Information security awareness in a developing country context : insights from the government sector in Saudi Arabia

Abstract

Purpose

The purpose of this paper is to increase understanding of employee information security awareness in a government sector setting and illuminate the problems that public sector organisations in a developing context face when seeking to establish an information security awareness programme.

Design/methodology/approach

An interpretive research design was followed to develop an empirically enriched understanding of information security awareness perceptions, aspirations, challenges and enablers in the context of Saudi Arabia as a developing country. The study adopts a single-case study approach, including face-to-face interviews with senior employees, as well as document analysis.

Findings

The paper theorises the importance of individual information security awareness, knowledge and behaviour and identifies a number of facilitating conditions: customisation to employee and organisational needs, interactivity, innovation, frequency, integration of both electronic and physical learning resources and rewarding the acquisition of in-depth security-related actionable knowledge.

Originality/value

This study is one of the first to examine information security awareness as a socio-technical process within a government sector organisation in a developing country context.

Metadata

Item Type:	Article
Authors/Creators:	AlMindeel, R. Martins, J.T. https://orcid.org/0000-0003-3906-5904
Copyright, Publisher and Additional Information:	© 2020 Emerald Publishing. This is an author-produced version of a paper subsequently published in Information Technology & People. This version is distributed under the terms of the Creative Commons Attribution-NonCommercial Licence (http://creativecommons.org/licenses/by-nc/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. You may not use the material for commercial purposes.
Keywords:	Information security awareness; Information security behaviour; Government sector; Public servants; Saudi Arabia
Dates:	Published: 12 March 2021 Published (online): 6 May 2020 Accepted: 8 April 2020
Institution:	The University of Sheffield
Academic Units:	The University of Sheffield > Faculty of Social Sciences (Sheffield) > Information School (Sheffield)
Depositing User:	Symplectic Sheffield
Date Deposited:	10 Jun 2020 12:50
Last Modified:	12 Nov 2021 10:04
Status:	Published
Publisher:	Emerald
Refereed:	Yes
Identification Number:	10.1108/itp-06-2019-0269
Related URLs:	Author
Open Archives Initiative ID (OAI ID):	oai:eprints.whiterose.ac.uk:161774

CORE (COnnecting REpositories)

Information security awareness in a developing country context : insights from the government sector in Saudi Arabia

Abstract

Metadata

Download

Accepted Version

Export

Statistics