A Model for Information Security Culture with Innovation and Creativity as Enablers

Veiga, Adéle Da

doi:10.1007/978-3-031-12172-2_14

Cited by 1 publication

(2 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The research methodology followed a phased approach, as illustrated in Figure 1, whereby phase one comprised of a scoping literature review that was conducted using the preferred reporting items for systematic reviews and meta-analyses (PRISMA) method to develop the conceptual model, which was published as part of the conceptual study (Da Veiga, 2022) and is presented in Figure 2. This was followed by Phase 2 to validate and refine the conceptual model with an expert panel using semi-structured interviews and qualitative data analysis as part of the research method.…”

Section: Methodsmentioning

confidence: 99%

“…The conceptual information security culture model, enabled through creativity and innovation, is depicted in Figure 2. The concepts applied in the model were derived from the literature review summary in Table 2, grouped according to either organisational traits or programmes that the organisation can implement to stimulate creativity and innovation as presented in Da Veiga (2022).…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

A model for information security culture with creativity and innovation as enablers – refined with an expert panel

Veiga

2023

ICS

View full text Add to dashboard Cite

Purpose This study aims to elicit an understanding of creativity and innovation to enable a totally aligned information security culture. A model is proposed to encourage creativity and innovation as part of the information security culture. Design/methodology/approach The study first applied a theoretical approach with a scoping literature review using the preferred reporting items for systematic reviews and meta-analyses method to propose a conceptual model for engendering employee creativity and innovation as part of the information security culture. A qualitative research method was further applied with expert interviews and qualitative data analysis in Atlas.ti to validate and refine the conceptual model. Findings A refined and validated information security culture model enabled through creativity and innovation is presented. The input from the expert panel was used to extend the model by 18 elements highlighting that the risk appetite of an organisation defines how much creativity and innovation can be tolerated to reach a balance with the potential risks it might introduce. Embedding creativity and innovation as part of the organisational culture to facilitate it further as part of the information security culture can aid in combating cyber threats and incidents; however, it should be managed through a decision-making process while governed within policies that define the boundaries of creativity and innovation in information security. Research limitations/implications The research serves as a point of reference for further research about the influence of creativity and innovation in information security culture which can be investigated through structural equation modelling. Practical implications This study offers novel insights for managerial practice to encourage creativity and innovation as part of information security. Originality/value The research proposes a novel concept of introducing creativity and innovation as part of the information security culture and presents a novel model to facilitate this.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%