Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

Why you should invest in security culture

Security investments is often seen as buying either hardware or software to protect our assets, both physical and logical, often this is not enough to ensure that we achieve the security levels we seek. The missing part of the investments is often in building knowledge, culture and understanding. If we provide people with valuable assets, such as information, we must…

Metrics, a technical drill down

We all see that the goal is one of the most important parts in a journey, but without a clear understanding on where we are at the moment it is hard to know how long the journey will take and even in what direction the journey should start. In the security culture framework we do take care of ensuring that…

The art of a good password – what is it, really?

Myp0ppy vs. UX*7(æ#6VbuiRomeo_and-Juliet8loVe4Ø&% You may wonder whether the blog author has lost his mind using a subtitle as the one above. Is he writing a piece about a battle of intergalactic entities, or if the topic is about a fight between a dog and a machine? Way off (one may of course argue the former)! My topic this time is about passwords and password…

The Security Culture Conference 2016 Call for Presentations

  The Security Culture Conference is the globally leading conference on security culture. The organizers are the community behind the Security Culture Framework, who use the conference to spread information about how to build and maintain security culture. In 2015, participants from USA, Asia and Europe met to learn and discuss the various topics of security culture. You may read…

What activities do you use?

Activities that resonate: Use your security culture activities, to resonate with your target audience. What activities do you use? The Topics module is used to determine which topics to train in order to reach your targets. There are a large numbers of different topics to train to succesfully create security culture, from technical areas, via passwords, policies and legalities, to…

Facts or fiction?

  Introduction A few months ago I was a satisfied participant on The Security Culture Summer Camp 2015, which turned out to be much fun, new stuff learned, and quite a lot of work. During several weeks the participants attended lectures, read articles, and got assignments to solve. It is the latter, which is my rather sneaky way to get…

What goals do you have?

Build culture with goals: Set the goals of your security culture program early, and use them to direct your actions. What goals do you have? With the SCF module Metrics, you set goals, define your baseline and decide how to measure security culture in your organization/program. Read more on the Metrics module: https://securitycultureframework.net/category/framework/metrics/

How do you communicate today?

Adapt your message: Make your employees understand by adapting your message to their needs. How do you communicate today? The Topics module is used to determine which topics to train in order to reach your targets. There are a large numbers of different topics to train to succesfully create security culture, from technical areas, via passwords, policies and legalities, to…

Managing Security Resources: It is all about people and awareness

In this webinar, Steve Durbin of ISF, explains how to align the board and C-suits to the cybersecurity challenge. Steve discuss a risk-based information security awareness culture that will engage employees at all levels. Overcoming the challenge of attracting and retaining skilled cybersecurity workforce is a growing concern, and requires a more imaginative, business and people-centric approach than many organizations…

How do you measure culture?

Metrics Matter: Knowing how to measure your progress and results, is key to your security awareness program. How do you measure culture? With the SCF module Metrics, you set goals, define your baseline and decide how to measure security culture in your organization/program. Read more on the Metrics module: https://securitycultureframework.net/category/framework/metrics/