IMPACTS OF COMPREHENSIVE INFORMATION SECURITY PROGRAMS ON INFORMATION SECURITY CULTURE
A large number of security breaches involve internal employee
negligence and insider breach. This situation, coupled with
the need to comply with regulatory mandates has led to the
establishment of comprehensive information security programs
in many organizations. However, the relationships between
comprehensive information security programs and security
culture are unclear. This research empirically tests a proposed research model to evaluate the influences of key components of comprehensive
information security programs on security culture. The results indicate that awareness of SETA programs has significant influences on security culture and on employees' awareness of organizational security policy, and that the awareness of security monitoring also impacts security culture. The proposed research model can be used as a benchmark to evaluate the effectiveness of comprehensive information security programs, to improve the design of such programs should gaps exist, and eventually assist in building a security culture. Learn More
|