In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Ninth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2015)
Title: Exploring the Link Between Behavioural Information Security Governance and Employee Information Security Awareness
Author(s): Waldo Flores, Mathias Ekstedt
Keywords: Information security, behavioural information security governance, information security awareness
Abstract: This paper explores the relation between a set of behavioural information security governance factors and employees’ information security awareness. To enable statistical analysis between proposed relations, data was collected from two different samples in 24 organisations: 24 information security executives and 240 employees. The results reveal that having a formal unit with explicit responsibility for information security, utilizing coordinating committees, and sharing security knowledge through an intranet site significantly correlates with dimensions of employees’ information security awareness. However, regular identification of vulnerabilities in information systems and related processes is significantly negatively correlated with employees’ information security awareness, in particular managing passwords. The effect of behavioural information security governance on employee information security awareness is an understudied topic. Therefore, this study is explorative in nature and the results are preliminary. Nevertheless, the paper provides implications for both research and practice.
Download count: 1814
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.