Abstract:
Previous studies explored factors that impact information security, but
research lacks a comprehensive understanding of managing information
security through the lens of local Arab culture. This study used a quantitative
research approach in which a web-based questionnaire was administered to
a representative sample in a Saudi Oil Company. 247 usable responses were
analyzed using structural equation modelling. The initial model linked the
six factors that were latent in the literature. Accordingly, it was connected to
trust, workplace culture, leaders, western technology, and employees’
alignment with information security. However, that model found to be
inadequate and following analysis of the pilot data from three pilot phases,
a final parsimonious model showed eight interconnections between six new
emergent factors. That model contained belief, expectations, and
trustworthiness of co-workers, workplace culture and supportive
leadership, trustworthiness towards others, Western information
technology satisfaction, data privacy, and information system security
compliance. The key finding indicates that workplace culture alignment, and
supportive leadership fully mediate the relationship between belief,
trustworthiness, and expectation of co-workers and information system
security compliance. Hence, this research makes a novel contribution by
modelling the information systems through the lens of the Arab region and
leads the way for further research in the context of information security
culture in the Arab region.