A systematic review of Information security knowledge-sharing research

It is crucial for knowledge to be shared in the information security domain. In effect, sharing ensures that knowledge and skills are propagated through the organisation. Here, we report on a systematic literature review we carried out to gain insight into the literature related to information security knowledge sharing within organisations. The literature highlights the importance of security knowledge sharing in terms of enhancing organisational security awareness, and identifies gaps that can be addressed by researchers in the area

Understanding relationship between security culture and knowledge management

Despite the widely recognized importance of information security as a vital asset in an organization, there has been lack of understanding of how organizations actually cultivate security culture amongst the employees in a particular environment. Based on previous researches, the vast majority of information security incidents are caused by human factor, and not by flawed technology. Knowledge has been highlighted as one important parameter of the human factor in information security. Previous literature has suggested the Knowledge Management (KM) approach as one of the approaches to implement information security management. However, the knowledge dimension of information security management in the healthcare industry has been neglected. The goal of this paper is to investigate the relationship between security culture and KM. Thus, a conceptual model has been proposed to describe the relationship. The findings suggest that security culture may have a positive relationship with knowledge creation, knowledge sharing, and knowledge use through security behaviour. The proposed conceptual model will be further evaluated with selected healthcare organizations in Malaysia