Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

How much is privacy worth?

Finding medical information in old paper files is time consuming and therefore costly. Let’s scan the lot and link it to our electronic health records! Of course at low costs. No problem in the prize fighter market of scanning companies.   Detainees working with our medical records Recently public broadcast corporation Max broadcasted a documentary in the Netherlands on hospitals…

My organization?

My organization, what do they know about security that may help me? You may ask when first learning about the Security Culture Framework in the organization module. As the expert at information security you are sure about that you have all the skills needed to educate your organization in how they shall adapt to the security rules that you have…

An ordinary data breach

  Recently I received an email from a nursing home. It was not meant for me, and it was full of confidential information. How did that happen? I am the owner of the domain merwe.nl and so I receive any mail addressed to email addresses ending with @merwe.nl. The nursing home has admitted a patient Van de Merwe and they…

Culture includes both the artist and their audience

  What does the word “culture” mean to you? When I think of culture I think of it as something that encompasses an entire society of people, not just a subset; so a security culture should consist of everyone within the scope of a security domain – whether that’s an organisation, group, location or other defined range. That said, your…

How do you define your goals?

Know your goal Your security culture program success is a direct result of your direction and your goals. How do you define your goals? With the SCF module Metrics, you set goals, define your baseline and decide how to measure security culture in your organization/program. Read more on the Metrics module: https://securitycultureframework.net/category/framework/metrics/

What can you change today?

Be holistic! Use Policies, Competence and Technology together to change security behaviors: What can you change today? The Topics module is used to determine which topics to train in order to reach your targets. There are a large numbers of different topics to train to succesfully create security culture, from technical areas, via passwords, policies and legalities, to how to discover…

What are your goals?

Measure your success: Define clear goals using the SMART makes it easy to know if you fail or succeed. What are your goals? With the SCF module Metrics, you set goals, define your baseline and decide how to measure security culture in your organization/program. Read more on the Metrics module: https://securitycultureframework.net/category/framework/metrics/

How Culture Impacts Negotiations

Security culture is not only about avoiding phishing, or setting strong passwords. Security culture also includes communication with others, and when communicating, we often find ourselves in a negotiation. Have you ever failed utterly at a negotiation, and later considered that perhaps differences in cultures was at play?

In this HBR video, you can learn how different cultures impacts how we negotiate, what is acceptable social behavior during negotiation, and how trust is built.

Should you prefer to, you may read the HBR article too, it is in-depth with nice examples.

How do you see culture creates barriers for security culture in your organisation? How can you use your new knowledge of culture and trust to break down those barriers?

Photo Credit.