Abstract

Leadership plays an essential role in changing employee behavior (Feng et al., 2019). Furthermore, leadership nurtures and embeds appropriate attitudes and behaviors of employees (Hughes et al., 2018). Empirical research has demonstrated that information security leadership is related to essential follower outcomes (Brown et al., 2005; Chughtai et al., 2015; Mayer et al., 2009; Walumbwa et al., 2011). Information security culture is a critical issue for organizations and leaders who face challenges protecting critical business data (Alkalbani et al., 2015). A prepared and aware information security culture will minimize risks to information assets while specifically reducing the risk of employee misbehavior and harmful interactions with information assets (O'Brien et al., 2013). Existing literature (Backhouse & Dhillon, 1996; Cleveland & Cleveland, 2018; Hirschheim et al., 1995; Hitchings, 1996; James, 1996; Siponen, 2001) has primarily focused on technology controls to prevent security breaches while promoting information security policy (ISP) compliance. This study addresses the gap between information security (InfoSec) and the influence of leadership style on information security culture. Leadership in InfoSec has mostly been unexplored (Bhattacharya, 2011; Guhr et al., 2019). This research adopts the full-range leadership theory (FRLT) and the full-range leadership model (FRLM) by Avolio & Bass (1991). Furthermore, this quantitative study addresses an effective leadership style and the relationship to information security culture. The research question under investigation is as follows: how do the dimensions of full-range leadership theory influence an information security culture.