{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T13:44:37Z","timestamp":1743083077213,"version":"3.40.3"},"publisher-location":"Cham","reference-count":40,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030601515"},{"type":"electronic","value":"9783030601522"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-60152-2_38","type":"book-chapter","created":{"date-parts":[[2020,9,26]],"date-time":"2020-09-26T14:03:43Z","timestamp":1601129023000},"page":"507-521","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Factors Shaping Information Security Culture in an Internal IT Department"],"prefix":"10.1007","author":[{"given":"Peter","family":"Dornheim","sequence":"first","affiliation":[]},{"given":"R\u00fcdiger","family":"Zarnekow","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,9,27]]},"reference":[{"key":"38_CR1","unstructured":"Allianz: Allianz Risk Barometer Report \u2013 Identifying the major business risks for 2020 (2020)"},{"key":"38_CR2","unstructured":"World Economic Forum: The Global Risks Report 2020 (2020)"},{"key":"38_CR3","unstructured":"International Data Group: Otto Beisheim School of Management \u2013 Wissenschaftliche Hochschule f\u00fcr Unternehmensf\u00fchrung, Bechtle AG (2020) CIO Agenda (2020)"},{"key":"38_CR4","doi-asserted-by":"publisher","unstructured":"Hooper, V., Blunt, C.: Factors influencing the information security behaviour of IT employees. Behav. Inf. Technol. 1\u201313, (2019). https:\/\/doi.org\/10.1080\/0144929X.2019.1623322","DOI":"10.1080\/0144929X.2019.1623322"},{"key":"38_CR5","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1108\/ICS-12-2016-0095","volume":"27","author":"F Nel","year":"2019","unstructured":"Nel, F., Drevin, L.: Key elements of an information security culture in organisations. Inf. Comput. Secur. 27, 146\u2013164 (2019). https:\/\/doi.org\/10.1108\/ICS-12-2016-0095","journal-title":"Inf. Comput. Secur."},{"key":"38_CR6","doi-asserted-by":"publisher","unstructured":"Cram, W.A., D\u2019Arcy, J., Proudfoot, J.G.: Seeing the forest and the trees: a meta-analysis of the antecedents to information security policy compliance. MISQ 43, 525\u2013554 (2019). https:\/\/doi.org\/10.25300\/MISQ\/2019\/15117","DOI":"10.25300\/MISQ\/2019\/15117"},{"key":"38_CR7","doi-asserted-by":"publisher","first-page":"101713","DOI":"10.1016\/j.cose.2020.101713","volume":"92","author":"A Da Veiga","year":"2020","unstructured":"Da Veiga, A., Astakhova, L.V., Botha, A., Herselman, M.: Defining organisational information security culture\u2014Perspectives from academia and industry. Comput. Secur. 92, 101713 (2020). https:\/\/doi.org\/10.1016\/j.cose.2020.101713","journal-title":"Comput. Secur."},{"key":"38_CR8","doi-asserted-by":"crossref","unstructured":"Awawdeh, S.A., Tubaishat, A.: An information security awareness program to address common security concerns in IT unit. In: 2014 11th International Conference on Information Technology: New Generations, Las Vegas, NV, USA. IEEE, pp. 273\u2013278 (2014)","DOI":"10.1109\/ITNG.2014.67"},{"key":"#cr-split#-38_CR9.1","doi-asserted-by":"crossref","unstructured":"Lin, C., Wittmer, J.L.S.: Proactive information security behavior and individual creativity: effects of group culture and decentralized IT governance. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). Univ Arizona, Artificial Intelligence Lab","DOI":"10.1109\/ISI.2017.8004865"},{"key":"#cr-split#-38_CR9.2","doi-asserted-by":"crossref","unstructured":"Univ. Chinese Acad. Sci., pp 1-6 (2017)","DOI":"10.25007\/ajnu.v6n2a37"},{"key":"38_CR10","doi-asserted-by":"crossref","unstructured":"Al-Mohannadi, H., Awan, I., Al Hamar, J., Al Hamar, Y., Shah, M., Musa, A.: Understanding awareness of cyber security threat among IT employees. In: 2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Barcelona, pp. 188\u2013192. IEEE (2018)","DOI":"10.1109\/W-FiCloud.2018.00036"},{"key":"38_CR11","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1016\/j.jisa.2018.11.003","volume":"44","author":"A Nasir","year":"2019","unstructured":"Nasir, A., Arshah, R.A., Hamid, M.R.A., Fahmy, S.: An analysis on the dimensions of information security culture concept: a review. J. Inf. Secur. Appl. 44, 12\u201322 (2019). https:\/\/doi.org\/10.1016\/j.jisa.2018.11.003","journal-title":"J. Inf. Secur. Appl."},{"key":"38_CR12","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/978-3-030-43276-8_9","volume-title":"Information and Cyber Security","author":"G Hutchinson","year":"2020","unstructured":"Hutchinson, G., Ophoff, J.: A descriptive review and classification of organizational information security awareness research. In: Venter, H., Loock, M., Coetzee, M., Eloff, M., Eloff, J. (eds.) ISSA 2019. CCIS, vol. 1166, pp. 114\u2013130. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-43276-8_9"},{"key":"38_CR13","doi-asserted-by":"crossref","unstructured":"Gangire, Y., Da Veiga, A., Herselman, M.: A conceptual model of information security compliant behaviour based on the self-determination theory. In: 2019 Conference on Information Communications Technology and Society (ICTAS), Durban, South Africa, pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/ICTAS.2019.8703629"},{"key":"38_CR14","doi-asserted-by":"publisher","unstructured":"Nasir, A., Abdullah Arshah, R., Rashid Ab Hamid, M.: The significance of main constructs of theory of planned behavior in recent information security policy compliance behavior study: a comparison among top three behavioral theories. IJET 7, 737 (2018). https:\/\/doi.org\/10.14419\/ijet.v7i2.29.14008","DOI":"10.14419\/ijet.v7i2.29.14008"},{"key":"38_CR15","doi-asserted-by":"publisher","first-page":"1203","DOI":"10.1080\/07421222.2017.1394083","volume":"34","author":"P Menard","year":"2017","unstructured":"Menard, P., Bott, G.J., Crossler, R.E.: User motivations in protecting information security: protection motivation theory versus self-determination theory. J. Manag. Inf. Syst. 34, 1203\u20131230 (2017). https:\/\/doi.org\/10.1080\/07421222.2017.1394083","journal-title":"J. Manag. Inf. Syst."},{"key":"38_CR16","doi-asserted-by":"publisher","first-page":"196","DOI":"10.1016\/j.cose.2009.09.002","volume":"29","author":"A Da Veiga","year":"2010","unstructured":"Da Veiga, A., Eloff, J.H.P.: A framework and assessment instrument for information security culture. Comput. Secur. 29, 196\u2013207 (2010). https:\/\/doi.org\/10.1016\/j.cose.2009.09.002","journal-title":"Comput. Secur."},{"key":"38_CR17","unstructured":"Tolah, A., Furnell, S.M., Papadaki, M.: A Comprehensive framework for cultivating and assessing information security culture, p. 13 (2017)"},{"key":"38_CR18","doi-asserted-by":"publisher","first-page":"476","DOI":"10.1016\/j.cose.2009.10.005","volume":"29","author":"JF Van Niekerk","year":"2010","unstructured":"Van Niekerk, J.F., Von Solms, R.: Information security culture: a management perspective. Comput. Secur. 29, 476\u2013486 (2010). https:\/\/doi.org\/10.1016\/j.cose.2009.10.005","journal-title":"Comput. Secur."},{"key":"38_CR19","unstructured":"Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q. 26, xiii\u2013xxiii (2002)"},{"key":"38_CR20","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1111\/ejed.12014","volume":"48","author":"K Yilmaz","year":"2013","unstructured":"Yilmaz, K.: Comparison of quantitative and qualitative research traditions: epistemological, theoretical, and methodological differences. Eur. J. Educ. 48, 311\u2013325 (2013). https:\/\/doi.org\/10.1111\/ejed.12014","journal-title":"Eur. J. Educ."},{"key":"38_CR21","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1108\/ICS-10-2017-0073","volume":"27","author":"Z Ahmad","year":"2019","unstructured":"Ahmad, Z., Ong, T.S., Liew, T.H., Norhashim, M.: Security monitoring and information security assurance behaviour among employees: an empirical analysis. Inf. Comput. Secur. 27, 165\u2013188 (2019). https:\/\/doi.org\/10.1108\/ICS-10-2017-0073","journal-title":"Inf. Comput. Secur."},{"key":"38_CR22","doi-asserted-by":"publisher","first-page":"533","DOI":"10.1108\/ICS-08-2017-0054","volume":"26","author":"T Sommestad","year":"2018","unstructured":"Sommestad, T.: Work-related groups and information security policy compliance. Inf. Comput. Secur. 26, 533\u2013550 (2018). https:\/\/doi.org\/10.1108\/ICS-08-2017-0054","journal-title":"Inf. Comput. Secur."},{"key":"38_CR23","doi-asserted-by":"crossref","unstructured":"Halevi, T, et al.: Cultural and psychological factors in cyber-security. In: Proceedings of the 18th International Conference on Information Integration and Web-Based Applications and Services, New York, NY, USA, pp. 318\u2013324. Association for Computing Machinery (2016)","DOI":"10.1145\/3011141.3011165"},{"key":"38_CR24","doi-asserted-by":"publisher","first-page":"625","DOI":"10.1016\/j.im.2016.12.003","volume":"54","author":"D Dang-Pham","year":"2017","unstructured":"Dang-Pham, D., Pittayachawan, S., Bruno, V.: Applying network analysis to investigate interpersonal influence of information security behaviours in the workplace. Inf. Manag. 54, 625\u2013637 (2017). https:\/\/doi.org\/10.1016\/j.im.2016.12.003","journal-title":"Inf. Manag."},{"key":"38_CR25","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1016\/j.chb.2015.03.054","volume":"49","author":"A AlHogail","year":"2015","unstructured":"AlHogail, A.: Design and validation of information security culture framework. Comput. Hum. Behav. 49, 567\u2013575 (2015). https:\/\/doi.org\/10.1016\/j.chb.2015.03.054","journal-title":"Comput. Hum. Behav."},{"key":"38_CR26","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1016\/j.cose.2014.10.015","volume":"48","author":"GPZ Montesdioca","year":"2015","unstructured":"Montesdioca, G.P.Z., Ma\u00e7ada, A.C.G.: Measuring user satisfaction with information security practices. Comput. Secur. 48, 267\u2013280 (2015). https:\/\/doi.org\/10.1016\/j.cose.2014.10.015","journal-title":"Comput. Secur."},{"key":"38_CR27","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1016\/j.cose.2017.11.015","volume":"73","author":"M Gratian","year":"2018","unstructured":"Gratian, M., Bandi, S., Cukier, M., Dykstra, J., Ginther, A.: Correlating human traits and cyber security behavior intentions. Comput. Secur. 73, 345\u2013358 (2018). https:\/\/doi.org\/10.1016\/j.cose.2017.11.015","journal-title":"Comput. Secur."},{"key":"38_CR28","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1016\/j.chb.2016.11.065","volume":"69","author":"A McCormac","year":"2017","unstructured":"McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., Pattinson, M.: Individual differences and information security awareness. Comput. Hum. Behav. 69, 151\u2013156 (2017). https:\/\/doi.org\/10.1016\/j.chb.2016.11.065","journal-title":"Comput. Hum. Behav."},{"key":"38_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-319-22906-5_13","volume-title":"Trust, Privacy and Security in Digital Business","author":"I Topa","year":"2015","unstructured":"Topa, I., Karyda, M.: Identifying factors that influence employees\u2019 security behavior for enhancing ISP compliance. In: Fischer-H\u00fcbner, S., Lambrinoudakis, C., Lopez, J. (eds.) TrustBus 2015. LNCS, vol. 9264, pp. 169\u2013179. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22906-5_13"},{"key":"38_CR30","doi-asserted-by":"publisher","first-page":"290","DOI":"10.1108\/ICS-03-2018-0034","volume":"26","author":"DP Snyman","year":"2018","unstructured":"Snyman, D.P., Kruger, H., Kearney, W.D.: I shall, we shall, and all others will: paradoxical information security behaviour. Inf. Comput. Secur. 26, 290\u2013305 (2018). https:\/\/doi.org\/10.1108\/ICS-03-2018-0034","journal-title":"Inf. Comput. Secur."},{"key":"38_CR31","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1016\/j.chb.2017.12.022","volume":"81","author":"I Hwang","year":"2018","unstructured":"Hwang, I., Cha, O.: Examining technostress creators and role stress as potential threats to employees\u2019 information security compliance. Comput. Hum. Behav. 81, 282\u2013293 (2018). https:\/\/doi.org\/10.1016\/j.chb.2017.12.022","journal-title":"Comput. Hum. Behav."},{"key":"38_CR32","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1016\/j.cose.2017.05.002","volume":"70","author":"A Da Veiga","year":"2017","unstructured":"Da Veiga, A., Martins, N.: Defining and identifying dominant information security cultures and subcultures. Comput. Secur. 70, 72\u201394 (2017). https:\/\/doi.org\/10.1016\/j.cose.2017.05.002","journal-title":"Comput. Secur."},{"key":"38_CR33","doi-asserted-by":"crossref","unstructured":"Amo, L.C., Cichocki, D.: Disgruntled yet deft with IT: employees who pose information security risk. In: Proceedings of the 2019 on Computers and People Research Conference, Nashville, TN, USA, pp. 122\u2013124. ACM (2019)","DOI":"10.1145\/3322385.3322419"},{"key":"38_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1007\/978-3-030-01689-0_22","volume-title":"Cyberspace Safety and Security","author":"SG Govender","year":"2018","unstructured":"Govender, S.G., Loock, M., Kritzinger, E.: Enhancing information security culture to reduce information security cost: a proposed framework. In: Castiglione, A., Pop, F., Ficco, M., Palmieri, F. (eds.) CSS 2018. LNCS, vol. 11161, pp. 281\u2013290. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-01689-0_22"},{"key":"38_CR35","doi-asserted-by":"publisher","first-page":"101782","DOI":"10.1016\/j.cose.2020.101782","volume":"93","author":"M Karjalainen","year":"2020","unstructured":"Karjalainen, M., Siponen, M., Sarker, S.: Toward a stage theory of the development of employees\u2019 information security behavior. Comput. Secur. 93, 101782 (2020). https:\/\/doi.org\/10.1016\/j.cose.2020.101782","journal-title":"Comput. Secur."},{"key":"38_CR36","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1007\/978-3-319-60585-2_25","volume-title":"Advances in Human Factors in Cybersecurity","author":"HW Glaspie","year":"2018","unstructured":"Glaspie, H.W., Karwowski, W.: Human factors in information security culture: a literature review. In: Nicholson, D. (ed.) AHFE 2017. AISC, vol. 593, pp. 269\u2013280. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-60585-2_25"},{"key":"38_CR37","doi-asserted-by":"crossref","unstructured":"Tariq, M.A., Brynielsson, J., Artman, H.: The security awareness paradox: a case study. In: 2014 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2014), China, pp. 704\u2013711. IEEE (2014)","DOI":"10.1109\/ASONAM.2014.6921663"},{"key":"38_CR38","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1016\/j.cose.2017.04.009","volume":"68","author":"S Bauer","year":"2017","unstructured":"Bauer, S., Bernroider, E.W.N., Chudzikowski, K.: Prevention is better than cure! Designing information security awareness programs to overcome users\u2019 non-compliance with information security policies in banks. Comput. Secur. 68, 145\u2013159 (2017). https:\/\/doi.org\/10.1016\/j.cose.2017.04.009","journal-title":"Comput. Secur."},{"key":"38_CR39","doi-asserted-by":"publisher","first-page":"319","DOI":"10.2307\/249008","volume":"13","author":"FD Davis","year":"1989","unstructured":"Davis, F.D.: Perceived usefulness, perceived ease of use, and user acceptance of information technology. MIS Q. 13, 319 (1989). https:\/\/doi.org\/10.2307\/249008","journal-title":"MIS Q."}],"container-title":["Lecture Notes in Computer Science","HCI International 2020 \u2013 Late Breaking Papers: Interaction, Knowledge and Social Media"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-60152-2_38","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,26]],"date-time":"2024-09-26T00:07:16Z","timestamp":1727309236000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-60152-2_38"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030601515","9783030601522"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-60152-2_38","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"27 September 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"HCII","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Human-Computer Interaction","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 July 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 July 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"hcii2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/2020.hci.international\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}