Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

The Framework: Planner

In the Planner Module, you set up a detailed plan of your defined goals and targets; your target groups; the different activities and when they are to be done; when to measure your progress The purpose of the Planner module is to create an overview of the different activities you plan to use, spread out over the course of your…

More about Planner

Are your information security goals SMART?

Have you already set your goals for your information security program? Did you ensure that the goals are Specific, Measurable, Achievable, Relevant and Time-specific (S.M.A.R.T)? Ensure that your goals are S.M.A.R.T! And you may ask yourself, how do I know if my goals are SMART? Let’s demonstrate how you can take a goal and test it Let’s assume you set…

How do you plan your awareness programs?

Plan for excellence: Plan your activities, measure your progress and revise. How do you plan your awareness programs? In the Planner Module, you set up a detailed plan of your defined goals and targets; your target groups; the different activities and when they are to be done; when to measure your progress. Read more on the Planner module: https://securitycultureframework.net/category/framework/planner/ 

Security Awareness Cycle by Tom Mannerud

The Security Awareness Cycle – a supplement to the SCF!

Creating awareness and security culture requires a lot of hard work if you want to succeed. Using the Security Culture Framework, you can design and implement the security culture you want, which is great. The SCF itself offers an over-arching framework within which you can build and maintain your culture – but sometimes you want a more hands-on approach, a…

Promoting an Information Security Culture

Shan Lee of JustEat presenting how to promote a security culture at the Infosecwebinars today. The recorded webcast is available here: A direct link to the webcast page: https://www.brighttalk.com/webcast/288/161635 Shan is using his great humor to convey the message, and it is not dull!

Number 10th Anniversary of the [Security Culture Show #10]

Last year, when Mo and I created the Security Culture Show (podcast, vcast, hangout, whatever you prefer calling it), we had no idea of the level of success we would get. Today marks the tenth show, and we will celebrate a little. Or a lot, depending on what happens, I guess! What I do know, is that the show will…

Security Culture Campaign Feedback Loop

The Security Culture Framework is designed as an on-going process running in iterations. Each iteration follows the PDCA-cycle, taking you closer to your goal using Security Culture Campaigns like the one in the illustration below. A security culture campaign is the combined efforts of trainings and activities used in a specific timeframe, for example a 12-week cycle. During the campaign,…

Discuss and learn