论文信息 - Analyzing information security culture: increased trust by an appropriate information security culture

Analyzing information security culture: increased trust by an appropriate information security culture

Security culture encompasses all socio-cultural measures that support technical security measures, so that information security becomes a natural aspect in the daily activities of every employee. The cultural concept helps to increase trust between the different actors concerning information security within an organization. We start with the explanation of the "organizational culture concept," asking how it can be used to implement information security culture. To create, maintain and change security culture, certain measuring instruments are necessary. We discuss several ways and methods to analyze organizational culture. Furthermore, we ask to what extent they could be used in the context of security culture and what special problems might arise. Finally, the possible implementation is discussed in the context of an ongoing survey from which we present some results.

Stephanie Teufel | Thomas Schlienger | T. Schlienger | S. Teufel

[1] William I. Gorden. Corporate Cultures: The Rites and Rituals of Corporate Life , 1984 .

[2] Cheryl Vroom. Auditing the Employee in the Work Environment with Regard to Information Security , 2002, ISSA.

[3] R. J. House,et al. Organizations: A Quantum View , 1984 .

[4] T. Deal,et al. Corporate Cultures: The Rites and Rituals of Corporate Life. , 1982 .

[5] Stephanie Teufel,et al. Information Security Culture: The Socio-Cultural Dimension in Information Security Management , 2002, SEC.

[6] Jan H. P. Eloff,et al. Information Security Culture , 2002, SEC.

[7] W. Bennis,et al. The Corporate Culture Survival Guide: Sense and Nonsense about Culture Change , 2000 .

[8] Robert P. Vecchio,et al. Organizational Behavior: Core Concepts , 2002 .

[9] C. Despres. Culture, surveys, culture surveys and other obfuscations a reply to Migliore and Martin. A reply to Migliore and Martin , 1995 .

[10] G. Schreyögg. Organisation : Grundlagen moderner Organisationsgestaltung : mit Fallstudien , 1998 .

[11] Bert A. Spector. The Corporate Culture Survival Guide: Sense and Nonsense About Culture Change , 2000 .

[12] E. Schein. Organizational Culture and Leadership: A Dynamic View , 1985 .

[13] R. H. Waterman,et al. In search of excellence : lessons from America's best-run companies , 1983 .