Framework for Adoption of Information and Communication Technology security culture in SMMEs in Gauteng Province, South Africa

Thumbnail Image
Mokwetli, M. A.
Journal Title
Journal ISSN
Volume Title
Vaal University of Technology
Information and Communication Technology (ICT) has become prevalent in our everyday business and personal lives. As such, users and organisations must know how to protect themselves against human errors that led to more companies losing or sharing information that should not be shared. The issue emanates from lack of ICT security culture both in individuals and organisations. This research is based on a wide theoretical review that is focused on proposing a conceptual model on technological, environmental and organisational factors that influence the adoption of ICT security culture and implementation in Small Medium and Micro Enterprises (SMMEs). Factors or determinants that influence the adoption of ICT security culture in SMMEs in the Gauteng province were investigated. Questionnaires were distributed to examine the perception of ICT security culture adoption among SMMEs in the Gauteng province South Africa. A sample of 647 individuals from different SMMEs in the Gauteng province returned the questionnaire. The results of the research study show that technological context (perceived benefits), environmental context (government regulations) and organisational context (management support) determinants have direct influence on the ICT security culture adoption. The recommendation is that information security awareness programmes must be put in place. Further research is recommended using more determinants that might have a positive impact toward the adoption of the ICT security culture. In order to minimize data breaches due to human error it is recommended that SMMEs around Gauteng Province in South Africa adopt the framework as outlined in this research study.
M. Tech. (Department of Information Technology, Faculty of Applied and Computer Sciences), Vaal University of Technology.
ICT Security culture, Information Security culture, SMMEs, ICT, Adoption, Human error