Abstract
Information security breaches are one of the fastest growing challenges faced by businesses in the world. The pace and progression of cybercrime exceeds most corporate’s security capability. That is why companies cannot rely on security technology only; however, employees also need to be involved. The goal of the study is to predict the relationship between communication factors and information security compliance. Media synchronicity theory is used due to its perceived effectiveness in promoting shared behaviour among people that work in the same environment. Communication theory and media richness theory were also included to support the model. These theories are combined into a framework called Miscellany of Perception and Determinism. Ten factors are extracted from this framework to test the relationship between communication and information security compliance in organisations. adopts a positivist deductive stance and generates hypotheses derived from a miscellany of communication theories. The positivist paradigm informs the data collection method and the development of the questionnaire. The Miscellany of Perception and Determinism Framework shows that there is a significant relationship between the dependent variable: Information security compliance and independent variables: Communication factors; Media Appropriateness; Reason for Communication; Non-conflicting Interpretations; Feedback Immediacy; and Personal Focus. The findings show that personal focus; non-conflicting interpretations; feedback immediacy; media appropriateness; and the reason for communication explain 61.3% of information security compliance. The study is at the forefront of linking important aspects within information security compliance and communication alike. This is ground-breaking research that was able to predict how policies can effectively be communicated. The results emphasise the necessity of adopting a comprehensive approach to using factors to communicate IS (information security) policy compliance. The implications of these findings are that communication mediums used by organisations are isolated in that they do not consider user experience for promoting understanding, and this leads to low security compliance behaviour. Once communication of policy is articulated effectively using the correct mediums, organisations will be able to be mindful of employee perception towards security strategies, which contributes to improving security compliance...
M.Com. (Information Technology Management)