This paper aims to explore social and organizational aspects of information security management. The changing nature of security is revealed against the backdrop of globalization. It provides a thorough review of literature on the topics of cyberethics as related to information security and transnational law. The objective of the paper is to cover broadly socio-organizational themes providing for the purpose of definition and a basis for further research. It thus raises a number of pressing issues facing organizations today, and offers an overview discussion on potential solutions. The main outcome of the paper is in showing that successful security strategies rely on well-thought out and executed organizational processes (i.e. human resources, legal), not just information technology hardware and software products.
This conference paper was originally published as Michael, K, Social and Organizational Aspects of Information Security Management, IADIS e-Society 2008, 9-12 April 2008, Algarve, Portugal.