This research proposes a framework for adaptive information security systems that considers both the technical and social aspects of information systems security. To approach this systemic insecurity problem the research was divided into mini studies that were based on the Systemic-Holistic paradigm, Immune System concepts, and Socio-Technical System theory. Applying the holistic research process the author started first by exploring adaptation systems. After exploring these systems, the focus of the research was to understand the systems and features required for making information security systems learn to adapt to the changing environments. Designing and testing the adaptive framework were the next steps. The acquired knowledge from this research was structured into domains in accordance to ontological principles and relationship between domains was studied. These domains were then integrated with the security value-based chain concept, which include deterrence, prevention, detection, response, and recovery functions to create a framework for adaptive information security systems.