannot solve the problem of IS security incidents and they began to focus their attention on socio-organisational aspects. A 'human factor' problem has been recognised as the root cause of many security breaches. According to recent research, information security culture needs to be created in organisations in order to promote security-cautious behaviour of employees to avoid such incidents. The concept of information security culture is relatively new and research on this topic is underdeveloped. We submit that there is a need for research that explores the principal factors that impact upon the fostering of information security culture within organisations and how these factors change within different cultural contexts.