To read this content please select one of the options below:

Shaping security behaviour through discipline and agility: Implications for information security management

Dan Harnesk (Luleå University of Technology, SRT, Luleå, Sweden)
John Lindström (Luleå University of Technology, TVM/DMK, Luleå, Sweden)

Information Management & Computer Security

ISSN: 0968-5227

Article publication date: 11 October 2011




The purpose of this paper is to broaden the understanding about security behaviour by developing a security behaviour typology based on the concepts of discipline and agility.


A case study was designed to analyze security behaviours in one public nursing centre. The inquiry was organized around the themes discipline and agility, culture, and security processes in order to get an in‐depth understanding of the complex relationship between security management, referred to as discipline, and security in use, referred to as agility.


The paper shows that security behaviour can be shaped by discipline and agility and that both can exist collectively if organizations consider the constitutional and existential aspects of information security (IS) management.

Practical implications

This research makes a pivotal stand for the issue how security behaviours narrate a broad picture to enhance IS management. In particular, this will improve design of IS training and awareness programs.


This research is relevant to IS management in organizations, particularly as behavioural and cultural aspects are becoming increasingly significant for maintaining and also designing systemic IS management.



Harnesk, D. and Lindström, J. (2011), "Shaping security behaviour through discipline and agility: Implications for information security management", Information Management & Computer Security, Vol. 19 No. 4, pp. 262-276.



Emerald Group Publishing Limited

Copyright © 2011, Emerald Group Publishing Limited

Related articles