ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Examining Cybersecurity Culture: Trends and Success Factors
The human factor, as the weakest link, is a fundamental issue that creates threats and vulnerabilities in cybersecurity implementation. However, the management of human factors has not been addressed comprehensively because it has not fully positioned individuals as integral members of the organization in building a cybersecurity culture. This study examines the development of a cybersecurity culture to effectively manage and direct human factors as part of an organization to address this issue through a philosophical approach to organizational culture. Through a systematic literature review, we explored research trends and identified the success factors in building a cybersecurity culture. The process of synthesizing success factors is based on the concept of organizational culture, considering three layers: artifacts, espoused values, and basic assumptions. A total of 31 success factors were identified and categorized into three levels of organizational culture. This approach provides organizations with comprehensive insights into areas requiring improvement, facilitating a clearer path to strengthening cybersecurity culture and improving preparedness for cyber threats. Additionally, maintaining a balanced approach to success factors ensures a holistic perspective in addressing cybersecurity challenges, preventing the trap of relying solely on technological solutions.