Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

Author Archive for Rob Horne

Rob has many years experience in security management and assurance. Currently he's on long-term assignment to UK Government.

Subjective Metrics

The Security Culture Framework, quite rightly, suggests you begin your journey towards a security culture by looking at metrics. Start out by defining the current situation, known as As-Is. Then, document your target situation, known as To-Be. The next stage is to conduct a gap analysis between the two states. The SCF then goes on to talk about result goals…

Culture includes both the artist and their audience

  What does the word “culture” mean to you? When I think of culture I think of it as something that encompasses an entire society of people, not just a subset; so a security culture should consist of everyone within the scope of a security domain – whether that’s an organisation, group, location or other defined range. That said, your…