Abstract
Sensitive company information can leak to unauthorized parties in case employees do not perform effective protective measures while using application systems for their day-to-day tasks. To reduce the risks for such information leakage incidents, many companies oblige employees to follow information systems (IS) security policies and promote awareness programs to increase IS security awareness. The design of effective IS security awareness approaches is addressed by existing research. However, understanding how environmental and organizational factors influence organizations members’ IS security awareness is limited. Using a qualitative research approach we collect empirical data from 22 informants. The interview data of company outsiders and company insiders is analyzed to identify factors and explain associations among them. Our stated propositions help to understand why individuals in one organization are well aware of IS security threats and policies, while another organization’s individuals have a lower level of IS security awareness.
Original language | English |
---|---|
Place of Publication | Barcelona, Spain |
Publication status | Published - 2012 |
Externally published | Yes |
Keywords
- IS security