Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

Author Archive for Kai Roer

An engaging and award winning specialist on security behaviors and security culture, I provide organizations around the world with advice on assessing, building and maintaining good security culture using the Security Culture Framework. I am working with researchers and practitioners worldwide to bring insights on human behavior from a security perspective, thus creating better products, services and organizations. Recognitions (Selection) * Ron Knode Service Award by the Cloud Security Alliance * NCI Fellow at the National Cybersecurity Institute in Washington DC * JCI ITF #132 * Amazon Bestselling Author Author/editor of the success books: * Build a Security Culture, IT-Governance 2015 * Protecting our Future (Chapter: Cybersecurity in International Perspective), Hudson Whitman 2013 * The Cloud Security Rules (Editor, author), The Roer Group 2012 * The Leaders Workbook, The Roer Group 2010

The Security Awareness Cycle – a supplement to the SCF!

Creating awareness and security culture requires a lot of hard work if you want to succeed. Using the Security Culture Framework, you can design and implement the security culture you want, which is great. The SCF itself offers an over-arching framework within which you can build and maintain your culture – but sometimes you want a more hands-on approach, a…

Understanding your audience: Using Personas

When you want your employees to understand your security awareness message, it is a good idea to make your message resonate with them. One step on that road is to realize that Realizing this is a first step to understand that most employees have other focuses, hobbies, interests, tasks and personality type than you and your security team. Analyzing your…

How secure is your password?

One way to help your users understand what a poor password is, is to demonstrate it for them. With the right equipment, you can easily set up a password cracking lab for a lunch-and-learn (most likely, the IT or security department already have the required tools available). You may also point users to a site like https://howsecureismypassword.net/ where your employees may type…

How to protect your business from hackers

In this Guardian article, Danny Bradbury explains how to protect your business from hackers. Danny says you should start with understanding your risks, an advice that goes well with the industry best practices. He moves on to discuss how important devices are, and how cloud services may provide great resources as well as introduce new risks. The final point Danny…

Promoting an Information Security Culture

Shan Lee of JustEat presenting how to promote a security culture at the Infosecwebinars today. The recorded webcast is available here: A direct link to the webcast page: https://www.brighttalk.com/webcast/288/161635 Shan is using his great humor to convey the message, and it is not dull!

Culture: Why it´s the hottest topic in business

Culture, and thus security culture, is quickly picking up interest and speed in the corporate world. This is great news for anyone who set out to build security culture: you now have the ears of the board and the management! According to Josh Bersin, a HR and management analyst and a columnist at Forbes, culture has become a must-have in organizations…

Who makes the SCF possible?

The Security Culture Framework have supporters of all kinds, from anonymous individuals to the Fortune 100 organizations who use it to build and maintain good security culture within. This open and free project would not be possible had it not been for our supporters of all kinds. We, the Security Culture Framework Crew, would like to extend our thanks to…

The Security Culture Show #12 with Lance Spitzner of SANS

In this episode of the Security Culture Show you get to meet the amazing Lance Spitzner, who shares his broad experience of changing behavior and culture around the world through his work at SANS and Securing the Human. Lance is a great inspiration to many when it comes to security awareness, and in this episode you get to hear first-hand of some…