|
Title:
|
EVALUATING INFORMATION SECURITY AWARENESS AND COMPLIANCE IN SUB-SAHARAN AFRICA: AN INTERPRETIVIST PERSPECTIVE |
|
Author(s):
|
Sadiq Nasir and Narasimha Rao Vajjhala |
|
ISBN:
|
978-989-8704-15-3 |
|
Editors:
|
Miguel Baptista Nunes, Pedro IsaĆas, Philip Powell and Boyan Bontchev |
|
Year:
|
2020 |
|
Edition:
|
Single |
|
Keywords:
|
Information Security, Awareness, Africa, Interpretivist, Compliance |
|
Type:
|
Reflection |
|
First Page:
|
187 |
|
Last Page:
|
190 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
Information security awareness and compliance are at low levels in Sub-Saharan African countries. The low level of
awareness is partly because of several factors, including low Internet penetration rates, lack of adequate technological
infrastructure, low levels of literacy, and high costs of acquiring new technology. However, there are other issues, including
behavioral, social, cultural, and organizational issues that are often ignored. Most of the current literature on information
security awareness and compliance is centered in developed countries and, to some extent, developing countries in Asia
and the Middle East. There is limited literature on information security awareness and compliance, especially in Small and
Medium-Sized Enterprises (SMEs) in Africa, and in particular in Sub-Saharan African countries. The purpose of this
interpretivist study is to identify the significant challenges that SMEs in Nigeria, the most populous Sub-Saharan African
country face concerning information security awareness and compliance. The purpose of this qualitative, multisite,
exploratory case study will be to identify and explore the various social, cultural, organizational, and behavioral factors
that influence the adoption and compliance with the information security policies in Nigerian SMEs. Results of this study
could assist organizational leaders with maintaining higher levels of information security in their organizations and
avoiding loss of brand equity and revenue because of information security breaches. Observations from audio recorded,
in-depth personal interviews with 50 managers working in different departments in 20 different medium-sized companies
in Nigeria will be used in this case study. The 20 medium-sized companies included two companies each from the ten key
economic sectors forming the core of Nigerian economy. |
|
|
|
|
|
|
