C. Pope and E. Edwards, Over 1.5 million affected by Ennis data breach. The Irish Times (2013) Available at: http://www.irishtimes.com/news/consumer/over-1-5-million- affected-by-ennis-data-breach-1, 1592128.

D. Veiga, A. Eloff, and J. H. , A framework and assessment instrument for information security culture, Computers & Security, vol.29, issue.2, pp.96-207, 2010.
DOI : 10.1016/j.cose.2009.09.002

V. Solms and B. , Information Security ??? The Third Wave?, Computers & Security, vol.19, issue.7, pp.615-620, 2000.
DOI : 10.1016/S0167-4048(00)07021-8

J. S. Lim, S. Chang, S. Maynard, and A. Ahmad, Exploring the Relationship between Organizational Culture and Information Systems Security Culture, Proceedings of the 7th Australian Information Security Management Conference, pp.87-97, 2009.

T. Kuusisto and I. Ilvonen, Information security culture in small and medium size enterprises Available at: http, Frontiers of E-Business Research, 2003.

S. R. Boss, L. J. Kirsch, I. Angermeier, R. A. Shingler, and R. W. Ross, If someone is watching, I'll do what I'm asked: mandatoriness, control, and information security, European Journal of Information Systems, vol.46, issue.2, pp.151-164, 2009.
DOI : 10.1287/mnsc.

J. F. Van-niekerk and R. Von-solms, Information security culture: A management perspective, Computers & Security, vol.29, issue.4, pp.476-486, 2010.
DOI : 10.1016/j.cose.2009.10.005

I. Ajzen, Attitudes, Personality, and Behavior. 2 nd edition, Berkshire, 2005.

C. A. Ray, CORPORATE CULTURE: THE LAST FRONTIER OF CONTROL?, Journal of Management Studies, vol.22, issue.3, pp.287-297, 1986.
DOI : 10.2307/2392253

E. H. Schein, Organizational Culture and Leadership: The Dynamic View, 1985.

J. Malcomson, What is security culture? Does it differ in content from general organisational culture?, Proceedings of the 43rd Annual International Carnahan Conference on Security Technology, pp.361-366, 2009.

M. Alnatheer, T. Chan, and K. Nelson, Understanding and measuring information security culture, Proceedings of Pacific Asia Conference on Information Systems, 2012.

Q. Hu, T. Dinev, P. Hart, and D. Cooke, Managing Employee Compliance with Information Security Policies: The Critical Role of Top Management and Organizational Culture*, Decision Sciences, vol.26, issue.6, pp.615-660, 2012.
DOI : 10.1111/j.1540-5915.2012.00361.x

T. Dinev, J. Goo, Q. Hu, and K. Nam, User behaviour towards protective information technologies: the role of national cultural differences, Information Systems Journal, vol.9, issue.4, pp.391-412, 2009.
DOI : 10.1111/j.1365-2575.2007.00289.x

G. Hofstede, Culture's Consequences: International Differences in Work-related Values, 2001.

G. Hofstede, Culture's Consequences: International Differences in Work-related Values, 1980.

P. E. Spector, Behavior in organizations as a function of employee's locus of control., Psychological Bulletin, vol.91, issue.3, pp.482-497, 1982.
DOI : 10.1037/0033-2909.91.3.482

R. H. Kilmann, Managing Your Organization's Culture, Nonprofit World Report, vol.3, pp.12-15, 1985.

L. W. Porter and G. B. Mclaughlin, Leadership and the organizational context: Like the weather? The Leadership Quarterly, pp.559-576, 2006.

S. Kraemer and P. Carayon, Computer and Information Security Culture: Findings from Two Studies, Proceedings of the Human Factors and Ergonomics Society 49 th Annual Meeting, pp.1483-1487, 2005.

T. Schlienger and S. Teufel, Information Security Culture, Proceedings of the IFIP TCII 17th International Conference on Information Security, pp.191-201, 2002.
DOI : 10.1007/978-0-387-35586-3_15

D. Long, D. Fahey, and L. , Diagnosing cultural barriers to knowledge management., Academy of Management Perspectives, vol.14, issue.4, pp.113-127, 2000.
DOI : 10.5465/AME.2000.3979820

E. D. Wallach, Individuals and Organizations: The Cultural March, Training and Development Journal, vol.37, pp.29-36, 1983.

S. H. Schwartz, Universals in the Content and Structure of Values: Theoretical Advances and Empirical Tests in 20 Countries, Advances in Experimental Social Psychology, vol.25, pp.1-65, 1992.
DOI : 10.1016/S0065-2601(08)60281-6

D. E. Leidner and T. Kayworth, Review: A review of culture in information systems research: Toward a theory of information technology culture conflict, MIS Quarterly, vol.30, pp.357-399, 2006.

L. Myyry, M. Siponen, S. Pahnila, T. Vartiainen, and A. Vance, What levels of moral reasoning and values explain adherence to information security rules? An empirical study, European Journal of Information Systems, vol.16, issue.4, pp.126-139, 2009.
DOI : 10.1016/j.infoandorg.2006.08.001

P. Lok and J. Crawford, The effect of organisational culture and leadership style on job satisfaction and organisational commitment, Journal of Management Development, vol.23, issue.4, pp.321-338, 2004.
DOI : 10.1108/02621710410529785

S. Shane, S. Venkataraman, and I. Macmillan, Cultural Differences in Innovation Championing Strategies, Journal of Management, vol.28, issue.5, pp.931-952, 1995.
DOI : 10.1177/014920639502100507

C. Vroom and R. Von-solms, Towards information security behavioural compliance, Computers & Security, vol.23, issue.3, pp.191-198, 2004.
DOI : 10.1016/j.cose.2004.01.012

V. L. Clark and J. W. Creswell, The Mixed Methods Reader, 2008.

P. Maykut and R. Morehouse, Beginning Qualitative Research: A Philosophic and Practical Guide, 1994.

B. G. Glaser and A. L. Stauss, The Discovery of Grounded Theory, 1967.

Y. Lincoln and E. Guba, Naturalistic inquiry, International Journal of Intercultural Relations, vol.9, issue.4, 1985.
DOI : 10.1016/0147-1767(85)90062-8

S. J. Taylor and R. Bogdan, Introduction to Qualitative Research Methods: The Search for Meanings, 1984.

L. A. Gordon and M. P. Loeb, The economics of information security investment, ACM Transactions on Information and System Security, vol.5, issue.4, pp.438-457, 2002.
DOI : 10.1145/581271.581274

J. B. Joshi, W. G. Aref, A. Ghafoor, and E. H. Spafford, Security models for web-based applications, Communications of the ACM, vol.44, issue.2, 2001.
DOI : 10.1145/359205.359224

D. Straub, K. Loch, R. Evaristo, E. Karahanna, and M. Strite, Toward a Theory-Based Measurement of Culture, Journal of Global Information Management, vol.10, issue.1, pp.13-23, 2002.
DOI : 10.4018/jgim.2002010102