Fuzzy Logic Application to Link National Culture and Cybersecurity Maturity

National culture and cybersecurity maturity (CM) both play defining roles in the identity and security of a nation. This study examines the relationship that these two constructs play in determining whether certain cultural dimensions of a nation leads to riskier cybersecurity behaviours. Based on the confirmed affirmation of the relationship between national culture and CM, we develop a research model based on fuzzy logic to predict the level of influence that national culture has on a country's Cybersecurity Maturity Level (CML). The fuzzy model was generated based on three semantic steps: (1) conducting statistical correlation analyses based on datasets related to 65 countries; (2) synthesizing a fuzzy model based on the derived knowledge; and (3) evaluating the fuzzy model based on public domain CM data across three case study countries. Our statistical analyses reveal a strong correlation between the cultural dimensions of Power Distance (PDI), Long Term Orientation (LTO), and Individualism (IDV) with login strength, implicating that these dimensions also strongly impact CM. Consequently, the proposed fuzzy model takes PDI, LTO, and IDV as the inputs to derive a quantitative value to the Global Cybersecurity Index related to a particular country. Hence, the novelty of this research lies in its interdisciplinary approach of creating and validating a model that can be used to determine the influence that national culture has on CML. Furthermore, this study suggests that national culture must be factored in when determining cybersecurity policy and frameworks which govern individuals within a nation's CM development.

[1]  G. Hofstede Dimensionalizing cultures: The Hofstede model in context , 2011 .

[2]  Xiaolan Fu,et al.  The Impact of Individualism—Collectivism, Social Presence, and Group Diversity on Group Decision Making Under Majority Influence , 2007, J. Manag. Inf. Syst..

[3]  G. White,et al.  The Community Cyber Security Maturity Model , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[4]  Rossouw von Solms,et al.  An Ontology for a National Cyber-Security Culture Environment , 2015, HAISA.

[5]  Kevin F. McCrohan,et al.  Influence of Awareness and Training on Cyber Security , 2010 .

[6]  D. Henshel,et al.  Integrating Cultural Factors into Human Factors Framework and Ontology for Cyber Attackers , 2016 .

[7]  L. Hadlington Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours , 2017, Heliyon.

[8]  Tomás San Feliu Gilabert,et al.  Comparative Study of Cybersecurity Capability Maturity Models , 2017, SPICE.

[9]  Elmarie Kritzinger,et al.  The influence of national culture on information security culture , 2016, 2016 IST-Africa Week Conference.

[10]  Minxin Pei,et al.  The Paradoxes of American Nationalism , 2003 .

[11]  Helen Petrie,et al.  Cultural and Gender Differences in Password Behaviors: Evidence from China, Turkey and the UK , 2016, NordiCHI.

[12]  G. Hofstede The Cultural Relativity of Organizational Practices and Theories , 1983 .

[13]  Ruey-Lin Hsiao,et al.  Technology fears: distrust and cultural persistence in electronic marketplace adoption , 2003, J. Strateg. Inf. Syst..

[14]  Süleyman Kardas,et al.  Examination of a New Defense Mechanism: Honeywords , 2017, IACR Cryptol. ePrint Arch..

[15]  Ulrich Remus,et al.  The Role of Cultural Differences and Cultural Intelligence in Controlling IS Offshoring Projects: A Theoretical Model , 2011, AMCIS.

[16]  L. Myers,et al.  Spearman Correlation Coefficients, Differences between , 2004 .