Access the full text.
Sign up today, get DeepDyve free for 14 days.
J. Eloff, M. Eloff (2003)
Information security management: a new paradigm
J. Stanton, K. Stam, Paul Mastrangelo, Jeffrey Jolton (2005)
Analysis of end user security behaviorsComput. Secur., 24
K. Aytes, T. Connolly (2003)
A Research Model for Investigating Human Behavior Related to Computer Security
J. Wylder (2003)
Strategic Information Security
D. Mendonça, Theresa Jefferson, J. Harrald (2007)
Collaborative adhocracies and mix-and-match technologies in emergency managementCommunications of the ACM, 50
B. Von Solms
Corporate governance and information security
Seppo Pahnila, M. Siponen, M. Mahmood (2007)
Which Factors Explain Employees' Adherence to Information Security Policies? An Empirical Study
M. Siponen (2006)
Information security standards focus on the existence of process, not its contentCommun. ACM, 49
D. Lacey (2010)
Understanding and transforming organizational security cultureInf. Manag. Comput. Secur., 18
G. Dhillon, G. Torkzadeh (2006)
Value‐focused assessment of information system security in organizationsInformation Systems Journal, 16
Haider Abbas, Christer Magnusson, L. Yngström, A. Hemani (2011)
Addressing Dynamic Issues in Information Security ManagementInf. Manag. Comput. Secur., 19
S. Solms, R. Solms (2004)
The 10 deadly sins of information security managementComput. Secur., 23
D. Teece, G. Pisano, A. Shuen (1997)
DYNAMIC CAPABILITIES AND STRATEGIC MANAGEMENTStrategic Management Journal, 18
D. Mcgregor (1960)
The Human Side of Enterprise
G. Dhillon (2004)
Guest Editorial: the challenge of managing information securityInt. J. Inf. Manag., 24
K. Lyytinen, D. Robey (1999)
Learning failure in information systems developmentInformation Systems Journal, 9
M. Saleh, Abdullah Alrabiah, S. Bakry (2007)
Using ISO 17799: 2005 information security management: a STOPE view with six sigma approachInternational Journal of Network Management, 17
E. Schein (1996)
Culture: The Missing Concept in Organization Studies.Administrative Science Quarterly, 41
J. Harrald (2006)
Agility and Discipline: Critical Success Factors for Disaster ResponseThe Annals of the American Academy of Political and Social Science, 604
S. Solms (2000)
Information Security - The Third Wave?Comput. Secur., 19
P. Puhakainen, M. Siponen
Improving employees' compliance trough information systems security training: an action research study
S. Pahnila, M. Siponen, A. Mahmood
Employées adherence to information security policies: an empirical study
M. Siponen (2000)
A conceptual foundation for organizational information security awarenessInf. Manag. Comput. Secur., 8
Ross Anderson (2001)
Security Engineering: A Guide to Building Dependable Distributed Systems
H. Gamboa, A. Fred (2004)
A behavioral biometric system based on human-computer interaction, 5404
M.B. Miles, M.A. Huberman
Qualitative Data Analysis
K. Greenway, Ruth Halperin (2008)
Information Systems Security Management: A Critical Research Agenda
Rolf Moulton, R. Coles (2003)
Applying information security governanceComput. Secur., 22
S. Woodhouse (2007)
Information Security: End User Behavior and Corporate Culture7th IEEE International Conference on Computer and Information Technology (CIT 2007)
R. Solms, S. Solms (2006)
Information Security Governance: A model based on the Direct-Control CycleComput. Secur., 25
K. Cameron, R. Quinn (1999)
Diagnosing and Changing Organizational Culture: Based on the Competing Values Framework
W. Baker, Linda Wallace (2007)
Is Information Security Under Control?: Investigating Quality in Information Security ManagementIEEE Security & Privacy, 5
K. Thomson, R. Solms (2006)
Towards an Information Security Competence Maturity ModelComputer Fraud & Security, 2006
K. Thomas (1992)
Conflict and conflict management: Reflections and updateJournal of Organizational Behavior, 13
A. Acquisti (2004)
Privacy and Security of Personal Information - Economic Incentives and Technological Solutions
G. Dhillon
Princples of Information Security: Text and Cases
Steven Alter (2004)
Desperately Seeking Systems Thinking in the Information Systems Discipline
Jie Zhang, Brian Reithel, Han Li (2009)
Impact of perceived technical protection on security behaviorsInf. Manag. Comput. Secur., 17
M. Siponen, R. Baskerville, T. Kuivalainen (2005)
Integrating Security into Agile Development MethodsProceedings of the 38th Annual Hawaii International Conference on System Sciences
Eszter Bartis, N. Mitev (2008)
A multiple narrative approach to information systems failure: a successful system that failedEuropean Journal of Information Systems, 17
J. Lindström, Sören Samuelsson, Dan Harnesk, Ann Hägerfors (2008)
The need for improved alignment between actability, strategic planning of IS and information security
M. Fowler, J. Higsmith
The agile manifesto
M. Siponen, R. Willison (2009)
Information security management standards: Problems and solutions
J. Iivari, Magda Huisman (2007)
The Relationship Between Organizational Culture and the Deployment of Systems Development Methodologies
G. Dhillon, J. Backhouse (2001)
Current directions in IS security research: towards socio‐organizational perspectivesInformation Systems Journal, 11
E. Davidson (2006)
A Technological Frames Perspective on Information Technology and Organizational ChangeThe Journal of Applied Behavioral Science, 42
K.‐L. Thomson, R. Von Solms
Towards an information security competence mode
H. Klein, M. Myers (1999)
A Set of Principles for Conducting and Evaluating Interpretive Field Studies in Information SystemsMIS Q., 23
B. Boehm, R. Turner (2003)
Balancing Agility and Dis-cipline: A Guide for the Perplexed
B. Solms (2001)
Special Features: Corporate Governance and Information SecurityComputers & Security, 20
Anil Jain, A. Ross, S. Prabhakar (2004)
An introduction to biometric recognitionIEEE Transactions on Circuits and Systems for Video Technology, 14
Purpose – The purpose of this paper is to broaden the understanding about security behaviour by developing a security behaviour typology based on the concepts of discipline and agility. Design/methodology/approach – A case study was designed to analyze security behaviours in one public nursing centre. The inquiry was organized around the themes discipline and agility, culture, and security processes in order to get an in‐depth understanding of the complex relationship between security management, referred to as discipline, and security in use, referred to as agility. Findings – The paper shows that security behaviour can be shaped by discipline and agility and that both can exist collectively if organizations consider the constitutional and existential aspects of information security (IS) management. Practical implications – This research makes a pivotal stand for the issue how security behaviours narrate a broad picture to enhance IS management. In particular, this will improve design of IS training and awareness programs. Originality/value – This research is relevant to IS management in organizations, particularly as behavioural and cultural aspects are becoming increasingly significant for maintaining and also designing systemic IS management.
Information Management & Computer Security – Emerald Publishing
Published: Oct 11, 2011
Keywords: Information security; Organizational change; Strategic management; Psychology; Organizational culture; IT management
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.