Challenges and Measures for Information Security Practices: A Literature Review on Systemic and Idiosyncratic Aspects
preprint
OA: closed
Abstract
Information security is becoming a key organizational concern in light of increasingly demanding regulations, customers’ apprehension, and, significant operational risks. The information security practices of employees are pivotal for preventing, detecting, and responding to security incidents. This paper is synthesizing the insights from prior research based on a systematic literature review that explores challenges related to information security practices in organizations and the ways these challenges are managed to avoid security breaches. Four general challenges are identified: (1) security rules and procedures, (2) individual and personal risks, (3) culture and security awareness, and (4) organizational and power relations. To manage these challenges, three types of measures are prominent: measures related to training and awareness, measures related to organizational support, measures related to rewards and penalties. These measures aim to enhance systemic capabilities and to adapt security mechanisms to the idiosyncratic characteristics of organizations.
My notes (saved in your browser only)
Citation neighborhood (no data yet)
We don't have any in-corpus citations linked to this paper yet. The paper's references may be in our DB but unresolved to ``paper_id`` (resolution happens at ingest when the cited DOI matches a row we already have). Run the cross-source citation reconcile pass to retry.
Source provenance
- europepmc
- last seen: 2026-05-19T01:45:01.086888+00:00