Design and validation of information security culture framework
作者:
Highlights:
• Information security culture framework (ISCF) based on five dimensions is proposed.
• ISCF incorporates change management principles that guide the security culture cultivation.
• Correctness and comprehensiveness of ISCF structure and tasks are validated by surveying experts.
• Aims to mange human behavior when interacting with information assets.
• Assist organizations to develop information security culture to protects information assets.
摘要
•Information security culture framework (ISCF) based on five dimensions is proposed.•ISCF incorporates change management principles that guide the security culture cultivation.•Correctness and comprehensiveness of ISCF structure and tasks are validated by surveying experts.•Aims to mange human behavior when interacting with information assets.•Assist organizations to develop information security culture to protects information assets.
论文关键词:Information security culture,Information security management,Change management,Human factor,Human behavior
论文评审过程:Available online 7 April 2015.
论文官网地址:https://doi.org/10.1016/j.chb.2015.03.054
