Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

Author Archive for Kai Roer

An engaging and award winning specialist on security behaviors and security culture, I provide organizations around the world with advice on assessing, building and maintaining good security culture using the Security Culture Framework. I am working with researchers and practitioners worldwide to bring insights on human behavior from a security perspective, thus creating better products, services and organizations. Recognitions (Selection) * Ron Knode Service Award by the Cloud Security Alliance * NCI Fellow at the National Cybersecurity Institute in Washington DC * JCI ITF #132 * Amazon Bestselling Author Author/editor of the success books: * Build a Security Culture, IT-Governance 2015 * Protecting our Future (Chapter: Cybersecurity in International Perspective), Hudson Whitman 2013 * The Cloud Security Rules (Editor, author), The Roer Group 2012 * The Leaders Workbook, The Roer Group 2010

Volunteer position: Webmaster

The Security Culture Framework and community is looking for a webmaster / website maintainer to take care of the website. As a webmaster, you will be given the opportunity to choose what technology to use for hosting our files, blog, forums and articles. Today, the platform is WP (hosted), with BBPress, BBForums and some custom updates to the template used.…

Security Culture Person of the Year Award 2017 goes to…

During a meeting of the Security Culture Community in Oslo, June 2017, Kai Roer, CEO of CLTRe and founder of the community, awarded Chris Karelse and Martine van de Merwe from the Netherlands as Security Culture Persons of the Year 2017. To quote Kai’s words during the award ceremony: “I’m here today to present the Security Culture Person Award to…

Interview with Wolfgang Goerlich on Security Culture

Channel 9 of MSDN interviewed J Wolfgang Goerlich on security culture. Wolfgang was one of the first to use and implement the Security Culture Framework back in 2013, and has been a strong supporter and ambassador ever since. Check out the interview below:

How Culture Impacts Negotiations

Security culture is not only about avoiding phishing, or setting strong passwords. Security culture also includes communication with others, and when communicating, we often find ourselves in a negotiation. Have you ever failed utterly at a negotiation, and later considered that perhaps differences in cultures was at play?

In this HBR video, you can learn how different cultures impacts how we negotiate, what is acceptable social behavior during negotiation, and how trust is built.

Should you prefer to, you may read the HBR article too, it is in-depth with nice examples.

How do you see culture creates barriers for security culture in your organisation? How can you use your new knowledge of culture and trust to break down those barriers?

Photo Credit.

The Security Culture Conference 2016 Call for Presentations

  The Security Culture Conference is the globally leading conference on security culture. The organizers are the community behind the Security Culture Framework, who use the conference to spread information about how to build and maintain security culture. In 2015, participants from USA, Asia and Europe met to learn and discuss the various topics of security culture. You may read…

Managing Security Resources: It is all about people and awareness

In this webinar, Steve Durbin of ISF, explains how to align the board and C-suits to the cybersecurity challenge. Steve discuss a risk-based information security awareness culture that will engage employees at all levels. Overcoming the challenge of attracting and retaining skilled cybersecurity workforce is a growing concern, and requires a more imaginative, business and people-centric approach than many organizations…

The Security Culture Show #13 with Rowenna Fielding

The Security Culture Show is back after a prolonged summer vacation! Todays topic was Getting Results from your awareness programs, and Rowenna Fielding shared from her great experience on how to build and maintain security culture using positive psychology. One particular research she pointed to was the work of Professor James Reason on aviation security, and how Just culture have become…

Full Day Workshop: Learn how to use the Security Culture Framework in Ljubljana

The Security Culture Framework is being used by successful organizations around the world, and as a result a growing demand for trainings is seen all over, and Kai Roer is traveling more than ever (it may, actually, be time to train more trainers too – reach out if you are interested!). Next up is a full-day workshop taking place in…

The Security Awareness Cycle – a supplement to the SCF!

Creating awareness and security culture requires a lot of hard work if you want to succeed. Using the Security Culture Framework, you can design and implement the security culture you want, which is great. The SCF itself offers an over-arching framework within which you can build and maintain your culture – but sometimes you want a more hands-on approach, a…

Understanding your audience: Using Personas

When you want your employees to understand your security awareness message, it is a good idea to make your message resonate with them. One step on that road is to realize that Realizing this is a first step to understand that most employees have other focuses, hobbies, interests, tasks and personality type than you and your security team. Analyzing your…

%d bloggers like this: