{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T11:16:22Z","timestamp":1770981382333,"version":"3.50.1"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030183998","type":"print"},{"value":"9783030184001","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-18400-1_63","type":"book-chapter","created":{"date-parts":[[2019,4,25]],"date-time":"2019-04-25T19:36:08Z","timestamp":1556220968000},"page":"776-788","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Information Security Culture Assessment of Small and Medium-Sized Enterprises in Tanzania"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2339-7154","authenticated-orcid":false,"given":"Zainab","family":"Ruhwanya","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0634-5248","authenticated-orcid":false,"given":"Jacques","family":"Ophoff","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,4,26]]},"reference":[{"key":"63_CR1","unstructured":"Verizon Business. 2018 Data breach investigations report, Trends, pp. 1\u201362 (2018)"},{"issue":"2","key":"63_CR2","doi-asserted-by":"publisher","first-page":"196","DOI":"10.1016\/j.cose.2009.09.002","volume":"29","author":"A Da Veiga","year":"2010","unstructured":"Da Veiga, A., Eloff, J.H.: A framework and assessment instrument for information security culture. Comput. Secur. 29(2), 196\u2013207 (2010)","journal-title":"Comput. Secur."},{"key":"63_CR3","unstructured":"Dojkovski, S., Lichtenstein, S., Warren, M.: Institutionalising information security culture in Australian SMEs\u202f: framework and key issues. In: International Symposium on Human Aspects of Information Security and Assurance, pp. 10\u201324 (2007)"},{"key":"63_CR4","unstructured":"Tolah, A., Furnell, S.M., Papadaki, M.: A comprehensive framework for cultivating and assessing information security culture. In: The Eleventh International Symposium on Human Aspects of Information Security and Assurance (HAISA), pp. 52\u201364 (2017)"},{"issue":"May","key":"63_CR5","first-page":"1","volume":"2006","author":"J Van Niekerk","year":"2006","unstructured":"Van Niekerk, J., Von Solms, R.: Understanding information security culture: a conceptual framework. Proc. ISSA 2006(May), 1\u201310 (2006)","journal-title":"Proc. ISSA"},{"key":"63_CR6","unstructured":"Alnatheer, M., Nelson, K.: Proposed framework for understanding information security culture and practices in the Saudi context. In: 7th Australian Information Security Management Conference (2009)"},{"key":"63_CR7","series-title":"IFIP\u2014The International Federation for Information Processing","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1007\/978-0-387-34982-4_12","volume-title":"Diffusion and Adoption of Information Technology","author":"JYL Thong","year":"1996","unstructured":"Thong, J.Y.L., Yap, C.S.: Information technology adoption by small business: an empirical study. In: Kautz, K., Pries-Heje, J. (eds.) Diffusion and Adoption of Information Technology. ITIFIP, pp. 160\u2013175. Springer, Boston, MA (1996). https:\/\/doi.org\/10.1007\/978-0-387-34982-4_12"},{"key":"63_CR8","first-page":"46","volume":"31","author":"T Schlienger","year":"2003","unstructured":"Schlienger, T., Teufel, S.: Information security culture \u2013 from analysis to change. S. Afr. Comput. J. 31, 46\u201352 (2003)","journal-title":"S. Afr. Comput. J."},{"key":"63_CR9","unstructured":"Ponemon Institute LLC: 2017 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) Sponsored by Keeper Security (2017)"},{"issue":"1","key":"63_CR10","doi-asserted-by":"publisher","first-page":"13","DOI":"10.4018\/jgim.2002010102","volume":"10","author":"D Straub","year":"2002","unstructured":"Straub, D., Loch, K., Evaristo, R., Karahanna, E., Srite, M.: Toward a theory-based measurement of culture. J. Glob. Inf. Manag. 10(1), 13\u201323 (2002)","journal-title":"J. Glob. Inf. Manag."},{"key":"63_CR11","unstructured":"Karjalainen, M., Siponen, M.T., Petri, P., Suprateek, S.: One size does not fit all: different cultures require different information systems security interventions. In: IFIP 8.11\/11.13 Dewald Roode Information Security Research Workshop (2013)"},{"key":"63_CR12","first-page":"617","volume-title":"Principles of Information Security","author":"ME Whitman","year":"2012","unstructured":"Whitman, M.E., Mattord, H.J.: Principles of Information Security, 4th edn, p. 617. Course Technol, Boston (2012)","edition":"4"},{"key":"63_CR13","volume-title":"The Art of Deception: Controlling the Human Element of Security","author":"KD Mitnick","year":"2011","unstructured":"Mitnick, K.D., Simon, W.L.: The Art of Deception: Controlling the Human Element of Security. Wiley, Hoboken (2011)"},{"issue":"2","key":"63_CR14","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1016\/j.dss.2009.02.005","volume":"47","author":"T Herath","year":"2009","unstructured":"Herath, T., Rao, H.R.: Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decis. Support Syst. 47(2), 154\u2013165 (2009)","journal-title":"Decis. Support Syst."},{"issue":"10","key":"63_CR15","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1016\/S1361-3723(06)70430-4","volume":"2006","author":"K-L Thomson","year":"2006","unstructured":"Thomson, K.-L., Von Solms, R., Louw, L.: Cultivating an organizational information security culture. Comput. Fraud Secur. 2006(10), 7\u201311 (2006)","journal-title":"Comput. Fraud Secur."},{"key":"63_CR16","first-page":"3","volume":"2","author":"EH Schein","year":"1984","unstructured":"Schein, E.H.: Coming to a new awareness of organizational culture. Sloan Manage. Rev. 2, 3\u201316 (1984)","journal-title":"Sloan Manage. Rev."},{"issue":"2","key":"63_CR17","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1007\/BF01733682","volume":"1","author":"G Hofstede","year":"1984","unstructured":"Hofstede, G.: Cultural dimensions in management and planning. Asia Pacific J. Manag. 1(2), 81\u201399 (1984)","journal-title":"Asia Pacific J. Manag."},{"key":"63_CR18","volume-title":"Organizational Culture and Leadership","author":"EH Schein","year":"2004","unstructured":"Schein, E.H.: Organizational Culture and Leadership, 3rd edn. Jossey-Bass, Hoboken (2004)","edition":"3"},{"key":"63_CR19","doi-asserted-by":"crossref","unstructured":"Alhogail, A.: Information Security Culture: A Definition and A Literature Review. IEEE (2014)","DOI":"10.1109\/WCCAIS.2014.6916579"},{"key":"63_CR20","doi-asserted-by":"crossref","unstructured":"Martins, N., Da Veiga, A.: Information security culture: a comparative analysis of four assessments. In: European Conference on Information Management and Evaluation no. September, pp. 49\u201358 (2014)","DOI":"10.1016\/j.cose.2014.12.006"},{"issue":"1","key":"63_CR21","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1108\/09685220610648355","volume":"14","author":"KJ Knapp","year":"2006","unstructured":"Knapp, K.J., Marshall, T.E., Kelly, R.R., Nelson, F.F., Rainer, R.K., Ford, F.N.: Information security: management\u2019s effect on culture and policy. Inf. Manag. Comput. Secur. 14(1), 24\u201336 (2006)","journal-title":"Inf. Manag. Comput. Secur."},{"key":"63_CR22","first-page":"1","volume":"2018","author":"H Kinnunen","year":"2018","unstructured":"Kinnunen, H., Siponen, M.: Developing organization-specific information security policies. PACIS 2018, 1\u201313 (2018)","journal-title":"PACIS"},{"issue":"3","key":"63_CR23","first-page":"11","volume":"55","author":"YAN Chen","year":"2015","unstructured":"Chen, Y.A.N., Ramamurthy, K.R.A.M., Wen, K.: Impacts of comprehensive information security programs on information security culture. J. Comput. Inf. Syst. 55(3), 11 (2015)","journal-title":"J. Comput. Inf. Syst."},{"key":"63_CR24","doi-asserted-by":"crossref","unstructured":"Siponen, M.T.: Five Dimensions of Information Security Awareness. Comput. Soc., no. June, pp. 24\u201329 (2001)","DOI":"10.1145\/503345.503348"},{"key":"63_CR25","unstructured":"Schlienger, T., Teufel, S.: Analyzing information security culture: increased trust by an appropriate information security culture. In: Proceedings of International Conference on Database and Expert Systems Applications DEXA, January 2003, pp. 405\u2013409 (2003)"},{"key":"63_CR26","unstructured":"Enisa: Information security and privacy standards for SMEs. European Union Agency For Network And Information Security, no. December. 2015"},{"key":"63_CR27","first-page":"51","volume":"5","author":"JC Sipior","year":"2008","unstructured":"Sipior, J.C., Ward, B.T.: A framework for information security management based on guiding standards: a united states perspective. Issues Inf. Sci. Inf. Technol. 5, 51\u201360 (2008)","journal-title":"Issues Inf. Sci. Inf. Technol."},{"key":"63_CR28","doi-asserted-by":"publisher","first-page":"615","DOI":"10.1016\/S0167-4048(00)07021-8","volume":"19","author":"B Von Solms","year":"2000","unstructured":"Von Solms, B.: Information security\u2014the third wave? Comput. Secur. 19, 615\u2013620 (2000)","journal-title":"Comput. Secur."},{"issue":"8","key":"63_CR29","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1145\/1145287.1145316","volume":"49","author":"M Siponen","year":"2006","unstructured":"Siponen, M.: Information security standards focus on the existence of process, not its content. Commun. ACM 49(8), 97 (2006). Technical Opinion","journal-title":"Commun. ACM"},{"key":"63_CR30","unstructured":"URT: Small and Medium Enterprise Development Policy. J. SMEs policies, vol. II, no. April, pp. 12\u201320 (2003)"},{"key":"63_CR31","unstructured":"Ministry of Industry and Trade. National Baseline Survey Report for Micro, Small and Medium Enterprises in Tanzania. Ministry of Trade and Financial Sector Deepening Trust, vol. 53, no. 9 (2012)"},{"issue":"1","key":"63_CR32","first-page":"69","volume":"3","author":"M Meckel","year":"2005","unstructured":"Meckel, M., Walters, D., Baugh, P.: Mixed-mode surveys using mail and web questionnaires. Electron. J. Bus. Res. Methods 3(1), 69\u201380 (2005)","journal-title":"Electron. J. Bus. Res. Methods"},{"issue":"2","key":"63_CR33","doi-asserted-by":"publisher","first-page":"132","DOI":"10.1016\/j.chb.2009.10.015","volume":"26","author":"W Fan","year":"2010","unstructured":"Fan, W., Yan, Z.: Factors affecting response rates of the web survey: a systematic review. Comput. Human Behav. 26(2), 132\u2013139 (2010)","journal-title":"Comput. Human Behav."},{"key":"63_CR34","volume-title":"Basic Statistics for the Behavioral Sciences","author":"GW Heiman","year":"2013","unstructured":"Heiman, G.W.: Basic Statistics for the Behavioral Sciences. Cengage Learning, Boston (2013)"},{"issue":"2","key":"63_CR35","first-page":"167","volume":"14","author":"G Bougaardt","year":"2011","unstructured":"Bougaardt, G., Kyobe, M.: Investigating the factors inhibiting SMEs from recognizing and measuring losses from cyber crime in South Africa. Electron. J. Inf. Syst. Eval. 14(2), 167\u2013178 (2011)","journal-title":"Electron. J. Inf. Syst. Eval."},{"issue":"1","key":"63_CR36","doi-asserted-by":"publisher","first-page":"36","DOI":"10.3390\/info3010036","volume":"3","author":"M Ghobakhloo","year":"2012","unstructured":"Ghobakhloo, M., Hong, T.S., Sabouri, M.S., Zulkifli, N.: Strategies for successful information technology adoption in small and medium-sized enterprises. Information 3(1), 36\u201367 (2012)","journal-title":"Information"},{"key":"63_CR37","doi-asserted-by":"crossref","unstructured":"Chen, D., Zhao, H.: Data Security and Privacy Protection Issues in Cloud Computing. In: 2012 International Conference on Computer Science and Electronics Engineering, no. March 2012, pp. 647\u2013651 (2012)","DOI":"10.1109\/ICCSEE.2012.193"}],"container-title":["IFIP Advances in Information and Communication Technology","Information and Communication Technologies for Development. Strengthening Southern-Driven Cooperation as a Catalyst for ICT4D"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-18400-1_63","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T19:11:17Z","timestamp":1710270677000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-18400-1_63"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030183998","9783030184001"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-18400-1_63","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"value":"1868-4238","type":"print"},{"value":"1868-422X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"26 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICT4D","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Social Implications of Computers in Developing Countries","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Dar es Salaam","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Tanzania","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 May 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 May 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icsicdc2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2019ifipwg94.net\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"185","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"97","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"52% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}