Human factors and information security: Individual, culture and security environment

The application of information security technologies do not always result in improved security. Human factors play a significant role in computer security; factors such as individual difference, cognitive abilities and personality traits can impact on behaviour. Information security behaviours are also greatly influenced by an individual’s perception of risk. All of these factors
are also affected by the organisation culture and security environment in which they occur. These factors interact with one another and can result in behaviours that are often detrimental to information security. This report provides recommendations as to how these human and cultural factors can be influenced to result in more positive behaviours and lead to more secure
information environments.