The information security management mostly disregards the human dimension. The main focus is on technical and procedural measures. The user is seen as a security enemy, not as a security asset. In our paper we identify some problems, that emerge from this sight and we propose a paradigm shift from a technical approach to a socio-cultural one, from “the user is my enemy” to “the user is my security asset” approach. We explain the concept of corporate culture and show exemplary on the example of the security culture, how the cultural theory can help to increase the overall security of an organization.
CITATION STYLE
Schlienger, T., & Teufel, S. (2002). Information security culture the socio-cultural dimension in information security management. In IFIP Advances in Information and Communication Technology (Vol. 86, pp. 191–201). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-0-387-35586-3_15
Mendeley helps you to discover research relevant for your work.