Information security culture: An investigation into the impact of a large-scale cyberattack

Cybersecurity and cyberattack have been mentioned significantly more in the news in recent years, which has caused organisations to give higher priority to information security than ever before. Today, many organisations are vulnerable to malicious attacks like ransomware. These attacks can significantly impact an organisation's operations, especially given their reliance on technical systems. This has led to organisations emphasising technical security measures significantly, often overlooking one critical aspect of information security, namely information security culture (ISC). This empirical study examines how an organisation's ISC changes during a ransomware attack and how it has conti…