Search results
1 – 1 of 1Raneem AlMindeel and Jorge Tiago Martins
The purpose of this paper is to increase understanding of employee information security awareness in a government sector setting and illuminate the problems that public sector…
Abstract
Purpose
The purpose of this paper is to increase understanding of employee information security awareness in a government sector setting and illuminate the problems that public sector organisations in a developing context face when seeking to establish an information security awareness programme.
Design/methodology/approach
An interpretive research design was followed to develop an empirically enriched understanding of information security awareness perceptions, aspirations, challenges and enablers in the context of Saudi Arabia as a developing country. The study adopts a single-case study approach, including face-to-face interviews with senior employees, as well as document analysis.
Findings
The paper theorises the importance of individual information security awareness, knowledge and behaviour and identifies a number of facilitating conditions: customisation to employee and organisational needs, interactivity, innovation, frequency, integration of both electronic and physical learning resources and rewarding the acquisition of in-depth security-related actionable knowledge.
Originality/value
This study is one of the first to examine information security awareness as a socio-technical process within a government sector organisation in a developing country context.
Details