Abstract
National culture plays an important role in the development and compliance with information security (InfoSec) policy and standards. A successful InfoSec policy must demonstrate understanding of the local workforce's culture and not just blindly impose rules and regulations. We conducted a quantitative study of 177 professionals across 35 national cultures to investigate whether national culture influences InfoSec training and best practices using Hofstede's six cultural dimensions. Our findings indicate that training programs should more directly address the variances in perception of InfoSec across cultures. These training programs should also reflect the significance of the organisation's InfoSec policies in the context of the local employee, while maintaining unified corporate governance. By increasing training comprehension, organisations can reduce security incidents resulting from unintentional policy violations and in turn, avoid costly remediation efforts.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
