Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Organizational Behavior
Organizational security reflects the need to protect the organization against theft, cybercrime, and other instances of criminal activity that can undermine a business' profitability, or in some cases even its viability. From cases like the Max Vision hacking case with CapitalOne (Poulsen, 2010) to cases of inside job theft at hotels (Partridge, 2014), there are many internal and external risks that an organization faces. Managing these risks is often thought to simply be the duty of security teams, but that is not at all the case. A cybersecurity team can handle the technical aspect of security, for example, but an employee not protecting a key password can be a bigger breach than anything embedded in the software. Organizational security is, ultimately, everybody's job, and optimizing organizational security is therefore something that should be embedded in the organizational culture.
Cultures emerge in organizations, but managers and leaders within the organization can influence the development of organizational cultures (Cooke & Rousseau, 1988). Leaders both formal and informal have the ability to cast influence over behavior through their words and actions, while managers have tools at their disposal in the form of the proverbial carrots and sticks to influence the behavior of people within the organization. As such, there is a link between how a culture develops, what management does to encourage the development of culture in specific ways, and the outcome behaviors of the organization....
When those behaviors are strongly oriented towards defending the security of the organization, organizational security risk will be lower.
Sanctions are one means by which managers influence behavior in an organization, as they have the ability to punish people for poor security behaviors. Guo (2013) notes, however, that there is rather inconclusive evidence about the efficacy of sanctions in motivating behavior. This calls to question whether ad hoc punishment approaches are truly going to be effective. Moreover, one breach can cost a company millions, so any punishment after the fact could ultimately be pointless as the damage has already been done. The lesson from this is that organizational culture and behavior need to be proactive where security is concerned, in order to be most effective.
The organizational security plan therefore needs to build in training and motivation at the proactive level in order to be effective. The first component, training, is required, to help employees understand the issues. Building a security culture at an organization where none has previously existed should be seen as an organizational change endeavor -- without this view, the inertia of the status quo could scuttle any attempts to change or alter behavior within the organization. Thus, education and training forms the first part of the organizational security plan, because employees need to understand the risks, why these risks are greater today than they once were, and the role that each person plays in mitigating…
References
Poulsen, K. (2010) Record 13-year sentence for hacker Max Vision. Wired. Retrieved March 17, 2016 from http://www.wired.com/2010/02/max-vision-sentencing/
Partridge, E. (2014) Vegas hotel robbery an inside job, say police. Sydney Morning Herald. Retrieved March 17, 2016 from http://www.smh.com.au/nsw/vegas-hotel-robbery-an-inside-job-say-police-20140926-10mwjt.html
Cooke, R. & Rousseau, D. (1988). Behavioral norms and expectations. Group & Organization Studies. Vol. 13 (3) 245-273.
Guo, K. (2013). Security-related behavior in using information systems in the workplace: A review and synthesis. Computers & Security. Vol. 32 (Feb 2013) 242-251.
(Gartenberg, 2005) Like all other aspects of business today, security systems often prove to be highly complex and hard (even for the participants) to identify. The culture of an organization is like the culture of a family, a community, or a nation: Because it surrounds the people in it they often have a great deal of difficulty in recognizing to what extent policies and procedures arise from the constraints of culture
Security Management The role of a security manager varies widely according to the particular organization and its needs, but despite this variety, there remain certain best practices and policies that can help maintain security and stability. This is nowhere more true than in the case of organizational loss, because while loss can mean widely different things depending on the field, the underlying theoretical concepts which inform attempts to minimize loss are
Security Report In the present day, organizations are reliant on information in order to continue being relevant and not become obsolete. To be specific, organizations are reliant on the controls and systems that have been instituted in place, which provide the continuing privacy, veracity, and accessibility of their data and information (Lomprey, 2008). There is an increase and rise in threats to information contained within organizations and information systems (Lomprey, 2008).
According to the authors, this can be done if employees are given a sense of importance in the organizations. Knowledge workers are already short in supplies and most competing rivals also compete to get the best human resource in terms of knowledge workers. It is therefore essential for any organization to retain this highly skilled part of their workforce and in order to do that organizations must eliminate the
They need to know what their responsibilities are not only as individuals but also as team members and corporate employees. David cites an excerpt from a corporate security document that illustrates his point: "A security policy serves many functions. It is a central document that describes in detail acceptable network activity and penalties for misuse. A security policy also provides a forum for identifying and clarifying security goals and
This calls for both physical and mental strength (Army Regulation 600-100, 2007). Comparing my organization's code of ethics with my own, I conclude that on literal grounds it is similar in many ways. The ethical code of the U.S. Army calls for being dutiful, honest, fulfillment of obligations and tolerance towards others. However, I feel that in many ways these ethics are not practically put into practice the way they