Abstract:
Despite the immense research on information security, the human factor has been neglected in
most of the research communities with majority of the security research leaning towards the
technological aspects of information technology system. With the rapid development and
introduction of new technological solutions to combat the growing threat on information
security, the human factor is still subject to continuous attacks. The human factor plays a
significant role in security aspects. Behavior of an individual is greatly influenced by the user’s
perceptions on security risks and understanding, whereas, these are directly linked to
organizational culture and its environment. This research evaluates the potential human factors
influencing a security culture in an organization through the creation of a hypothesis. The
research was conducted in a leading software organization to understand the level of
established security culture also to identify area that have shown improvements. The study
focused on employees to validate two main concepts of human factors and adaptation of a
security culture. Data was collected through a structured questionnaire where 90 participants
responded and the data was evaluated using the Likert scale. The results have shown that
human factors have a significant role in adapting a security culture for an organization and
that relationship between the depicted human factors and adaptation of a security culture is
moderately strong and positive in context