Abstract
In today's world, information security is a trending as well as a crucial topic for both individuals and organisations. Cyber attacks cause financial loss for businesses with data breaches and production loss. Data breaches can result in loss of reputation, reduced customer loyalty, and fines. Also due to cyber attacks, business continuity is affected so that organisations cannot provide continuous production. Therefore, organisations should reduce cyber risks by managing their information security. For this purpose, they may use ISO/IEC 27001 information security management standard. ISO/IEC 27001:2013 includes 114 controls that are in both technical and organisational level. However, in the practice of security management, individuals' information security behaviour could be underestimated. Herein, technology alone cannot guarantee the safety of information assets in organisations, thereby a range of human aspects should be taken into consideration. In this study, the importance of security behaviour with respect to ISO/IEC 27001 information security management implementation is presented. The present study extensively analyses the data collected from a survey of 630 people. The results of reliability measures and confirmatory factor analysis support the scale of the study.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Applied Decision Sciences
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
