Combating information security apathy by encouraging prosocial organisational behaviour
Abstract
Purpose
The protection of organisational information assets is a human problem. It is widely acknowledged that an organisation's employees are the weakest link in the protection of the organisation's information assets. Most current approaches towards addressing this human problem focus on awareness and educational activities and do not necessarily view the problem from a holistic viewpoint. Combating employee apathy and motivating employees to see information security as their problem is often not adequately addressed by “isolated” awareness activities. The purpose of this paper is to show how employee apathy towards information security can be addressed through the use of existing theory from the social sciences.
Design/methodology/approach
By means of a literature study, three key organizational environments that could exist are identified and explored. Goal‐setting theory is then investigated. Finally, arguments are presented to show how goal‐setting theory could be used to actively foster an organizational environment in which employees will view their roles and responsibilities towards information security as prosocial behaviour.
Findings
The work in the paper is primarily of a conceptual nature. However, the authors believe that encouraging such prosocial behaviour could contribute towards an organizational culture of information security.
Originality/value
The paper examines the motivation of employees to actively contribute towards information security from an organisational science perspective.
Keywords
Citation
Thomson, K. and van Niekerk, J. (2012), "Combating information security apathy by encouraging prosocial organisational behaviour", Information Management & Computer Security, Vol. 20 No. 1, pp. 39-46. https://doi.org/10.1108/09685221211219191
Publisher
:Emerald Group Publishing Limited
Copyright © 2012, Emerald Group Publishing Limited