Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

Building a security culture management platform – a brief history

Changing culture isn’t easy. It takes time and requires sustained efforts. Established in 2015, CLTRe was created to answer the question, how do you measure security culture? – a question that Kai Roer (the creator of the SCF) often got asked whenever he was engaged in conversations on how to build security culture and the importance of metrics.

Together with the pooled knowledge and experience of the CLTRe co-founders and other experts, Roer quickly got to work to build a scientifically valid, statistically reliable and technically effective solution to measure security culture. By automating the measuring process, CLTRe make security culture management affordable and achievable for almost any organisation.

CLTRe continued to test and refine their measurement instrument and, by the end of 2016, the CLTRe Toolkit was providing organisations with the ability to assess (and test the effectiveness) of their organisational measures to improve security, and could offer suggestions on how to further reduce risk. By measuring changes in security culture, CLTRe can find the most effective mechanisms to improve and maintain security culture.

In 2017, CLTRe published the largest ever study into security culture, the Security Culture Report 2017. The research was ground-breaking, proving that not only is it possible to gather and analyse data on the human factors influencing security, but also that it’s necessary to document the effect of organisational measures.

Now, with built-in tools to assist with every step of the framework – Measure, Involve, Engage and Plan – CLTRe are focusing on building a complete security culture management platform. As a result of the work that the Security Culture Framework Community do everyday (that’s you guys!) and the continuous efforts by CLTRe, the importance of security culture for risk management is increasingly being acknowledged. We see that security culture is being prioritised in organisations in a growing number of industries.

CLTRe continue to develop tools that enable customers to gain valuable insights from their data and apply the information learnt to the Security Culture Framework more easily. Security Awareness managers, Organisational Change Managers, CISOs and Security officers alike can use the CLTRe Toolkit to create, develop and evaluate their security culture programs, measure the security culture changes within their organisations and document their effectiveness.

For more details on the new management tools being launched by CLTRe this October, you can talk to us. Email us directly at [email protected] or book a demo at – the CLTRe Crew welcome your questions and comments.

Follow me