This study attempts to explore the potential in employees to positively contribute to organizational information security management. Toward that end, this study developed the concept of proactive information security behavior and examined its connections to individual creativity and two organizational context factors: group culture and decentralized IT governance. Findings of this study supported its positive relationship with individual creativity and group culture as well as partial and full mediation effects of decentralized IT governance and individual creativity on the relationship between proactive information security behavior and group culture.