Analysis of Information Security Culture. A case of study: Leon, Guanajuato, Mexico

In the last years, the number of cyberattacks has increased, and the creation of malware every day represents new challenges. Against this situation, IT (Information Technology) professionals and senior management continue to invest large sums of money in purchasing hardware and software as the main tools to reduce security breaches; however, awareness campaigns and training on computer security among employees at all levels. Consequently, and with the results of the present study, it is evident that the main safety risk, the human factor, is not addressed. Our results corroborate previous studies, and the results show the lack of a culture of information security in organizations. Moreover, many companies do not have a computer security department.