Leadership by Example in e-Government Security Management System

Abstract

e-Government is getting advance in targeting efficient services to citizens, hence, information security becomes an important asset to the national entities. Information security maturity level by Von Solms is theoretically has improved from technical to governance wave. However, a problem exists when theory does not align with the current practice because practically, the employees‟ mind-set is still in technical wave and organisations‟ strategy partially involve governance wave especially a leadership context. These can also be found by a previous contribution made by Zakaria studies, he describes a leadership stays under the manager‟s responsibilities. His study is a continuation of a Schein‟s organisation culture. Schein defines culture with three layers of values, observable and assumption, in additions Zakaria has improvised into security culture becomes security value, observable and assumption. However, manager‟s responsibilities stay under management wave; meanwhile, governance wave involves top management. Thus, the composition explores a „leadership-by-example‟ in eGovernment security management system in order to come out with a model of key-factors to line up with governance wave. In order to develop a „leadership-by-example‟ concept in the e-Government management system, the authors guide the study with four objectives and are achieved in different sections. The authors concluded an empirical study by critically reviewing previous literatures that are achieved in section 2, and followed by evaluation of leaders‟ strategy on information security development and its implementation and distribution to employees which described in section 4. Findings from the study show an inappropriate strategy of leadership concept in the organisations creates lack of motivation to employees which can be a cause of incidents by insiders. Inappropriate strategy of leadership concept is due to incompatible security leadership and unorganised security structure. Therefore, the study contributes a model of keyfactors contains of 3Ps includes „People‟, „Process‟ and „Product‟ to guide on the concept of „leadership-by-example‟ in managing information security management system systematically. General Terms Information Security Management System, People & Security and Leadership-by-Example.