Deakin University
Browse

File(s) under permanent embargo

Fostering information security culture in small and medium size enterprises: an interpretive study in Australia

conference contribution
posted on 2007-01-01, 00:00 authored by Sneza Dojkovski, Sharman Lichtenstein, Matthew Warren
By having an effective organisational information security culture where employees intuitively protect corporate information assets, small and medium size enterprises (SMEs) could improve information security. However, previous research has largely overlooked the development of such a culture for SMEs, and the national context in which SMEs operate. The paper explores this topic and provides key findings from an interpretive Australian study based on a literature review, two focus groups and three case studies. A holistic framework is provided for fostering an information security culture in SMEs in a national setting. The paper discusses key managerial challenges for SMEs attempting to develop such a culture. The main findings suggest that Australian SME owners do not provide sufficient support for information security due to insufficient awareness of its importance and may also be affected by national attitudes to risk. The paper concludes that Australian SME owners may benefit from adopting a risk-based approach to information security and should be educated about the potential strategic role of information technology and information security. The paper also identifies the value and difficulty of promoting a behavioural and learning approach to information security to complement traditional technological and managerial approaches. Implications for theory and practice are discussed.

History

Event

15th European Conference on Information Systems

Pagination

1560 - 1571

Publisher

University of St. Gallen

Location

St Gallen, Switzerland

Place of publication

St. Gallen, Switzerland

Start date

2007-06-07

End date

2007-06-09

Language

eng

Publication classification

E1 Full written paper - refereed

Title of proceedings

Proceedings of the 15th European Conference on Information Systems

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC