A Behavioural Compliance Framework for Effective Cybersecurity Governance and Practice
dc.contributor.advisor | Awan, Irfan U. | |
dc.contributor.advisor | Cullen, Andrea J. | |
dc.contributor.author | Onumo, Aristotle O. | |
dc.date.accessioned | 2022-07-07T10:40:54Z | |
dc.date.available | 2022-07-07T10:40:54Z | |
dc.date.issued | 2020 | |
dc.identifier.uri | http://hdl.handle.net/10454/19051 | |
dc.description.abstract | Although behavioural security constructs have received extensive scholarly attention, the unpredictability of human behaviour has continued to add to the complexity of deploying effective countermeasures. Cross-cultural behavioural approach aimed at improving security compliance and practice have equally remained under-researched, a gap in literature this thesis addresses. This thesis argues that in order to establish a sound and efficient organisational security practice, it is necessary to integrate the various interdisciplinary component in a socio-cultural context. The goal of the thesis, therefore, is to examine the role of culture in cybersecurity development and organisational security practice. The study first used a group comparism approach, classification and examination of archival data from International Telecommunication Union (ITU), International Organisation of Standards (ISO), and Hofstede cultural score and further deployed structural equation modelling (SEM) to analyse data from a case study of 122 employees from three public sector information technology organisation in Nigeria. Drawing evidence from the case studies, an emergent conceptual model was developed from the traditional human behaviour and organisational security practice. The model contribute to information security management by by identifying organisational triggers related to cultural and cognitive dynamics in information security practice. The model was developed by combining three theoretical frameworks. The out- come of the case studies demonstrates that accountability to specific security practice is a product of integrated management of employee cognitive and cultural dynamics and by dimensionalising organisational culture, the individual capacity to respond to emerging security threats also evolved, while targeted security programs to enhance the efficiency of organisational security practice is achieved. This research, by exposing the underlying institutional drivers and ideational dynamics on individual security behaviour contribute to theory building of behavioural security research within organisational context. The research reports on the theory of integration as a demonstration of explanatory flexibility not normally associated with behaviour security models thereby providing a sound theoretical and ideational support for incorporating different theoretical frameworks into a single model. This is an original endeavour and s such makes a number of contribution to the scholarship. The findings in this research have implications for policymakers and practitioners by elevating the importance of cultural and cognitive dynamics by enhancing operational clarity in organisational security practice and presenting opportunity to develop a creative and robust solution to the challenge of organisational security in line with cultural peculiarities. | en_US |
dc.language.iso | en | en_US |
dc.rights | <a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/"><img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/by-nc-nd/3.0/88x31.png" /></a><br />The University of Bradford theses are licenced under a <a rel="license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/">Creative Commons Licence</a>. | eng |
dc.subject | Organisational security practice | en_US |
dc.subject | Structural equation modeling | en_US |
dc.subject | Cybersecurity | en_US |
dc.subject | Organisational culture | en_US |
dc.subject | Cybersecurity compliance | en_US |
dc.title | A Behavioural Compliance Framework for Effective Cybersecurity Governance and Practice | en_US |
dc.type.qualificationlevel | doctoral | en_US |
dc.publisher.institution | University of Bradford | eng |
dc.publisher.department | School of Electrical Engineering and Computer Science | en_US |
dc.type | Thesis | eng |
dc.type.qualificationname | PhD | en_US |
dc.date.awarded | 2020 | |
refterms.dateFOA | 2022-07-07T10:40:54Z |