Review article
Key Factors of Information Security Culture
Krunoslav Arbanas
orcid.org/0000-0001-8973-5932
; Sveučilište u Zagrebu, Fakultet organizacije i informatike, Varaždin, Republika Hrvatska
Abstract
Recent researches show that to manage information security properly, one must consider not just widely-recognized technical measures but also non-technical measures with particular emphasis on the human factor. One of these measures is information security culture which, if well-established and supported by senior management, can significantly contribute to the protection of information assets by turning people from the recognized problem of information security into the mere solution to this problem. The need for establishing a sound information security culture is especially evident in the case of organizations that represent the so-called critical national infrastructure. Nowadays, it is an increasingly frequent target of cyber-attacks, and the first step in establishing an information security culture is to identify the factors that constitute that culture. The purpose of this paper is to summarize most cited key factors of information security culture identified in scientific articles indexed in relevant databases and, in the end, to state identified research gaps and provide readers with possible directions for further researches.
Keywords
Hrčak ID:
247822
URI
Publication date:
23.12.2020.
Visits: 1.959 *