{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,21]],"date-time":"2025-12-21T10:03:20Z","timestamp":1766311400259,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":45,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642164187"},{"type":"electronic","value":"9783642164194"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16419-4_32","type":"book-chapter","created":{"date-parts":[[2010,12,1]],"date-time":"2010-12-01T10:14:38Z","timestamp":1291198478000},"page":"315-324","source":"Crossref","is-referenced-by-count":8,"title":["Security Culture in Small and Medium-Size Enterprise"],"prefix":"10.1007","author":[{"given":"Luis Enrique","family":"S\u00e1nchez","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antonio","family":"Santos-Olmo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eduardo","family":"Fern\u00e1ndez-Medina","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mario","family":"Piattini","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"32_CR1","unstructured":"Eloff, J., Eloff, M.: Information Security Management - A New Paradigm. In: Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists on Enablement Through Technology, SAICSIT 2003, pp. 130\u2013136 (2003)"},{"issue":"7","key":"32_CR2","doi-asserted-by":"publisher","first-page":"615","DOI":"10.1016\/S0167-4048(00)07021-8","volume":"19","author":"B. Solms Von","year":"2000","unstructured":"Von Solms, B.: Information Security - The Third Wave? Computers and Security\u00a019(7), 615\u2013620 (2000)","journal-title":"Computers and Security"},{"key":"32_CR3","unstructured":"Magklaras, G., Furnell, S.: The Insider Misuse Threat Survey: Investigating IT misuse from legitimate users. In: International Information Warfare Conference, Perth, Australia (2004)"},{"issue":"2","key":"32_CR4","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1046\/j.1365-2575.2001.00099.x","volume":"11","author":"G. Dhillon","year":"2001","unstructured":"Dhillon, G., Backhouse, J.: Current Directions in Information Systems Security Research: Toward Socio-Organizational Perspectives. Information Systems Journal\u00a011(2), 127\u2013153 (2001c)","journal-title":"Information Systems Journal"},{"key":"32_CR5","unstructured":"Schlienger, T., Teufel, S.: Information Security Culture - From Analysis to Change. In: 3rd Annual IS South Africa Conference, Johannesburg, South Africa (2003)"},{"key":"32_CR6","unstructured":"Galletta, D.F., Polak, P.: An Empirical Investigation of Antecedents of Internet Abuse in the Workplace. In: AIS SIG-HCI Workshop, Seattle (December 2003)"},{"key":"32_CR7","unstructured":"CSI\/FBI, Tenth Annual CSI\/FBI Computer Crime and Security Survey. Computer Security Institute, USA (2005)"},{"key":"32_CR8","unstructured":"ISBS, Information Security Breaches Survey 2006. Department of Trade and Industry, UK (2006)"},{"key":"32_CR9","unstructured":"AusCERT, Australian Computer Crime and Security Survey. AusCERT (2005)"},{"key":"32_CR10","unstructured":"Ernst&Young, 2006 Global Information Security Survey. Ernst & Young (2006)"},{"key":"32_CR11","unstructured":"DTI. The_Empirical_Economics_of_Standards (2005), \n                    \n                      www.dti.gov.uk\/iese\/The_Empirical_Economics_of_Standards.pdf"},{"key":"32_CR12","unstructured":"OECD, OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security, O.f.E.C.-o.a.D. (OECD). Editor, Paris (2002)"},{"issue":"4","key":"32_CR13","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1016\/S0167-4048(00)04021-9","volume":"19","author":"J. Nosworthy","year":"2000","unstructured":"Nosworthy, J.: Implementing Information Security in the 21st Century - Do You Have the Balancing Factors. Computers and Security\u00a019(4), 337\u2013347 (2000)","journal-title":"Computers and Security"},{"key":"32_CR14","unstructured":"Martins, A., Eloff, J.H.P.: Information Security Culture. In: IFIP TC11 17th International Conference on Information Security (SEC 2002), Cairo, Egipt (2003)"},{"key":"32_CR15","volume-title":"IFIP TC11 17th International Conference on Information Security (SEC 2002)","author":"T. Schlienger","year":"2002","unstructured":"Schlienger, T., Teufel, S.: Information Security Culture: The Socio-cultural Dimension in Information Security Management. In: IFIP TC11 17th International Conference on Information Security (SEC 2002), Kluwer Academic Publishers, USA (2002)"},{"key":"32_CR16","unstructured":"Zakaria, O., Gani, A.: A Conceptual Checklist of Information Security Culture. In: 2nd European Conference on Information Warfare and Security, June 30-July 1. University of Reading, UK (2003)"},{"key":"32_CR17","unstructured":"Zakaria, O., Jarupunphol, P., Gani, A.: Paradigm Mapping for Information Security Culture Approach. In: 4th Australian Conference on Information Warfare and IT Security, Adelaide, Australia (2003b)"},{"key":"32_CR18","unstructured":"Schein, E.H.: Organizational Culture and Leadership, 2nd edn. Jossey-Bass, San Francisco (1992)"},{"key":"32_CR19","unstructured":"Chia, P.A., Ruighaver, A.B., Maynard, S.B.: Understanding Organizational Security Culture. In: Proc. of PACIS 2002, Security Culture, Japan (2002b)"},{"issue":"1","key":"32_CR20","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1108\/09685220010371394","volume":"8","author":"M.T. Siponen","year":"2000","unstructured":"Siponen, M.T.: A conceptual foundation for organizational information security awareness. Information Management & Computer Security\u00a08(1), 31\u201341 (2000)","journal-title":"Information Management & Computer Security"},{"key":"32_CR21","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1016\/S0167-4048(01)00405-9","volume":"20","author":"B. Solms Von","year":"2001","unstructured":"Von Solms, B., Von Solms, R.: Incremental Information Security Certification. Computers & Security\u00a020, 308\u2013310 (2001)","journal-title":"Computers & Security"},{"issue":"3","key":"32_CR22","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1016\/j.cose.2004.01.012","volume":"23","author":"C. Vroom","year":"2004","unstructured":"Vroom, C., Von Solms, R.: Towards information security behavioural compliance. Computers & Security\u00a023(3), 191\u2013198 (2004)","journal-title":"Computers & Security"},{"key":"32_CR23","doi-asserted-by":"crossref","unstructured":"Dhillon, G., Managing Information System Security. M.P. Ltd., Great Britain, 210 (1997)","DOI":"10.1007\/978-1-349-14454-9"},{"key":"32_CR24","unstructured":"Chia, P.A., Maynard, S.B., Ruighaver, A.B.: Exploring Organisational Security Culture: Developing A Comprehensive Research Model. In: IS ONE World Conference, Las Vegas, USA (2002)"},{"key":"32_CR25","doi-asserted-by":"crossref","unstructured":"Helokunnas, T., Kuusisto, R.: Information security culture in a value net. In: 2003 IEEE International Engineering Management Conference (IEMC 2003), Albany, New York, USA, November 2-4 (2003b)","DOI":"10.1109\/IEMC.2003.1252258"},{"issue":"1","key":"32_CR26","doi-asserted-by":"publisher","first-page":"13","DOI":"10.4018\/jgim.2002010102","volume":"10","author":"D. Straub","year":"2002","unstructured":"Straub, D., et al.: Toward a Theory-Based Measurement of Culture. Global Information Management\u00a010(1), 13\u201323 (2002)","journal-title":"Global Information Management"},{"key":"32_CR27","unstructured":"Dojkovski, S., Lichtenstein, S., Warren, M.J.: Challenges in Fostering an Information Security Culture in Australian Small and Medium Sized Enterprises. In: 5th European Conference on Information Warfare and Security, Helsinki, Finland, June 1-2 (2006)"},{"key":"32_CR28","volume-title":"Fifteenth European Conference on Information Systems","author":"D. Sneza","year":"2007","unstructured":"Sneza, D., Sharman, L., Matthew John, W.: Fostering information security culture in small and medium size enterprises: An interpretive study in australia. In: Fifteenth European Conference on Information Systems. University of St. Gallen, St. Gallen (2007)"},{"key":"32_CR29","unstructured":"ABS, 1321.0 - Small Business in Australia. Australian Bureau of Statistics (2001)"},{"issue":"4","key":"32_CR30","doi-asserted-by":"crossref","first-page":"850","DOI":"10.5465\/amr.2000.3707740","volume":"25","author":"J. Detert","year":"2000","unstructured":"Detert, J., Schroeder, R., Mauriel, A.J.: A Framework For Linking Culture and Improvement Initiatives in Organisations. The Academy of Management Review\u00a025(4), 850\u2013863 (2000)","journal-title":"The Academy of Management Review"},{"issue":"3","key":"32_CR31","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1108\/14626000410551546","volume":"11","author":"M. Taylor","year":"2004","unstructured":"Taylor, M., Murphy, A.: SMEs and eBusiness. Small Business and Enterprise Development\u00a011(3), 280\u2013289 (2004)","journal-title":"Small Business and Enterprise Development"},{"key":"32_CR32","unstructured":"Hutchinson, D., Warren, M.: e-Business Security Management for Australian Small SMEs - A Case Study. In: Proceedings of the 7th International We-B (Working for E-Business) Conference, e-Business: how far have we come? Electronic Commerce Research Unit ECRU, Australia (2006c)"},{"key":"32_CR33","unstructured":"Dimopoulos, V., et al.: Approaches to IT Security in Small and Medium Enterprises. In: 2nd Australian Information Security Management Conference, Securing the Future, Perth, Western Australia, pp. 73\u201382 (2004b)"},{"key":"32_CR34","unstructured":"Furnell, S.M., Gennatou, M., Dowland, P.S.: Promoting Security Awareness and Training within Small Organisations. In: 1st Australian Information Security Management Workshop. Deakin University, Geelong, Australia (2000)"},{"key":"32_CR35","volume-title":"e-Business Research Forum \u2013 eBRF 2003","author":"T. Helokunnas","year":"2003","unstructured":"Helokunnas, T., Iivonen, L.: Information Security Culture in Small and Medium Size Enterprises. In: e-Business Research Forum \u2013 eBRF 2003. Tampere University of Technology, Tampere (2003)"},{"key":"32_CR36","doi-asserted-by":"crossref","unstructured":"Warren, M.J.: Australia\u2019s Agenda for E-Security Education and Research. In: TC11\/WG11.8 Third Annual World Conference on Information Security Education (WISE3). Naval Post Graduate School, Monterey (2003)","DOI":"10.1007\/978-0-387-35694-5_10"},{"key":"32_CR37","doi-asserted-by":"crossref","unstructured":"Von Solms, R., Von Solms, B.: From policies to culture. Computers & Security 23(4) (2004)","DOI":"10.1016\/j.cose.2004.01.013"},{"key":"32_CR38","unstructured":"Furnell, S.M., Clarke, N.L.: Organisational Security Culture: Embedding Security Awareness, Education and Training. In: 4th World Conference on Information Security Education (WISE 2005), Moscow, URSS (2005)"},{"key":"32_CR39","unstructured":"Van Niekerk, J.C., Von Solms, R.: Establishing an Information Security Culture in Organisations: an Outcomes-based Education Approach. In: ISSA 2003: 3rd Annual IS South Africa Conference, Johannesburg, South Africa, July 9-11 (2003)"},{"key":"32_CR40","unstructured":"Hutchinson, D., Warren, M.: Australian SMES and e-Security Guides on Trusting the Internet. In: Fourth Annual Global Information Technology Management World Conference, Global Information Technology Management Association (GITMA), USA (2003)"},{"issue":"1","key":"32_CR41","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1108\/09685220610648355","volume":"14","author":"K.J. Knapp","year":"2006","unstructured":"Knapp, K.J., et al.: Information Security: Management\u2019s effect on culture and policy. Information Management & Computer Security\u00a014(1), 24\u201336 (2006)","journal-title":"Information Management & Computer Security"},{"key":"32_CR42","unstructured":"Lichtenstein, S.: Internet security policy for organisations. Unpublished thesis (PhD) (public version), ed. S.o.I.M.S. Monash University, Melbourne, Australia (2001)"},{"key":"32_CR43","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1016\/j.cose.2004.07.001","volume":"24","author":"J.M. Stanton","year":"2004","unstructured":"Stanton, J.M., et al.: Analysis of end-user security behaviors. Computers & Security\u00a024, 124\u2013133 (2004)","journal-title":"Computers & Security"},{"key":"32_CR44","unstructured":"Kuusisto, T., Ilvonen, I.: Information security culture in small and medium size enterprises. In: Frontiers of e-business Research 2003 (2003)"},{"issue":"15","key":"32_CR45","first-page":"3038","volume":"15","author":"L.E. S\u00e1nchez","year":"2009","unstructured":"S\u00e1nchez, L.E., et al.: Managing Security and its Maturity in Small and Medium-Sized Enterprises. Journal of Universal Computer Science (J. UCS)\u00a015(15), 3038\u20133058 (2009)","journal-title":"Journal of Universal Computer Science (J. UCS)"}],"container-title":["Communications in Computer and Information Science","ENTERprise Information Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16419-4_32","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,1,19]],"date-time":"2019-01-19T09:51:06Z","timestamp":1547891466000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16419-4_32"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642164187","9783642164194"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16419-4_32","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2010]]}}}