Information Security Behaviour Research – East Meets West

Abstract

Information security and privacy threats are rising, and significant costs result from the information loss and the business disruption that ensues. In response to this growing issue, organizational spending on IT security is at an all-time high, with global information security spending expected to be more than $124 billion in 2019 (Moore & Keen, 2019). Technical protections are part of the solution but improving human security behaviour is integral to effective protection. Even the best technology, if used improperly or rejected by users, can leave an organization vulnerable. The human side of information security is being tackled from many angles by many researchers around the world. Some of the areas being investigated include how to deliver effective security training and awareness initiatives, how to improve users’ ability to remember passwords and how to create an effective organisational security culture. This address shares some of the information security and privacy research my colleagues and I have undertaken and discusses areas that require more attention. The presentation focusses on the following research question