Please use this identifier to cite or link to this item:
DC FieldValueLanguage
dc.contributor.authorMahfuth, A.en_US
dc.contributor.authorYussof, S.en_US
dc.contributor.authorBaker, A.A.en_US
dc.contributor.authorAli, N.en_US
dc.description.abstractHuman behavior inside organizations is considered the main threat to organizations. Moreover, in information security the human element consider the most of weakest link in general. Therefore it is crucial to create an information security culture to protect the organization's assets from inside and to influence employees' security behavior. This paper focuses on identifying the definitions and frameworks for establishing and maintaining information security culture inside organizations. It presents work have been done to conduct a systematic literature review of papers published on information security culture from 2003 to 2016. The review identified 68 papers that focus on this area, 18 of which propose an information security culture framework. An analysis of these papers indicate there is a positive relationship between levels of knowledge and how employees behave. The level of knowledge significantly affects information security behavior and should be considered as a critical factor in the effectiveness of information security culture and in any further work that is carried out on information security culture. Therefore, there is a need for more studies to identity the security knowledge that needs to be incorporated into organizations and to find instances of best practice for building an information security culture within organizations. © 2017 IEEE.
dc.titleA systematic literature review: Information security cultureen_US
dc.typeConference Paperen_US
item.fulltextNo Fulltext-
Appears in Collections:CCI Scholarly Publication
Show simple item record

Google ScholarTM



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.