A dimension-based information security culture model and its relationship with employees’ security behavior: A case study in Malaysian higher educational institutions

Akhyari, Nasir and Ruzaini, Abdullah Arshah and Ab Hamid, Mohd Rashid (2019) A dimension-based information security culture model and its relationship with employees’ security behavior: A case study in Malaysian higher educational institutions. Information Security Journal, 28 (3). pp. 55-80. ISSN 1939-3555. (Published)

Preview

Pdf
A dimension-based information security culture model .pdf
Download (139kB) | Preview

DOI/Official URL: https://doi.org/10.1080/19393555.2019.1643956

Abstract

Despite strong recommendations by scholars to establish Information Security Culture (ISC), the lack of ISC guidelines persists, particularly in aspects that could effectively improve employees’ security behavior in an organization. This study proposes an ISC model based on seven new formulated dimensions to examine its influence on employees’ Information Security Policy (ISP) compliance behavior. The dimensions represent specific aspects of ISC and were formulated based on widely accepted concepts of Organizational Culture and ISC. The model was tested at 19 out of 21 public universities in Malaysia and validated using Partial Least Square Structural Equation Modelling (PLS-SEM). Findings revealed all seven dimensions are significant in contributing to the underlying concept of ISC, with Information Security Knowledge being the most important dimension. This ISC concept was also found to be significant in influencing ISP compliance behavior. This study contributes to ISC literature in terms of conceptualization and operationalization of an ISC concept based on the new comprehensive dimensions in relation to ISP compliance behavior. The model could be employed by practitioners in assessing, improving and cultivating a positive ISC that would effectively influence employees’ security behavior in higher educational institutions.

Item Type:	Article
Additional Information:	Indexed by Scopus
Uncontrolled Keywords:	Dimensions; Information security culture; Information security policy compliance behaviour; PLS-SEM; Second-order construct; Security behavior
Subjects:	L Education > LB Theory and practice of education > LB2300 Higher Education Q Science > QA Mathematics Q Science > QA Mathematics > QA76 Computer software
Faculty/Division:	Faculty of Computer System And Software Engineering Faculty of Industrial Management
Depositing User:	Mrs Norsaini Abdul Samat
Date Deposited:	11 Jan 2021 06:23
Last Modified:	11 Jan 2021 06:23
URI:	http://umpir.ump.edu.my/id/eprint/30435
Download Statistic:	View Download Statistics

Actions (login required)

View Item