BRAZILIAN ORGANIZATIONAL CULTURE ON INFORMATION SECURITY: A LITERATURE REVIEW

An extensive literature review on the organizational culture in Brazil is presented and compared to the information security culture, in the past decade. This article is provided scholars with a new perspective and taxonomy on the case study analysis, and implications of these findings are discussed, as part of the master’s thesis from one of the authors (Vieira, 2008). Recommendations for future investigation and discussion compile the present work

The multifaceted and ever-changing directions of information security - Australia get ready!

In recent years, we have witnessed many information security developmental trends. As a consequence, the dimensions of information security - once single disciplinary area - have become multifaceted and convoluted. This paper aims to (1) recapitulate these key developments: (2) argue that the emergence of many complex information security dimensions are the result of \u27constant change agents\u27 (CCAs); (3) discuss the implications on Australia\u27s society, i. e. government, companies and individuals; and (4) propose key consideration areas and possible solutions thereof. We hope that the discussion presented here will position Australia to make better aligned information security and strategic plans, such as choosing appropriate investments and adopting effective solutions to strengthen and secure Australia\u27s national information security posture. <br /

Information security: Listening to the perspective of organisational insiders

Aligned with the strategy-as-practice research tradition, this article investigates how organisational insiders understand and perceive their surrounding information security practices, how they interpret them, and how they turn such interpretations into strategic actions. The study takes a qualitative case study approach, and participants are employees at the Research & Development department of a multinational original brand manufacturer. The article makes an important contribution to organisational information security management. It addresses the behaviour of organisational insiders – a group whose role in the prevention, response and mitigation of information security incidents is critical. The article identifies a set of organisational insiders’ perceived components of effective information security practices (organisational mission statement; common understanding of information security; awareness of threats; knowledge of information security incidents, routines and policy; relationships between employees; circulation of stories; role of punishment provisions; and training), based on which more successful information security strategies can be developed

Improving Information Security Through Technological Frames of Reference

There is a growing emphasis on robust, organizationally focused information security methods to countermand losses from growing computer security incidents. We focus on using technological frames of reference to study the information security gap created by incongruent member perceptions related to information risk among different stakeholder communities. We argue that reducing member perception incongruity will improve organizational information security effectiveness

Information Security Compliances and Knowledge Management Capabilities in International Diversification

Information security compliance has become one of the top priorities for firms to remain competitive in this era. It is even more challenging to comply with foreign standards and laws, when a firm aims to internationalize its operations and remain competitive. This paper discusses the role of information security compliances in international diversification phenomena. Specifically, drawing from the organizational information processing theory, this paper proposes that the fit between knowledge management capabilities of a firm and the requirements of information security compliances influences the degree of international diversification of the firm. Unlike much of prior academic literature focusing on American firms, this paper discusses how certain American security compliances possess challenges for foreign firms to diversify their businesses in the US. Both implications and limitations are then discussed