Information Security Culture Critical Success Factors

被引：28

作者：

Alnatheer, Mohammed A. ^{[1
]}

机构：

[1] King Abdul Aziz City Sci & Technol KACST, Riyadh, Saudi Arabia

来源：

2015 12TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY - NEW GENERATIONS | 2015年

关键词：

Information Security Culture; Critical Success Factors; Organization Culture; MANAGEMENT; FRAMEWORK;

D O I：

10.1109/ITNG.2015.124

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

The purpose of this paper is to examine information security culture critical success factors. The current existing literature analyses have not clearly identified factors that have significant influence on information security culture adoption. This paper has examined current influential factors that could have influence information security culture creation within the organization setting. We found information security culture critical success factors to be: top management support for information security, establishing an effective information security policy, information security awareness, information security training and education, information security risk analysis and assessment, information security compliance, ethical conduct policies, and organization culture. This paper contributes to the existing knowledge by proving top critical factors that are necessary for information security culture creation in order to assist managing information security successfully.

引用

页码：731 / 735

页数：5

共 79 条

[1] Users are not the enemy [J].

Adams, A ;

Sasse, MA .

COMMUNICATIONS OF THE ACM, 1999, 42 (12) :41-46

[2]

[Anonymous], 2004, 133351 ISOIEC TR

[3]

[Anonymous], 2005, GLOBAL SECURITY SURV

[4]

[Anonymous], IFIP TC 8 INT WORKSH

[5]

[Anonymous], 2005, INV CLIM REG INT INV

[6] Information technology assimilation in firms: The influence of senior leadership and IT infrastructures [J].

Armstrong, CP ;

Sambamurthy, V .

INFORMATION SYSTEMS RESEARCH, 1999, 10 (04) :304-327

[7]

Baggett W.O., 2003, INTERN AUD, V60, P37

[8]

Beautement A., 2008, WORKSH NEW SEC PAR O

[9]

Bresz F., 2004, HLTH CARE COMPLIANCE, P57

[10] A cross-cultural investigation of situational information security awareness programs [J].

Department of Computer Information Systems, Appalachian State University, Boone, NC, United States ;

不详 .

Inf. Manage. Comput. Secur., 2008, 4 (360-376)

← 1 2 3 4 5 6 7 8 →