ارتباط بین فرهنگ و آگاهی از امنیت اطلاعات
ترجمه نشده

ارتباط بین فرهنگ و آگاهی از امنیت اطلاعات

عنوان فارسی مقاله: بیشتر از فرد: بررسی رابطه فرهنگ و آگاهی از امنیت اطلاعات
عنوان انگلیسی مقاله: More than the individual: Examining the relationship between culture and Information Security Awareness
مجله/کنفرانس: رایانه ها و امنیت - Computers & Security
رشته های تحصیلی مرتبط: مدیریت
گرایش های تحصیلی مرتبط: مدیریت عملکرد، مدیریت منابع انسانی و مدیریت استراتژیک، مدیریت منابع اطلاعاتی
کلمات کلیدی فارسی: فرهنگ ایمنی، فرهنگ سازمانی، آگاهی از امنیت اطلاعات (ISA)، امنیت اطلاعات (InfoSec)، امنیت سایبری، رفتار سازمانی
کلمات کلیدی انگلیسی: Security culture، Organisational culture، Information Security Awareness (ISA)، Information Security (InfoSec)، Cyber security، Organisational behaviour
نوع نگارش مقاله: مقاله پژوهشی (Research Article)
نمایه: Scopus - Master Journals List - JCR
شناسه دیجیتال (DOI): https://doi.org/10.1016/j.cose.2019.101640
دانشگاه: The University of Adelaide, SA 5005, Australia
صفحات مقاله انگلیسی: 8
ناشر: الزویر - Elsevier
نوع ارائه مقاله: ژورنال
نوع مقاله: ISI
سال انتشار مقاله: 2020
ایمپکت فاکتور: 4/337 در سال 2019
شاخص H_index: 77 در سال 2020
شاخص SJR: 0/667 در سال 2019
شناسه ISSN: 0167-4048
شاخص Quartile (چارک): Q1 در سال 2019
فرمت مقاله انگلیسی: PDF
وضعیت ترجمه: ترجمه نشده است
قیمت مقاله انگلیسی: رایگان
آیا این مقاله بیس است: خیر
آیا این مقاله مدل مفهومی دارد: ندارد
آیا این مقاله پرسشنامه دارد: ندارد
آیا این مقاله متغیر دارد: دارد
کد محصول: E14013
رفرنس: دارای رفرنس در داخل متن و انتهای مقاله
فهرست مطالب (انگلیسی)

Abstract

1- Introduction

2- Background and related work

3- Current study

4- Method

5- Results

6- Discussion

References

بخشی از مقاله (انگلیسی)

Abstract

The relationship between security culture and Information Security Awareness (ISA) has received preliminary support; however, its interplay with organisational culture is yet to be empirically investigated. Therefore, this study explored the relationship between ISA, organisational culture, and security culture. A total of 508 working Australians completed an online questionnaire. ISA was measured using the Human Aspects of Information Security Questionnaire (HAIS-Q); organisational culture was measured using the Denison Organisational Culture Survey (DOCS); and security culture was assessed through the Organisational Security Culture Measure. Our results showed that while organisational culture and security culture were correlated with ISA, security culture played an important mediating relationship between organisational culture and ISA. This suggests that organisations should focus on security culture rather than organisational culture to improve ISA, saving time and resources. Future research could further extend current findings by also considering national culture.

Introduction

Human behaviour is largely determined by culture, affecting interactions in everyday social and work environments (Cronk and Salmon, 2017). Therefore, when attempting to understand and shape human behaviour, looking at an individual in isolation is problematic. It is also important to consider the group, the broader social and organisational systems, and their interactions (Tessem and Skaraas, 2005). This is important for information security, as people play a significant role in not only creating risks, but also preventing security breaches. In an organisational context, the primary cause of human error is non-compliance, or nonmalicious unawareness, rather than malicious intent (Parsons et al., 2014). Traditionally, information security has focused on technical solutions, and measures to mitigate risks. However, the importance of the human factor has become increasingly recognised, and it has been well established that technical solutions in isolation cannot sufficiently mitigate security breaches (e.g., Furnell and Clarke, 2012). The role of the human is crucial with humans being the weakest link in information security (Parsons et al., 2017; von Solms and van Niekerk, 2010).