Information Security in Qatar: An Approach to Influence Change in Information Security Behaviors in Organizations

Information security is a huge discipline that has multiple technical and non-technical subareas. In the era of technological advancement, different aspects of information security such as policies and standards, awareness and training programs, risk assessment and gap analysis, and more, should all be carefully addressed and analyzed. The main aim of this research is to analyze the state of information security in Qatar and how it can be improved in organizations. First, the study examines the published articles on information security related to Qatar, and it analyzes the common themes and gaps in the available literature. Then, it identifies the exact areas of weaknesses in information security in Qatar using the Human Aspect of Information Security Questionnaire (HAIS-Q). It examines the different focus areas in information security and how they correlate with attitude, knowledge, and behaviors of employees. Finally, it suggests new approaches and solutions to address the identified problems. The main approach this study suggests is ‘Nudging’, which is a concept used in behavioral science. The research ends by proposing future recommendations to improve the state of information security in Qatar.