Institutional Repository

A model for information security culture with creativity and innovation as enablers – refined with an expert panel

Show simple item record

dc.contributor.author Da Veiga, Adele
dc.date.accessioned 2023-11-17T15:37:37Z
dc.date.available 2023-11-17T15:37:37Z
dc.date.issued 2023-02-01
dc.identifier.citation Da Veiga, A. (2023), "A model for information security culture with creativity and innovation as enablers – refined with an expert panel", Information and Computer Security, Vol. 31 No. 3, pp. 281-303. https://doi.org/10.1108/ICS-11-2022-0178 en
dc.identifier.uri https://doi.org/10.1108/ICS-11-2022-0178
dc.identifier.uri https://hdl.handle.net/10500/30660
dc.description N/A en
dc.description.abstract information security culture. A model is proposed to encourage creativity and innovation as part of the information security culture. Design/methodology/approach – The study first applied a theoretical approach with a scoping literature review using the preferred reporting items for systematic reviews and meta-analyses method to propose a conceptual model for engendering employee creativity and innovation as part of the information security culture. A qualitative research method was further applied with expert interviews and qualitative data analysis in Atlas.ti to validate and refine the conceptual model. Findings – A refined and validated information security culture model enabled through creativity and innovation is presented. The input from the expert panel was used to extend the model by 18 elements highlighting that the risk appetite of an organisation defines how much creativity and innovation can be tolerated to reach a balance with the potential risks it might introduce. Embedding creativity and innovation as part of the organisational culture to facilitate it further as part of the information security culture can aid in combating cyber threats and incidents; however, it should be managed through a decision-making process while governed within policies that define the boundaries of creativity and innovation in information security. Research limitations/implications – The research serves as a point of reference for further research about the influence of creativity and innovation in information security culture which can be investigated through structural equation modelling. Practical implications – This study offers novel insights for managerial practice to encourage creativity and innovation as part of information security. Originality/value – The research proposes a novel concept of introducing creativity and innovation as part of the information security culture and presents a novel model to facilitate this. en
dc.description.sponsorship N/A en
dc.language.iso en en
dc.publisher Emerald en
dc.subject Information security culture en
dc.subject Information security en
dc.subject Creativity en
dc.subject Innovation en
dc.subject Model en
dc.subject Organisational culture en
dc.title A model for information security culture with creativity and innovation as enablers – refined with an expert panel en
dc.type Article en
dc.description.department School of Computing en


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search UnisaIR


Browse

My Account

Statistics