Information Security Culture Concept towards Information Security Compliance: A Comparison between IT and Non-IT Professionals

Authors

  • Akhyari Nasir Faculty of Computer, Media and Technology Managemrnt, University College TATI
  • Ruzaini Abdullah Arshah Faculty of Computing, Universiti Malaysia Pahang
  • Mohd Rashid Ab Hamid Faculty of Industrial Management Universiti Malaysia Pahang
  • Syahrul Fahmy Big Data Institute, University College TATI

Keywords:

information security culture, information security compliance, multi-group analysis

Abstract

This paper examines the factors determining a positive Information Security Culture (ISC) concept and the influence of ISC towards ISP compliance intention (INT) between IT and non-IT professionals in Malaysian public universities. Partial least square structural equation modelling, using PLS MGA, is used to assess the measurement and structural models, and to compare the results between the two groups. Results indicate all factors have significant contribution towards ISC in both groups, with two out of seven ISC factors have significant differences. This study has revealed that although both groups have the same ISC factors, IT and non-IT professionals have significant difference in terms of believe that Top Management Commitment and Information Security Knowledge are required for implementing a positive ISC. In addition, there is a significant difference between these two groups in terms of the influence of ISC towards ISP compliance intention. ISC has less influence towards INT for Non-IT professionals compared to IT professionals within the same ISC. These empirical findings would benefit in formulating better security strategies by providing appropriate efforts for different groups of employees in the organizations. This study also provides a total cyber security solution for improving information security culture and employees’ compliance towards Information Security Policy.

Downloads

Download data is not yet available.

Downloads

Published

22-06-2022

How to Cite

Nasir, A. ., Abdullah Arshah, R. ., Ab Hamid, M. R. ., & Fahmy, S. . (2022). Information Security Culture Concept towards Information Security Compliance: A Comparison between IT and Non-IT Professionals. International Journal of Integrated Engineering, 14(3), 157–165. Retrieved from https://publisher.uthm.edu.my/ojs/index.php/ijie/article/view/10747