Title :
Assessing information security culture: A critical analysis of current approaches
Author :
Okere, I. ; Van Niekerk, Johan ; Carroll, Mariana
Author_Institution :
Sch. of ICT, Nelson Mandela Metropolitan Univ. (NMMU), Port Elizabeth, South Africa
Abstract :
Today´s businesses operate in an interconnected and global environment allowing them to collaborate with one another and share information resources. At the same time this interconnectivity exposes the organization to many internal (employees) and external threats. Internal threat is among the top information security issues facing organizations as the human factor is regarded the weakest link in the security chain. To address this “human factor” researchers have suggested the fostering of an information security culture to address the human behavior so that information security becomes a second nature to employees. An important step in the fostering of an information security culture is the assessment of the current state of the culture. This paper focuses on the analysis and comparison of current information security culture assessment approaches, to evaluate their suitability specific for use in the culture change process.
Keywords :
business data processing; security of data; critical analysis; current approaches; external threats; global environment; human behavior; human factor; information resources; information security culture; internal threat; security chain; Educational institutions; Information security; Information services; Organizations; Standards organizations; Information security culture; assessment; culture change;
Conference_Titel :
Information Security for South Africa (ISSA), 2012
Conference_Location :
Johannesburg, Gauteng
Print_ISBN :
978-1-4673-2160-0
DOI :
10.1109/ISSA.2012.6320442
