Abstract
Organizations thrive on efficient information management systems as they support activities. Hence, these systems need to be protected from attacks that threaten their existence and use. Although non-technical information security ideas have been espoused by researchers, they have excluded the role of organizational communication. As such, this study explains information security from an organizational communication perspective. Drawing upon a framework of discourse and organizational change, we analyze an empirical case of how information security in an organization is implicated by communicative actions, deep structures, and communication traits. The analysis reveals that (1) prevention of security breaches is achieved by structures of domination and clarity in communicative action mediated by a reserved communication trait; and (2) response to information security breaches is achieved by structures of signification and legitimation, inter-departmental collaboration, and knowledge-rich communication mediated by an outspoken communication trait. Implications of these insights for theory and practice are discussed.