Cyber–information security compliance and violation behaviour in organisations: A systematic review

Sulaiman, Noor Suhani and Fauzi, M. A. and Wider, Walton and Rajadurai, Jegatheesan and Hussain, Suhaidah and Harun, Siti Aminah (2022) Cyber–information security compliance and violation behaviour in organisations: A systematic review. Social Sciences, 11 (9). pp. 1-17. ISSN 2076-0760. (Published)

This is the latest version of this item.

[img]
Preview
Pdf
2022_Social Sciences_Cyber-Information Security Compliance and violation behavior in organizations.pdf
Available under License Creative Commons Attribution.

Download (372kB) | Preview

Abstract

Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation.

Item Type: Article
Uncontrolled Keywords: Cybersecurity/information security; Compliance; policy; Violation; Systematic review
Subjects: H Social Sciences > H Social Sciences (General)
Faculty/Division: Faculty of Industrial Management
Institute of Postgraduate Studies
Depositing User: Dr. Muhammad Ashraf Fauzi
Date Deposited: 28 Sep 2022 03:47
Last Modified: 28 Sep 2022 03:47
URI: http://umpir.ump.edu.my/id/eprint/35216
Download Statistic: View Download Statistics

Available Versions of this Item

  • Cyber–information security compliance and violation behaviour in organisations: A systematic review. (deposited 28 Sep 2022 03:47) [Currently Displayed]

Actions (login required)

View Item View Item