Cyber–information security compliance and violation behaviour in organisations: A systematic review
Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest...
Main Authors: | , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI
2022
|
Subjects: | |
Online Access: | http://umpir.ump.edu.my/id/eprint/35216/1/2022_Social%20Sciences_Cyber-Information%20Security%20Compliance%20and%20violation%20behavior%20in%20organizations.pdf |
_version_ | 1825814548881342464 |
---|---|
author | Sulaiman, Noor Suhani Fauzi, M. A. Wider, Walton Rajadurai, Jegatheesan Hussain, Suhaidah Harun, Siti Aminah |
author_facet | Sulaiman, Noor Suhani Fauzi, M. A. Wider, Walton Rajadurai, Jegatheesan Hussain, Suhaidah Harun, Siti Aminah |
author_sort | Sulaiman, Noor Suhani |
collection | UMP |
description | Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation. |
first_indexed | 2024-03-06T13:00:14Z |
format | Article |
id | UMPir35216 |
institution | Universiti Malaysia Pahang |
language | English |
last_indexed | 2024-03-06T13:00:14Z |
publishDate | 2022 |
publisher | MDPI |
record_format | dspace |
spelling | UMPir352162022-09-28T03:47:11Z http://umpir.ump.edu.my/id/eprint/35216/ Cyber–information security compliance and violation behaviour in organisations: A systematic review Sulaiman, Noor Suhani Fauzi, M. A. Wider, Walton Rajadurai, Jegatheesan Hussain, Suhaidah Harun, Siti Aminah H Social Sciences (General) Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation. MDPI 2022 Article PeerReviewed pdf en cc_by_4 http://umpir.ump.edu.my/id/eprint/35216/1/2022_Social%20Sciences_Cyber-Information%20Security%20Compliance%20and%20violation%20behavior%20in%20organizations.pdf Sulaiman, Noor Suhani and Fauzi, M. A. and Wider, Walton and Rajadurai, Jegatheesan and Hussain, Suhaidah and Harun, Siti Aminah (2022) Cyber–information security compliance and violation behaviour in organisations: A systematic review. Social Sciences, 11 (9). pp. 1-17. ISSN 2076-0760. (Published) https://doi.org/10.3390/socsci11090386 https://doi.org/10.3390/socsci11090386 |
spellingShingle | H Social Sciences (General) Sulaiman, Noor Suhani Fauzi, M. A. Wider, Walton Rajadurai, Jegatheesan Hussain, Suhaidah Harun, Siti Aminah Cyber–information security compliance and violation behaviour in organisations: A systematic review |
title | Cyber–information security compliance and violation behaviour in organisations: A systematic review |
title_full | Cyber–information security compliance and violation behaviour in organisations: A systematic review |
title_fullStr | Cyber–information security compliance and violation behaviour in organisations: A systematic review |
title_full_unstemmed | Cyber–information security compliance and violation behaviour in organisations: A systematic review |
title_short | Cyber–information security compliance and violation behaviour in organisations: A systematic review |
title_sort | cyber information security compliance and violation behaviour in organisations a systematic review |
topic | H Social Sciences (General) |
url | http://umpir.ump.edu.my/id/eprint/35216/1/2022_Social%20Sciences_Cyber-Information%20Security%20Compliance%20and%20violation%20behavior%20in%20organizations.pdf |
work_keys_str_mv | AT sulaimannoorsuhani cyberinformationsecuritycomplianceandviolationbehaviourinorganisationsasystematicreview AT fauzima cyberinformationsecuritycomplianceandviolationbehaviourinorganisationsasystematicreview AT widerwalton cyberinformationsecuritycomplianceandviolationbehaviourinorganisationsasystematicreview AT rajaduraijegatheesan cyberinformationsecuritycomplianceandviolationbehaviourinorganisationsasystematicreview AT hussainsuhaidah cyberinformationsecuritycomplianceandviolationbehaviourinorganisationsasystematicreview AT harunsitiaminah cyberinformationsecuritycomplianceandviolationbehaviourinorganisationsasystematicreview |