Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Understanding Relationship Between Security Culture and Knowledge Management

  • Conference paper
  • First Online:
Knowledge Management in Organizations (KMO 2014)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 185))

Included in the following conference series:

  • 1799 Accesses

Abstract

Despite the widely recognized importance of information security as a vital asset in an organization, there has been lack of understanding of how organizations actually cultivate security culture amongst the employees in a particular environment. Based on previous researches, the vast majority of information security incidents are caused by human factor, and not by flawed technology. Knowledge has been highlighted as one important parameter of the human factor in information security. Previous literature has suggested the Knowledge Management (KM) approach as one of the approaches to implement information security management. However, the knowledge dimension of information security management in the healthcare industry has been neglected. The goal of this paper is to investigate the relationship between security culture and KM. Thus, a conceptual model has been proposed to describe the relationship. The findings suggest that security culture may have a positive relationship with knowledge creation, knowledge sharing, and knowledge use through security behaviour. The proposed conceptual model will be further evaluated with selected healthcare organizations in Malaysia.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Whitman, M.: Enemy at the gate: threats to information security. Commun. ACM 46(8), 91–95 (2003)

    Article  Google Scholar 

  2. Adele, M., Elofe, J.: Information Security Culture Survey, pp. 203–214 (2002)

    Google Scholar 

  3. Furnell, S., Rajendran, A.: Understanding the influences on information security behaviour. Comput. Fraud Secur. 2012(3), 12–15 (2012)

    Article  Google Scholar 

  4. Herath, T., Rao, H.R.: Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decis. Support Syst. 47(2), 154–165 (2009). Elsevier B.V

    Article  Google Scholar 

  5. Chhanabhai, P., Holt, A.: EHR security: the New Zealand publica perception. Conf. Soc. Sci. Res. Policy Mak. Bridg. Divid. 79 (2009)

    Google Scholar 

  6. King, T., Brankovic, L., Gillard, P.: Perspectives of Australian adults about protecting the privacy of their health information in statistical databases. Int. J. Med. Inform. 81(4), 279–289 (2012). Elsevier Ireland Ltd

    Article  Google Scholar 

  7. Kerai, P., Wood, P., Martin, M.: A pilot study on the views of elderly regional Australians of personally controlled electronic health records. Int. J. Med. Inform. 83(3), 201–209 (2014). Elsevier Ireland Ltd

    Article  Google Scholar 

  8. Landolt, S., Hirschel, J., Schlienger, T., Businger, W., Zbinden, A.M.: Assessing and comparing information security in swiss hospitals. Interact. J. Med. Res. 1(2), e11 (2012)

    Article  Google Scholar 

  9. Bose, R.: Knowledge management-enabled health care management systems: capabilities, infrastructure, and decision-support. Expert Syst. Appl. 24(1), 59–71 (2003)

    Article  Google Scholar 

  10. Thomson, K., Von Solms, R., Louw, L.: Cultivating an organizational information security culture. Comput. Fraud Secur. 49–50 (2006)

    Google Scholar 

  11. Van Niekerk, J.F., Von Solms, R.: Information security culture: A management perspective. Comput. Secur. 29(4), 476–486 (2010). Elsevier Ltd

    Article  Google Scholar 

  12. Helokunnas, T., Kuusisto, R.: Information security culture in a value net. In: Proceedings of IEMC ’03, Proc. Manag. Technol. Driven Organ. Hum. Side Innov. Chang., pp. 190–194. IEEE (2003)

    Google Scholar 

  13. Dojkovski, S.: Fostering information security culture in small and medium size enterprises: an interpretive study in Australia. In: Proceedings of the 15th European Conference on Information Systems, pp. 1560–1571 (2007)

    Google Scholar 

  14. Talib, S., Clarke, N., Furnell, S.: Establishing a personalized information security culture. Int. J. Mob. Comput. Multimed. Commun. 3(1), 63–79 (2011)

    Article  Google Scholar 

  15. Zakaria, O.: Internalisation of information security culture amongst employees through basic security knowledge. Secur. Priv. Dyn. Environ. 201, 437–441 (2006)

    Article  Google Scholar 

  16. Appari, A., Johnson, M.: Information security and privacy in healthcare: current state of research. Int. J. Internet Enterp. Manag. 6(4), 279–314 (2010)

    Article  Google Scholar 

  17. Long, D.W.D., Fahey, L.: Diagnosing cultural barriers to knowledge management. Acad. Manag. Exec. 14(4), 113–127 (2000)

    Google Scholar 

  18. Boisnier, A., Chatman, J.A.: The Role of Subcultures in Agile Organizations. Haas School of Business, Berkelely (2002)

    Google Scholar 

  19. Ipe, M.: Knowledge sharing in organizations: a conceptual framework. Hum. Resour. Dev. Rev. 2(4), 337–359 (2003)

    Article  Google Scholar 

  20. Leidner, D., Kayworth, T.: A review of culture in information systems research: toward a theory of information technology culture conflict. MIS Q. 30(2), 357–399 (2006)

    Google Scholar 

  21. Majchrzak, A., Jarvenpaa, S.L.: Information security in cross-enterprise collaborative knowledge work. E:CO 6(4), 4–8 (2004)

    Google Scholar 

  22. Ramachandran, S.: Information security cultures of four professions: a comparative study. In: Proceedings of the 40th Annual Hawaii International Conference on System Sciences, pp. 1–10 (2008)

    Google Scholar 

  23. Bloodgood, J.M., Salisbury, W.D.: Understanding the influence of organizational change strategies on information technology and knowledge management strategies. Decis. Support Syst. 31(1), 55–69 (2001)

    Article  Google Scholar 

  24. Lee, H., Choi, B.: Knowledge Management Enablers, Processes, and Organizational Performance: An Integration and Empirical Examination (2000)

    Google Scholar 

  25. McEvily, S.K., Chakravarthy, B.: The persistence of knowledge-based advantage: an empirical test for product performance and technological knowledge. Strateg. Manag. J. 23(4), 285–305 (2002)

    Article  Google Scholar 

  26. Vroom, C., von Solms, R.: Towards information security behavioural compliance. Comput. Secur. 23(3), 191–198 (2004)

    Article  Google Scholar 

  27. Pahnila, S., Siponen, M., Mahmood, A.: Employees’ behavior towards IS security policy compliance. In: Proceedings of the 40th Annual Hawaii International Conference on System Sciences, IHICSS 2007, pp. 1–10 (2007)

    Google Scholar 

Download references

Acknowledgments

This study was funded by Zamalah Scholarship from Universiti Teknologi Malaysia.

Author information

Authors and Affiliations

  1. Advanced Informatics School (AIS), Universiti Teknologi Malaysia, 54100, Kuala Lumpur, Malaysia

    Noor Hafizah Hassan, Zuraini Ismail & Nurazean Maarop

Authors
  1. Noor Hafizah Hassan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zuraini Ismail
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nurazean Maarop
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Noor Hafizah Hassan .

Editor information

Editors and Affiliations

  1. Staffordshire University, Staffordshire, United Kingdom

    Lorna Uden

  2. Universidad Santa Maria, Santiago, Chile

    Darcy Fuenzaliza Oshee

  3. National University of Kaohsiung, Kaohsiung City, Taiwan

    I-Hsien Ting

  4. Universidad Santa Maria, Santiago, Chile

    Dario Liberona

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Hassan, N.H., Ismail, Z., Maarop, N. (2014). Understanding Relationship Between Security Culture and Knowledge Management. In: Uden, L., Fuenzaliza Oshee, D., Ting, IH., Liberona, D. (eds) Knowledge Management in Organizations. KMO 2014. Lecture Notes in Business Information Processing, vol 185. Springer, Cham. https://doi.org/10.1007/978-3-319-08618-7_38

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-08618-7_38

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-08617-0

  • Online ISBN: 978-3-319-08618-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation