Combating Information Security Apathy By Encouraging Prosocial Organisational Behaviour

Abstract

Purpose – The protection of organisational information assets is a human problem. It is widely acknowledged that an organisation's employees are the weakest link in the protection of the organisation's information assets. Most current approaches towards addressing this human problem focus on awareness and educational activities and do not necessarily view the problem from a holistic viewpoint. Combating employee apathy and motivating employees to see information security as their problem is often not adequately addressed by “isolated” awareness activities. The purpose of this paper is to show how employee apathy towards information security can be addressed through the use of existing theory from the social sciences.Design/methodology/approach – By means of a literature study, three key organizational environments that could exist are identified and explored. Goal‐setting theory is then investigated. Finally, arguments are presented to show how goal‐setting theory could be used to actively foster an organ...