The article “Controlling Cyber Crime through Information Security Compliance Behavior: Role of Cybersecurity Awareness, Organizational Culture, and Employee Involvement” by Ghaleb et al. examines how human and organizational factors influence compliance with cybersecurity practices. Rather than focusing solely on technical defenses, the authors emphasize the importance of social science principles in shaping why individuals choose to follow or ignore security requirements. This approach reframes cybersecurity as both a technological and a human-centered issue.

The study connects closely with several principles of the social sciences. From a psychological perspective, it highlights how awareness of cyber threats influences decision-making and behavior. Employees who recognize risks and understand best practices are more likely to act in ways that protect organizational data. From a sociological standpoint, organizational culture plays a significant role. Things like shared norms, values, and leadership expectations help determine whether compliance is taken seriously across a workplace. Finally, from behavioral science, the study underscores the role of employee involvement, suggesting that when people are actively engaged in security processes, they feel a sense of ownership that strengthens compliance. Together, these perspectives demonstrate the multi-dimensional human factors at play in cybersecurity.

The research questions focus on whether cybersecurity awareness, organizational culture, and employee involvement serve as predictors of compliance behavior. The authors hypothesize that higher levels of each factor would lead to stronger adherence to security policies. To test these hypotheses, the study employed a quantitative survey approach. Employees were asked to report their levels of awareness, perceptions of organizational culture, degree of involvement in security processes, and their own compliance behaviors. The data were analyzed statistically, likely using regression methods, to determine the predictive strength of each variable. Results confirmed that all three factors significantly influence compliance, providing evidence that social and organizational strategies are as critical as technical defenses in combating cybercrime.

The article also relates to key classroom concepts such as norms and deviance, the role of social influence, and the gap between knowledge and action. For instance, simply being aware of risks is not sufficient for compliance. Reinforcement through culture, peer expectations, and leadership accountability is necessary.

Although the study does not directly examine marginalized groups, it highlights important equity considerations. Employees in lower-status positions may lack equal access to training and involvement opportunities, creating disparities in compliance. A supportive, inclusive organizational culture can help address these gaps by ensuring all workers are empowered to contribute to security practices.

Overall, the study contributes to society by demonstrating that cybersecurity is not only about technology but also about people. By showing that awareness, culture, and involvement strongly predict compliance, it encourages organizations to invest in human-centered strategies. This perspective enhances workplace security, reduces vulnerabilities, and strengthens broader efforts to fight cybercrime.

Reference
Ghaleb, M. M. S., Al-Hadhrami, T., Alghamdi, A., Al-Zahrani, R., & Al-Mekhlafi, A. (2025). Controlling cyber crime through information security compliance behavior: Role of cybersecurity awareness, organizational culture, and employee involvement. International Journal of Cyber Criminology, 19(1), 1–21. https://cybercrimejournal.com/menuscript/index.php/cybercrimejournal/article/view/437/123