Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review

Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest...

Full description

Saved in:
Bibliographic Details
Main Authors: Sulaiman N.S., Fauzi M.A., Wider W., Rajadurai J., Hussain S., Harun S.A.
Other Authors: 57217632988
Format: Review
Published: MDPI 2023
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uniten.dspace-26761
record_format dspace
spelling my.uniten.dspace-267612023-05-29T17:36:34Z Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review Sulaiman N.S. Fauzi M.A. Wider W. Rajadurai J. Hussain S. Harun S.A. 57217632988 57201009714 57193087794 13907110500 57225014964 57217634429 Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation. � 2022 by the authors. Final 2023-05-29T09:36:34Z 2023-05-29T09:36:34Z 2022 Review 10.3390/socsci11090386 2-s2.0-85138670140 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85138670140&doi=10.3390%2fsocsci11090386&partnerID=40&md5=d1366b899f6db4e234c43ea600389ead https://irepository.uniten.edu.my/handle/123456789/26761 11 9 386 All Open Access, Gold MDPI Scopus
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
description Cyber and information security (CIS) is an issue of national and international interest. Despite sophisticated security systems and extensive physical countermeasures to combat cyber-attacks, organisations are vulnerable due to the involvement of the human factor. Humans are regarded as the weakest link in cybersecurity systems as development in digital technology advances. The area of cybersecurity is an extension of the previously studied fields of information and internet security. The need to understand the underlying human behavioural factors associated with CIS policy warrants further study, mainly from theoretical perspectives. Based on these underlying theoretical perspectives, this study reviews literature focusing on CIS compliance and violations by personnel within organisations. Sixty studies from the years 2008 to 2020 were reviewed. Findings suggest that several prominent theories were used extensively and integrated with another specific theory. Protection Motivation Theory (PMT), the Theory of Planned Behaviour (TPB), and General Deterrence Theory (GDT) were identified as among the most referred-to theories in this area. The use of current theories is discussed based on their emerging importance and their suitability in future CIS studies. This review lays the foundation for future researchers by determining gaps and areas within the CIS context and encompassing employee compliance and violations within an organisation. � 2022 by the authors.
author2 57217632988
author_facet 57217632988
Sulaiman N.S.
Fauzi M.A.
Wider W.
Rajadurai J.
Hussain S.
Harun S.A.
format Review
author Sulaiman N.S.
Fauzi M.A.
Wider W.
Rajadurai J.
Hussain S.
Harun S.A.
spellingShingle Sulaiman N.S.
Fauzi M.A.
Wider W.
Rajadurai J.
Hussain S.
Harun S.A.
Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review
author_sort Sulaiman N.S.
title Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review
title_short Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review
title_full Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review
title_fullStr Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review
title_full_unstemmed Cyber�Information Security Compliance and Violation Behaviour in Organisations: A Systematic Review
title_sort cyber�information security compliance and violation behaviour in organisations: a systematic review
publisher MDPI
publishDate 2023
_version_ 1806426026128965632
score 13.214268