{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T11:16:23Z","timestamp":1770981383025,"version":"3.50.1"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319203751","type":"print"},{"value":"9783319203768","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-20376-8_39","type":"book-chapter","created":{"date-parts":[[2015,7,20]],"date-time":"2015-07-20T06:00:17Z","timestamp":1437372017000},"page":"436-448","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["An Identification of Variables Influencing the Establishment of Information Security Culture"],"prefix":"10.1007","author":[{"given":"Emad","family":"Sherif","sequence":"first","affiliation":[]},{"given":"Steven","family":"Furnell","sequence":"additional","affiliation":[]},{"given":"Nathan","family":"Clarke","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,7,21]]},"reference":[{"key":"39_CR1","unstructured":"Alfawaz, S., Nelson, K.: Information security culture: a behaviour compliance conceptual framework. In: AISC, vol. 105 (2010)"},{"key":"39_CR100","unstructured":"Ashenden, D.: Information Security management: A human challenge?, Information Security Technical report, 13(4), 195\u2013201 (2008). Accessed 16 Sep 2014"},{"key":"39_CR2","unstructured":"CARLA: What is Culture? University of Minnesota (2014). \n                      http:\/\/www.carla.umn.edu\/culture\/definitions.html\n                      \n                    . Accessed 16 Sep 2014"},{"issue":"39","key":"39_CR3","doi-asserted-by":"publisher","first-page":"447","DOI":"10.1016\/j.cose.2013.09.009","volume":"2013","author":"L Cheng","year":"2013","unstructured":"Cheng, L., Li, Y., Li, W., Holm, E., Zhai, Q.: Understanding the violation of IS security policy in organizations: an integrated model based on social control and deterrence theory. Comput. Secur. 2013(39), 447\u2013459 (2013)","journal-title":"Comput. Secur."},{"issue":"3","key":"39_CR4","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1016\/S1361-3723(10)70025-7","volume":"2010","author":"C Chipperfield","year":"2010","unstructured":"Chipperfield, C., Furnell, S.: From security policy to practice: sending the right messages. Comput. Fraud Secur. 2010(3), 13\u201319 (2010)","journal-title":"Comput. Fraud Secur."},{"key":"39_CR6","unstructured":"Connolly, L. Lang, M.: Information systems security: the role of cultural aspects in organisational settings. In: AIS SIGSEC pre-ICIS Workshop on Information Security and Privacy (WISP) Milan, Italy, 14 December 2013"},{"issue":"2","key":"39_CR7","doi-asserted-by":"publisher","first-page":"196","DOI":"10.1016\/j.cose.2009.09.002","volume":"29","author":"Da Veiga","year":"2010","unstructured":"Veiga, Da, Eloff, J.H.P.: A framework and assessment instrument for information security culture. Comput. Secur. 29(2), 196\u2013207 (2010)","journal-title":"Comput. Secur."},{"key":"39_CR8","volume-title":"Culture Learning The Fifth Dimension on the Language Classroom","author":"L Damen","year":"1987","unstructured":"Damen, L.: Culture Learning The Fifth Dimension on the Language Classroom. Addison-Wesley, Reading (1987). \n                      http:\/\/www.carla.umn.edu\/culture\/definitions.html\n                      \n                    . Accessed 22 Aug 2014"},{"key":"39_CR101","unstructured":"Dojkovski, S., Lichtenstein, S., Warren, M.J.: Fostering Information Security Culture in Small and Medium Size Enterprises: An Interpretive Study in Australia, pp. 1560\u20131571 (2007)"},{"key":"39_CR9","unstructured":"Fagerstrom, A.: Creating, maintaining and managing an information security culture. MSc thesis, Arcada Finland (2013)"},{"key":"39_CR10","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.cose.2014.03.004","volume":"43","author":"W Flores","year":"2014","unstructured":"Flores, W., Antonsen, E., Ekstedt, M.: Information security knowledge sharing in organizations: investigating the effect of behavioural information security governance and national culture. Comput. Secur. 43, 90\u2013110 (2014)","journal-title":"Comput. Secur."},{"issue":"6","key":"39_CR11","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1016\/S1361-3723(10)70067-1","volume":"2010","author":"S Furnell","year":"2010","unstructured":"Furnell, S.: Jumping security hurdles. Comput. Fraud Secur. 2010(6), 10\u201314 (2010)","journal-title":"Comput. Fraud Secur."},{"key":"39_CR12","unstructured":"Furnell, S., Clarke, N.: Organisational security culture: embedding security awareness, education and training. In: Proceedings of the 4th World Conference on Information Security Education (WISE 2005), Moscow, pp. 67\u201374 (2005)"},{"issue":"8","key":"39_CR13","doi-asserted-by":"publisher","first-page":"983","DOI":"10.1016\/j.cose.2012.08.004","volume":"31","author":"S Furnell","year":"2012","unstructured":"Furnell, S., Clarke, N.: Power to the people? The evolving recognition of human aspects of security. Comput. Secur. 31(8), 983\u2013988 (2012)","journal-title":"Comput. Secur."},{"issue":"3","key":"39_CR14","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1016\/S1361-3723(12)70053-2","volume":"2012","author":"S Furnell","year":"2012","unstructured":"Furnell, S., Rajendran, A.: Understanding the influences on information security behaviour. Comput. Fraud Secur. 2012(3), 12\u201315 (2012)","journal-title":"Comput. Fraud Secur."},{"issue":"2","key":"39_CR15","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1016\/S1361-3723(09)70019-3","volume":"2009","author":"S Furnell","year":"2009","unstructured":"Furnell, S., Thomson, K.L.: From culture to disobedience: Recognising the varying user acceptance of IT security. Comput. Fraud Secur. 2009(2), 5\u201310 (2009)","journal-title":"Comput. Fraud Secur."},{"issue":"8","key":"39_CR16","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1016\/S1361-3723(11)70082-3","volume":"2011","author":"T Gabriel","year":"2011","unstructured":"Gabriel, T., Furnell, S.: Selecting security champions. Comput. Fraud Secur. 2011(8), 8\u201312 (2011)","journal-title":"Comput. Fraud Secur."},{"key":"39_CR17","unstructured":"Greene, G., D\u2019Arcy, J.: Assessing the impact of security culture and the employee-organization relationship in IS security compliance. In: Proceedings of the 5th Annual Symposium on Information Assurance, New York, pp. 42\u201349 (2010)"},{"key":"39_CR18","first-page":"259","volume":"7","author":"R Gulev","year":"2009","unstructured":"Gulev, R.: Are national and organizational cultures isomorphic? evidence from a four country comparative study. Managing Glob. Transitions 7, 259\u2013279 (2009)","journal-title":"Managing Glob. Transitions"},{"issue":"2","key":"39_CR19","doi-asserted-by":"publisher","first-page":"154","DOI":"10.1016\/j.dss.2009.02.005","volume":"47","author":"T Herath","year":"2009","unstructured":"Herath, T., Rao, H.R.: Encouraging information security behaviors in organizations: role of penalties, pressures and perceived effectiveness. Decis. Support Syst. 47(2), 154\u2013165 (2009)","journal-title":"Decis. Support Syst."},{"key":"39_CR20","volume-title":"Communication Between Cultures","author":"G Hofstede","year":"1984","unstructured":"Hofstede, G.: National cultures and corporate cultures. In: Samovar, L.A., Porter, R.E. (eds.) Communication Between Cultures. Wadsworth, Belmont (1984). \n                      http:\/\/www.carla.umn.edu\/culture\/definitions.html\n                      \n                    . Accessed 28 Sep 14"},{"issue":"3","key":"39_CR21","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1109\/MSP.2007.59","volume":"5","author":"ME Johnson","year":"2007","unstructured":"Johnson, M.E., Goetz, E.: Embedding information security into the organization. IEEE Secur. Priv. Mag. 5(3), 16\u201324 (2007)","journal-title":"IEEE Secur. Priv. Mag."},{"key":"39_CR22","doi-asserted-by":"crossref","unstructured":"Malcolmson, J.: What is Security Culture? Does it differ in content from general Organisational Culture? IEEE Cody Technology Park, Farnborough, Hants (2009)","DOI":"10.1109\/CCST.2009.5335511"},{"key":"39_CR102","doi-asserted-by":"crossref","unstructured":"Martinez-Moyano, I.J., Conrad, S.H., Andersen, D.F.: Modeling behavioral considerations related to information security. Comput. Secur. 30(6-7), 397\u2013409 (2011)","DOI":"10.1016\/j.cose.2011.03.001"},{"key":"39_CR23","unstructured":"Ngo, L., Zhou, W., Warren, M.: Understanding transition towards information security culture change. In: Proceedings of 3rd Australian Information Security Management Conference, pp. 67\u201373 (2005)"},{"key":"39_CR24","unstructured":"O\u2019Brien, J., Islam, S., Bao, S., Weng, F., Xiong, W., Ma, A.: Information Security Culture: Literature Review. Unpublished Working Paper, University of Melbourne (2013)"},{"issue":"5","key":"39_CR25","doi-asserted-by":"publisher","first-page":"673","DOI":"10.1016\/j.cose.2012.04.004","volume":"31","author":"K Padayachee","year":"2012","unstructured":"Padayachee, K.: Taxonomy of compliant information security behavior. Comput. Secur. 31(5), 673\u2013680 (2012)","journal-title":"Comput. Secur."},{"key":"39_CR26","unstructured":"Ponemon Institute: 2013 Cost of Data Breach Study: Global Analysis. Symantec (2013). \n                      https:\/\/www4.symantec.com\/mktginfo\/whitepaper\/053013_GL_NA_WP_Ponemon-2013-Cost-of-a-Data-Breach-Report_daiNA_cta72382.pdf\n                      \n                    . Accessed 28 Sep 14"},{"key":"39_CR27","unstructured":"Roer, K.: How to build and maintain security culture (2014). \n                      http:\/\/roer.com\/2014\/04\/08\/build-maintain-security-culture\/\n                      \n                    . Accessed 19 Sep 2014"},{"key":"39_CR28","unstructured":"Ross, S.J.: Creating a Culture of Security. In: ISACA (2011). \n                      http:\/\/www.isaca.org\/Knowledge-Center\/Research\/ResearchDeliverables\/Pages\/Creating-a-Culture-of-Security.aspx\n                      \n                    . Accessed 19 Sep 2014"},{"issue":"1","key":"39_CR29","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1016\/j.cose.2006.10.008","volume":"26","author":"AB Ruighaver","year":"2007","unstructured":"Ruighaver, A.B., Maynard, S.B., Chang, S.: Organisational security culture: extending the end-user perspective. Comput. Secur. 26(1), 56\u201362 (2007)","journal-title":"Comput. Secur."},{"issue":"1","key":"39_CR30","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1016\/j.cose.2004.10.005","volume":"24","author":"K-L Thomson","year":"2004","unstructured":"Thomson, K.-L., von Solms, R.: Information security obedience: a definition. Comput. Secur. 24(1), 69\u201375 (2004)","journal-title":"Comput. Secur."},{"key":"39_CR31","volume-title":"The Corporate Culture Survival Guide","author":"E Schein","year":"1999","unstructured":"Schein, E.: The Corporate Culture Survival Guide. Jossey-Bass Inc, San Francisco (1999)"},{"key":"39_CR32","unstructured":"\u00dcbelacker, S.: Security-aware organisational cultures a starting point for mitigating socio-technical risks socio-technical risk management\/motivation. In: RiskKom Workshop INFORMATIK 2013, Koblenz, Germany (2013)"},{"issue":"4","key":"39_CR33","doi-asserted-by":"publisher","first-page":"476","DOI":"10.1016\/j.cose.2009.10.005","volume":"29","author":"JF Niekerk Van","year":"2010","unstructured":"Van Niekerk, J.F., Von Solms, R.: Information security culture: A management perspective. Comput. Secur. 29(4), 476\u2013486 (2010)","journal-title":"Comput. Secur."},{"key":"39_CR34","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1016\/j.im.2012.04.002","volume":"49","author":"A Vance","year":"2012","unstructured":"Vance, A., Siponen, M., Pahnila, S.: Motivating IS security compliance: insights from habit and protection motivation theory. Inf. Manag. 49, 190\u2013198 (2012)","journal-title":"Inf. Manag."}],"container-title":["Lecture Notes in Computer Science","Human Aspects of Information Security, Privacy, and Trust"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-20376-8_39","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,6]],"date-time":"2020-03-06T15:19:32Z","timestamp":1583507972000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-20376-8_39"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319203751","9783319203768"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-20376-8_39","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"21 July 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}