JUCS - Journal of Universal Computer Science 18(12): 1628-1642, doi: 10.3217/jucs-018-12-1628
Information Security Service Culture - Information Security for End-users
expand article infoRahul Rastogi, Rossouw von Solms
‡ Nelson Mandela Metropolitan University, Port Elizabeth, South Africa
Open Access
Information security culture has been found to have a profound influence on the compliance of end-users to information security policies and controls in their organization. Similarly, a complementary aspect of information security is the culture of information security managers and developers in the organization. This paper calls this is as the 'information security service culture' (ISSC). ISSC shapes and guides the behaviour of information security managers and developers as they formulate information security policies and controls. Thus, ISSC has profound influence on the nature of these policies and controls and thereby on the interaction of end-users with these artefacts. ISSC is useful in transforming information security managers and developers from their present-day technology-focused approach to an end-user centric approach.
information security service culture, ISSC, Information security culture, culture, information security management