Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

23704 Security-aware organisational cultures as a starting point for mitigating socio-technical risks
Home Policy Brochure Browse Search User Area Contact Help

Uebelacker, S. (2013) Security-aware organisational cultures as a starting point for mitigating socio-technical risks. In: Informatik 2013, 16-20 Sep 2013, University of Koblenz-Landau, Koblenz, Germany. pp. 2046-2057. Lecture Notes in Informatics (LNI) P-220. Gesellschaft fuer Informatik e.V. ISBN 978-3-88579-614-5

Full text available as:


339 Kb
Open Access

Official URL:

Exported to Metis


This extended abstract briefly introduces Hofstede’s three leveled model of hu- man mental programming which captures the unique mental constitution of a person. These levels devide the vague “human factor” in more approachable categories. In the following sections each category is addressed and presented seperately according to research found and regarding security-aware behaviour.
By including universal human behaviour, characteristics of organisational and na- tional cultures as well as (occupational) grouping of personality traits of employees, we might be able to identify emerging social threats. Furthermore, assessing social risks could help to develop guidelines for cultural change towards a more security- aware organisational culture.
As the influence of an organisation on external factors (other than their own or- ganisational culture) tends to be minimal, developing, allowing, and applying cultural changes can be a promising approach in mitigating socio-technical risks.

Item Type:Conference or Workshop Paper (Extended Abstract, Talk)
Research Project:TREsPASS: Technology-supported Risk Estimation By Predictive Assessment Of Socio-technical Security
Additional Information:Foreground = 100%; Type of activity = workshop, conference, publication, presentation; Main leader = TUHH; Type of audience = scientific community; Size of audience = 20; Countries addressed = national;
Uncontrolled Keywords:Human factors, insider threat, organisational culture, security, security awareness, social engineering
ID Code:23704
Deposited On:22 September 2013
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item