• Home
  • The effect of the organizational approach in knowledge sharing on the performance of information security management

Share To

Article Url


Manuscript ID : IMPCS-2207-1221 (R2) Visit : 126 Page: 25 - 35

Article Type: Original Research

The effect of the organizational approach in knowledge sharing on the performance of information security management

Subject Areas : Multimedia Processing, Communications Systems, Intelligent Systems

edris abbaszadeh 1 ( PhD. Student, Department of IT Management, Qazvin Branch, Islamic Azad University, Qazvin, Iran )
mohamadreza sanaei 2 ( Assistant Professor, Department of IT Management, Qazvin Branch, Islamic Azad University, Qazvin, Iran )
Reza Ehtesham Rasii 3 ( Assistant Professor, Department of Industrial Management, Qazvin Branch, Islamic Azad University, Qazvin, Iran )

Received: 2022-01-25 Accepted : 2022-09-15 Published : 2022-03-21

Keywords: Knowledge Sharing, education, Information security security function,

Abstract :

Introduction: The rapid movement of countries toward the information society has caused the vast growth of information systems and services and the emergence of a new type of organization called virtual organization, which are information-based organizations. Considering the role of information as a valuable commodity in these organizations, the existence of security risks and threats that arise in the virtual environment and through the Internet connection, it is necessary to protect this information and to achieve this The goal of every organization depends on its level of information requires the design of an information security management system so that it can identify and manage the threats that the organization is exposed to and protect its information assets against these attacks and the security of the organization's information. Continuously improving considering the importance of the role of current information in every organization, it seems vital to use information security management systems to set up, implement, control, check, maintain and improve information security.Method: This study filled the gap in previous writings by considering organizational methods in the study of information security management. A framework was developed based on the framework proposed in the recent work of Perez Gonzalez et al. This framework examined three organizational factors: information security knowledge sharing, observability, and science. In this study, Gonzalez's framework was modified to include two additional organizational factors: commitment and information security learning.Results: This study identifies the need for managers and decision-makers to consider the role of employees in information security. Managers can influence the levels of motivation, loyalty, and innovative risk-taking of their employees to create an ethical relationship in the organization.Discussion: This study investigated and analyzed the effects of information security organizational measures (information security knowledge sharing, learning, security observability, security training, and commitment in an organization) on the information security management performance of small and medium companies. The findings show that information security knowledge sharing, learning, and security observability have a significant effect on security performance. In addition, this study clarifies the importance of learning information security and recording acquired knowledge in the commitment of an organization. Regarding information security knowledge sharing, information security learning, and security observability, the results show their positive effect on the information security performance of small and medium companies. 

References:

 

  •  نورایی، فرزاد. (1391). بررسی و شناسایی عوامل موفقیت استقرار سیستم مدیریت امنیت اطلاعات ISMS در ایران ( مطالعه موردی بانک­ دی)، (پایان­نامه کارشناسی­ارشد). دانشگاه سیستان و بلوچستان، زاهدان.
    •
  •  زنجیرچی،س.م.، مروتی شریف­آبادی، ع. و شاه­حسینی بیده، ش.)1393(. مقایسة عملکرد سازمان­ها در پیاده­سازی  مدیریت ارتباط با مشتری با استفاده از رویکرد ترکیبی NAP و  DEMATEL فازی، فصلنامه بازاریابی نوین، 4(3)،212-195.
    •
  •  Kobes, P. Human factor aspects in information security management in the traditional IT and cloud computing models. Oper. Res.Decis. 2021, 1, 61–76.
    •
  •  Florez, H. A Model of an Information Security Management System Based on NTC-ISO/IEC27001 Standard. IAENG Int. J. Comput. Sci. 2021, 48, IJCS_48_2_01
    •
  •  Pérz-González, D.; Prciado, S.T.; Solna-Gonzalez, P. Organizational practices as antecedents of the information security management performance: An empirical investigation. Inf. Technol. People 2019, 32, 1262–1275
    •
  •  Safa, N.S.; Von Salms, R. An information security knowledge sharing model in organizations. Computer. Hum. Behavior. 2016, 57, 442–451
    •
  •  Hwang, I.; Kim, D.; Kim, T.; Kim, S. Why not comply with information security? An empirical approach for the causes of non-compliance. Online Inf. Rev. 2017.
    •
  •  Miladinovi, V.T. Development of Awareness and Competences of Employees in the Processes of Information Security Management System: Guidelines for practical application. JITA-J. Inf. Technol. Appl. 2020, 20, 87–95.
    •
  •  Putra, I.M.M.; Mutijrsa, K. Designing Information Security Risk Management on Bali Regional Police Command Center Based on ISO 27005. In Proceedings of the 2021 3rd East Indonesia Conference on Computer and Information Technology (EI Con CIT), Surabaya, Indonesia, 9–11 April 2021; pp. 14–19.
    •
  • Siponen, M.; Pahnila, S.; Mahmood, M.A. Compliance with information security policies: An empirical investigation. Computer 2010, 43, 64–71.
    •
  • Marlli, L.; Lievrouw, E.; Van Hoyweghen, I. Fit for purpose? The GDPR and the governance of European digital health. Policy Stud. 2020, 41, 447–467.
    •
  • Ma, Q.; Schmidt, M.B.; Person, J.N. An Integrated Framework for ISM. 2009, 20, 95–107.
    •
  • Rocha Flores. Antansn, E Information Security Knowledge Sharing in Organizations: Investigating the Effect of Behavioral Information Security Governance and National Culture. Computer. 2014, 43, 90–110.
    •
  • Parsons, K.; M. Cormac, Determining Employee Awareness Using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computer. Security. 2014, 42, 165–176.
    •
  • Singh, A.N.; Gupt, M.; Ojha, A. Identifying factors of “organizational information security management”. J. Enterp. Inf. Manag.2014, 27, 644–667.
    •
  • Willison, R. Warkentin, M. Beyond deterrence: An expanded view of employee computer abuse. MIS Q. 2013, 37, 1–20
    •
  • Peikare, T.; Shah, M.H.; Lo, M.C. Patients’ perception of the information security management in
    •
  • Soomro, Z.A.; Shah, M.H.; Ahmed, J. Information security management needs more holistic approach: A literature review. Int. IT. Management. 2016, 36, 215–225.
    •
  • Cho, S.; Martins, J.T.; Bernik, I. Information security: Listening to the perspective of organizational insiders. J. Inf. Sci. 2018, 44,752–767.
    •
  • Moody, G.D.; Siponen, M.; Pahnila, S. Toward a unified model of information security policy compliance. MIS Q. 2018, 42,285–311.
    •
  • Hwang, I.; Cha, O. Examining technostress creators and role stress as potential threats to employees’ information security compliance. Computer. Hum. Behavior. 2018, 81, 282–293
    •
  • Shaukat, K. A review of time-series anomaly detection techniques: A step to future perspectives. Vancouver, BC, Canada, 29–30 April 2021; pp. 865–877.
    •


  • Shaukat, K.; Luo, S.; Chen, S.; Liu, D. Cyber Threat Detection Using Machine Learning Techniques: A Performance Evaluation Perspective. In Proceedings of the 2020 International Conference on Cyber Warfare and Security (ICCWS), Islamabad, Pakistan, 20–21 October 2020; pp. 1–6.
    •
  • Shaukat, K.; Luo, S.; Varadharajan, V.; Hameed, I.A.; Chen, S.; Liu, D.; Li, J. Performance comparison and current challenges of using machine learning techniques in cybersecurity. Energies 2020, 13, 2509.
    •
  • Mamonov, S.; Benbunan-Fich, R. The impact of information security threat awareness on privacy-protective behaviors. Comput. Hum. Behav. 2018, 83, 32–4.
    •
  • health centers: The role of organizational and human factors. BMC Med Inform. Decis. Mak. 2018, 18, 102.
    •
  • Bentler, P.M.; Bonett, D.G. Significance tests and goodness of fit in the analysis of covariance structures. Psychol. Bull. 1980,88, 588.
    •
  • Bollen, K.A. Structural Equations with latent Variables; John Wiley & Sons: New York, NY, USA, 1989; p. 210. (accessed on 16 September 2021).
    •
  • Qu, X. Multivariate Data Analysis; Taylor & Francis: London, UK, 2007; (accessed on 16 September 2021).
    •
  • Shaukat, K.; Luo, S.; Varadharajan, V.; Hameed, I.A.; Xu, M. A Survey on Machine Learning Techniques for Cyber Security in the Last Decade. IEEE Access 2020, 8, 222310–222354.
    •
  • Tintamusik, Y. (2010). Examining the relationship between organization systems and information security awareness, (Doctoral Dissertation). Business Administration. Northcentral University. Retrieved from https://eric.ed.gov/?id=ED516884
    •
  • Soomro, Z. A., Shah, M. H., & Ahmed, J. (2016). Information security management needs more holistic approach: A literature review. International Journal of Information Management, 36(2), 215-220.
    •
  • Bentler, P.M. Comparative fit indexes in structural models. Psychol. Bull. 1990, 107, 238.
    •
_||_

Related articles

The rights to this website are owned by the Raimag Press Management System.
Copyright © 2021-2024

Home| Login| About Us| Contact Us|
[فارسی] [العربية] [fa] [ar]