research

Information security culture: A systematic literature review

Abstract

Information security culture becomes an enabler towards minimising the protection of security risk and incidents. This research will systematically identify and analyse published research exploring factors influencing information security culture. A systematic literature review is conducted throughout this process.40 papers were used in our synthesis of evidence with nine compatibility factors has been found to influence information security culture in organisation setting. One thousand two hundred and four studies were identified as 40 fulfilled the inclusion criteria. Of these, most (13%) were assessed being high quality, and three were rated very poor.Nine common factors were identified which are cultural differences, security awareness, security behaviour, top management commitment, trust, information sharing, security knowledge, security policy, and belief.The most common factors found was security behaviour that highly influences information security culture from analysis conducted.The result of this study also shows the gap that there is lack of studies conducted in healthcare informatics environments setting. Findings are useful in developing theoretical model that shows factors influencing information security culture in healthcare informatics environmen

    Similar works