Advanced

Leadership and the Psychology of Awareness: Three Theoretical Approaches to Information Security Management

Holmberg, Robert LU and Sundström, Mikael LU (2012) In Organization Management Journal 9(1).
Abstract
The authors argue that Information Security Management (ISM) would benefit from studies that examine the social and psychological mechanisms that, when in evidence, generate employee aware¬ness of information security (IS) related issues. Properly instilled, IS awareness has the power to en¬gender a proactive wariness beyond mechanical guidelines, however detailed. To study how awareness travels in com¬plex organisations the authors devise a framework to catch mecha¬nisms grounded in psychological and sociological theories. To illustrate the framework, the authors then turn to an empirical study of a medium-sized company where they sound managers for definitions of IS and ISM; for initiatives intended to influence IS and IS awareness among... (More)
The authors argue that Information Security Management (ISM) would benefit from studies that examine the social and psychological mechanisms that, when in evidence, generate employee aware¬ness of information security (IS) related issues. Properly instilled, IS awareness has the power to en¬gender a proactive wariness beyond mechanical guidelines, however detailed. To study how awareness travels in com¬plex organisations the authors devise a framework to catch mecha¬nisms grounded in psychological and sociological theories. To illustrate the framework, the authors then turn to an empirical study of a medium-sized company where they sound managers for definitions of IS and ISM; for initiatives intended to influence IS and IS awareness among em¬ployees; and for their views on learning related to IS and ISM. The study highlights the difficulties facing mana¬gers charged with IS matters, whose responsibilities are often considered peripheral by the general em¬ployee. It also provides several pointers how to go about the complex business of aware¬ness-building. (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Contribution to journal
publication status
in press
subject
keywords
Information Security Management, Information Security, IS, ISM, Awareness, Leadership
in
Organization Management Journal
volume
9
issue
1
publisher
Routledge
ISSN
1541-6518
project
Legitimacy, knowledge creation and practical drift in information Security management
language
English
LU publication?
yes
id
63d62de1-4b14-45b6-a7b8-c69b8f183a8d (old id 2374242)
date added to LUP
2012-03-22 09:43:59
date last changed
2016-04-15 23:36:34
@article{63d62de1-4b14-45b6-a7b8-c69b8f183a8d,
  abstract     = {The authors argue that Information Security Management (ISM) would benefit from studies that examine the social and psychological mechanisms that, when in evidence, generate employee aware¬ness of information security (IS) related issues. Properly instilled, IS awareness has the power to en¬gender a proactive wariness beyond mechanical guidelines, however detailed. To study how awareness travels in com¬plex organisations the authors devise a framework to catch mecha¬nisms grounded in psychological and sociological theories. To illustrate the framework, the authors then turn to an empirical study of a medium-sized company where they sound managers for definitions of IS and ISM; for initiatives intended to influence IS and IS awareness among em¬ployees; and for their views on learning related to IS and ISM. The study highlights the difficulties facing mana¬gers charged with IS matters, whose responsibilities are often considered peripheral by the general em¬ployee. It also provides several pointers how to go about the complex business of aware¬ness-building.},
  author       = {Holmberg, Robert and Sundström, Mikael},
  issn         = {1541-6518},
  keyword      = {Information Security Management,Information Security,IS,ISM,Awareness,Leadership},
  language     = {eng},
  number       = {1},
  publisher    = {Routledge},
  series       = {Organization Management Journal},
  title        = {Leadership and the Psychology of Awareness: Three Theoretical Approaches to Information Security Management},
  volume       = {9},
  year         = {2012},
}