An ethnographic study to assess the enactment of information security culture in a retail store: 2015 World Congress on Internet Security

Andrews Greig, Karen Renaud, Stephen Flowerday

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

7 Citations (Scopus)

Abstract

The behaviour of the employee has the potential to either strengthen or weaken security, and it is therefore vital to foster a culture of security within organizations. The hope is that such a culture will ensure that behaviour becomes more secure over time, essentially reducing security incidents. Organizations attempt to nurture such a culture, mostly by means of educating their employees and having a comprehensive set of regularly-updated security policies. They are required to carry out regular security audits. These are usually in the form of checkbox-type assessments, ascertaining that the organization has all the correct mechanisms in place to maximize security of information.We carried out an ethnographic investigation into the security culture of a single retail store that is part of a large nationwide organization in the United Kingdom. The study surprisingly revealed poor security culture, despite the organization as a whole seemingly following good practice with respect to education and policy.
Original languageEnglish
Title of host publicationProceedings 2015 World Congress on Internet Security (WorldCIS)
PublisherIEEE
Number of pages6
ISBN (Print)9781467394833
DOIs
Publication statusPublished - 16 Dec 2015
Event2015 World Congress on Internet Security (WorldCIS) - Dublin, Ireland
Duration: 19 Oct 201521 Oct 2015

Conference

Conference2015 World Congress on Internet Security (WorldCIS)
Country/TerritoryIreland
CityDublin
Period19/10/1521/10/15

Keywords

  • information security culture
  • ethnographic study
  • retail
  • security behaviour
  • behavioural sciences computing
  • retail data processing
  • security of data
  • cultural aspects

Fingerprint

Dive into the research topics of 'An ethnographic study to assess the enactment of information security culture in a retail store: 2015 World Congress on Internet Security'. Together they form a unique fingerprint.

Cite this