The problem of human factors in the field of Information Systems Security has been approached from different angles. At the beginning of this century the concept of Information Security Culture (ISC) became very popular among Information Systems (IS) researchers. Various ISC theories and frameworks have been produced on how to manage human behaviour and therefore avoid mistakes that cause security breaches within organisations. Unfortunately, the amount of security incidents is not declining but quite the contrary. We suggest that IS scholars should take a new approach in investigation of this problem; that is, the study of ISC should not be separated from other aspects of culture as prior research suggests that the various aspects interact and influence each other. In particular, the concept of national culture in so far as it applies to IS security culture has been practically dismissed by prior research while it is an important factor to consider in the modern global world. Along with national culture, the concept of organisational culture should be also included as organisational culture is a key to a company's success.