A Literature Review On Information Security Compliance Behaviour

1987 Words8 Pages
A Literature review on information security compliance behaviour
Information plays a significant role in ensuring an organization 's business continuity, minimize business risk, and maximize return on investments and business opportunities. While the information is critical to organizations, it is also vulnerable to a range of threats from both inside and outside of organizations. Those security threats may bring organizations potential losses concerning financial, reputation and legal consequences (Culnan et al., 2008; Loch et al., 1992; Straub and Welke, 1998).
One of the key challenges faced by an organization in information security is difficulty in understanding how individual within an organization affect the outcomes of information security. Although, computer criminals and hackers from outside are often highlighted as a significant threat, evidence from studies suggests that more information security incidents occur as a result of internal employee actions (Richardson, 2008). In fact, individual inside an organization are more dangerous than those outside the organization because of their daily access to critical data and sufficient knowledge of the organizational (Bulgurcu, Cavusoglu, & Benbasat, 2010; Johnston & Warkentin, 2010). While experts have recognized the significant role of humans ' behavior in an organizational to information security, there are substantial differences in the literature about the causes of security threat and policy
Open Document