Democracy, culture and information security: a case study in Zanzibar

Abstract

Purpose – The purpose of this paper is to investigate the impact of culture on information security in a developing country's view. Design/methodology/approach – Two questionnaires adopted from the GLOBE project and OCAI were used to collect quantitative data on national and organisational culture. Also, a face to face semi‐structured interview was used to get insight into deep‐rooted issues concerning information security in the study environment. In addition, a previous study was used to find correlation of the data in this study. Findings – The findings show that national culture has more influence than organisation culture on information security. We find that the dimensions that influence information security are Power Distance, Uncertainty Avoidance, In‐Group Collectivism, and Future Orientation. Research limitations/implications – This research was conducted in a public sector environment with employees thereby limiting external validity. Also, the population of the survey was small to make a generalisation of the findings. Also, the length of the questionnaire and complexity of questions put off many potential respondents. Practical implications – Culture has impact on information security implementation and therefore the results imply that some consideration should be given when implementing information security models. Originality/value – This study is important because it empirically correlates information security with cultural dimensions in a developing country's environment.