Assessing the level of I.T. security culture improvement: Results from three Australian SMEs

Ngo, L.; Zhou, W.; Chonka, A.; Singh, Jaipal

doi:10.1109/IECON.2009.5415313

133175_StreamGate.pdf (289.4Kb)

Access Status

Open access

Authors

Ngo, L.

Zhou, W.

Chonka, A.

Singh, Jaipal

Date

2009

Type

Conference Paper

Metadata

Show full item record

Citation

Ngo, Leanne and Zhou, Wanlei and Chonka, Ashley and Singh, Jaipal. 2009. Assessing the level of I.T. security culture improvement: Results from three Australian SMEs, in Adriano Carvalho and Carlos Couto (ed), 35th Annual Conference of IEEE Industrial Electronics (IECON), Nov 3 2009, pp. 3189-3195. Porto, Portugal: IEEE Industrial Electronics Society.

Source Title

Proceedings of the 35th annual conference of IEEE industrial electronics (IECON)

Source Conference

35th Annual Conference of IEEE Industrial Electronics (IECON)

DOI

10.1109/IECON.2009.5415313

ISBN

9781424446483

Faculty

Curtin Business School

The Digital Ecosystems and Business Intelligence Institute (DEBII)

School

Digital Ecosystems and Business Intelligence Institute (DEBII)

Remarks

Copyright © 2009 IEEE This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

URI

http://hdl.handle.net/20.500.11937/25150

Collection

Curtin Research Publications

Abstract

Transitioning towards an improved I.T. security culture that fosters desired I.T. security behaviour and attitudes in individuals is pertinent to any organizational I.T. security strategy. To improve the current I.T. security culture of an organization and its members, an initial assessment covering four core questions was necessary to determine how much of an improvement was needed. The assessments and data collection techniques and corresponding results and findings are presented and discussed. The implications of this research will be of great benefit to both practitioners wanting to improve I.T. security culture and awareness in their organization, and will help to fill the lack empirical research within the academic field of I.T. security.