فرهنگ سازمانی، رویه اقدامات متقابل و رفتار امنیتی کارکنان: یک مطالعه کیفی / Organisational Culture, Procedural Countermeasures,and Employee Security Behaviour: A Qualitative Study

فرهنگ سازمانی، رویه اقدامات متقابل و رفتار امنیتی کارکنان: یک مطالعه کیفی Organisational Culture, Procedural Countermeasures,and Employee Security Behaviour: A Qualitative Study

  • نوع فایل : کتاب
  • زبان : انگلیسی
  • ناشر : Emerald
  • چاپ و سال / کشور: 2018

توضیحات

رشته های مرتبط مدیریت، مهندسی صنایع
گرایش های مرتبط مدیریت منابع انسانی و ایمنی صنعتی
مجله امنیت اطلاعات و کامپیوتر – Information & Computer Security
دانشگاه School of Law – University of Leeds – Leeds – UK

منتشر شده در نشریه امرالد
کلمات کلیدی انگلیسی Employee Security Behaviour, Organisational Culture, Information Security Policy, Security Education, Information Security Awareness

Description

1. Introduction Historically, organisations have emphasised a technological approach in order to protect the security of their information assets. However, as many attackers have started to include social means in their malicious efforts, e.g. social engineering, the need for a holistic approach in addressing information security issues has emerged. The domain of behavioural information security (InfoSec) research highlights the importance of taking into consideration the “human” element when ensuring information security throughout the organisation. Research and practice have shown that technical tools are powerless when it comes to the enforcement of behavioural rules such as password sharing, reporting of security incidents, adherence to a clear desk policy, and the secure disposal of confidential documents. Rather, compliance with these rules entirely depends on employees’ motivation to conform. Therefore, it is essential to understand factors that lead to compliant behaviour or that prompt employees to break organisational information security rules. This study provides new insights about security behaviour in selected U.S. and Irish organisations by investigating how organisational culture and procedural security countermeasures influence security actions. Crossler et al. (2013, p.90) note that “although a predominant weakness in properly securing information assets is the individual user within an organization, much of the focus of extant security research is on technical issues”. In response, our work takes its place amongst the small number studies to date that focus on behavioural as opposed to technical issues. Generally, Behavioural InfoSec research falls into two broad categories: (1) those that focus on the effects of cognitive processes on employee security behaviour (Bulgurcu et al., 2010), and (2) the effect of social controls (Cheng et al., 2013). This study concentrates on the latter. The two basic forms of social controls are formal and informal (Ross, 1896). Formal social controls refer to rules and regulations against deviant behaviour (Cheng et al., 2013). Organisational sanctions, rewards, security education and training, and information security policies are all forms of formal organisational controls.
اگر شما نسبت به این اثر یا عنوان محق هستید، لطفا از طریق "بخش تماس با ما" با ما تماس بگیرید و برای اطلاعات بیشتر، صفحه قوانین و مقررات را مطالعه نمایید.

دیدگاه کاربران


لطفا در این قسمت فقط نظر شخصی در مورد این عنوان را وارد نمایید و در صورتیکه مشکلی با دانلود یا استفاده از این فایل دارید در صفحه کاربری تیکت ثبت کنید.

بارگزاری