Information security maturity is the measurement of the organisation’s capability to remain secure. This article focuses on the social aspect of the management approach as part of a larger study that uses a socio-technical theory as a basis for analysing the relationship between the social and technical factors in the information security management system of Malaysian Public Service organisations. The empirical analysis was conducted to identify the antecedents of the information security maturity of an organisation, mainly through the study of several social factors. Through the sample obtained from the key players of information security in Malaysian Public Service organisations, results of the multivariate test reveal the underlying dimensions of a few social factors. The final result provides empirical proof of the social factors that has the most influence on the Malaysian Public Service organisations’ information security maturity.