Learn More
This paper aims at creating a broad picture of security awareness and the ways it has been approached and also concerns, problems or gaps that may inhibit its successful implementation, towards understanding the reasons why security awareness practice remains problematic. Open coding analysis was performed on numerous publications (articles, surveys,(More)
System engineers are confronted with fast-paced technology developments, complicated contractual relationships, emerging threats and global security requirements, concerns for sustainability and viability of their ventures and a raft of other issues. In this environment, information technology-intensive systems in particular are exposed to risk and recent(More)
This paper explores the way information security awareness connects to the overall information security management framework it serves. To date, the formulation of security awareness initiatives has tended to ignore the important relationship with the overall security management context, and vice versa. In this paper we show that the two processes can be(More)
Purpose: Recent global security surveys indicate that security training and awareness programs are not working as well as they could be and that investments made by organizations are inadequate. The purpose of the paper is to increase our understanding of this phenomenon and illuminate the problems that organizations face when trying to establish an(More)
Several studies explore information security awareness focusing on individual and/ or organisational aspects. This paper argues that security awareness processes are associated with interrelated changes that occur at the organisational, the technological and the individual level. We introduce an integrated analytical framework that has been developed(More)