File(s) under permanent embargo

Enabling information security culture : influences and challenges for Australian SMEs

conference contribution
posted on 2010-01-01, 00:00 authored by Sneza Dojkovski, Sharman Lichtenstein, Matthew Warren
An effective information security culture is vital to the success of information systems governance, risk management and compliance. Small and medium size enterprises (SMEs) face special challenges developing an information security culture as they may lack the information security knowledge, skills and behaviours of large organisations. This paper reports the main findings from an interpretive study of key influences enabling an effective information security culture for Australian SMEs. The paper provides a framework depicting external and internal influences on SME information security culture and a set of key challenges in the Australian context. The findings highlight that SME owner attitudes and behaviour – in turn influenced by government involvement - strongly influence information security culture for Australian SMEs. A surprising finding is the potential influence of the Australian culture. Practical and theoretical implications are discussed.



Australasian Conference on Information Systems (21st : 2010 : Brisbane, Qld.)




Brisbane, Qld.

Place of publication

Brisbane, Qld.

Start date


End date





Reproduced with the kind permission of the copyright owner.

Publication classification

E1 Full written paper - refereed

Copyright notice

2010, Sneza Dojkovski, Sharman Lichtenstein and Matthew J. Warren

Title of proceedings

ACIS 2010 : Proceedings of the 21st Australasian Conference on Information Systems