A descriptive review and classification of organizational information security awareness research

Gershon Hutchinson, Jacques Ophoff*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

55 Downloads (Pure)

Abstract

Information security awareness (ISA) is a vital component of information security in organizations. The purpose of this research is to descriptively review and classify the current body of knowledge on ISA. A sample of 59 peer-reviewed academic journal articles, which were published over the last decade from 2008 to 2018, were analyzed. Articles were classified using coding techniques from the grounded theory literature-review method. The results show that ISA research is evolving with behavioral research studies still being explored. Quantitative empirical research is the dominant methodology and the top three theories used are general deterrence theory, theory of planned behavior, and protection motivation theory. Future research could focus on qualitative approaches to provide greater depth of ISA understanding.
Original languageEnglish
Title of host publicationInformation and cyber security
Subtitle of host publication18th International conference, ISSA 2019, Johannesburg, South Africa, August 15, 2019, proceedings
EditorsHein Venter, Marianne Loock, Marijke Coetzee, Mariki Eloff, Jan Eloff
Place of PublicationCham
PublisherSpringer
Pages114-130
Number of pages17
ISBN (Electronic)9783030432768
ISBN (Print)9783030432751
DOIs
Publication statusPublished - 8 Mar 2020
Event18th International Information Security South Africa Conference - Johannesburg, South Africa
Duration: 15 Aug 201915 Aug 2019
Conference number: 18th
https://web.archive.org/web/20190815053855/http://www.infosecsa.co.za/

Publication series

NameCommunications in Computer and Information Science (CCIS)
PublisherSpringer
Volume1166
ISSN (Print)1865-0929
ISSN (Electronic)1865-0937

Conference

Conference18th International Information Security South Africa Conference
Abbreviated titleISSA 2019
CountrySouth Africa
CityJohannesburg
Period15/08/1915/08/19
Internet address

Fingerprint Dive into the research topics of 'A descriptive review and classification of organizational information security awareness research'. Together they form a unique fingerprint.

  • Cite this

    Hutchinson, G., & Ophoff, J. (2020). A descriptive review and classification of organizational information security awareness research. In H. Venter, M. Loock, M. Coetzee, M. Eloff, & J. Eloff (Eds.), Information and cyber security: 18th International conference, ISSA 2019, Johannesburg, South Africa, August 15, 2019, proceedings (pp. 114-130). (Communications in Computer and Information Science (CCIS); Vol. 1166). Springer. https://doi.org/10.1007/978-3-030-43276-8_9