Information security in hospitality SMMEs in Cape Metropole area: The management and culture perspective

Information plays an important role in today’s businesses. It needs to be protected at all costs in order to avoid facing the consequences of loss of data and compromising information. In order to address information security, SMMEs (Small Medium and Micro Enterprises) should adopt a culture that is security abiding. By supporting a security culture where members of staff intuitively protect information, SMMEs can benefit much because the employees will be aware of their responsibilities regarding information security culture. However, previous studies tend to overlook this aspect. Management of information security can also help SMMEs deal with information security breaches especially that it has been indicated that employees contribute to most of the breaches. This paper looks at the two aspects, management and culture, to find out how SMMEs in the hospitality industry can effectively use them to deal with security issues. SMMEs in the hospitality industry deal with client credit card information and they need to protect it in order to avoid the consequences.