Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

The Security Awareness Cycle – a supplement to the SCF!

Security Awareness Cycle by Tom Mannerud
Creating awareness and security culture requires a lot of hard work if you want to succeed. Using the Security Culture Framework, you can design and implement the security culture you want, which is great. The SCF itself offers an over-arching framework within which you can build and maintain your culture – but sometimes you want a more hands-on approach, a methodology directly focused on security awareness activities.

When that happens, you may look at Tom Andreas Mannerud´s Security Awareness Cycle, a methodology that is based on his award winning graduation project, and one that closely aligns with the SCF. You will recognize the different steps – from defining your metrics, to understanding your audience, and creating materials that will help you succeed with your goals.

The most important addition and focus area of Tom´s work is his focus on behaviors. He says you need to understand and map out the behavior you like/do not like, and then target that behavior with your activities. As behaviors are an important part of culture, and awareness alone does not change behavior, the focus on behaviors in Tom´s work helps you focus your efforts and budgets where it really matters – to change the behaviors into the kind of culture you want.


Read the full article!
Engage me!

Kai Roer

Creator of the Security Culture Framework at CLTRe
An engaging and award winning specialist on security behaviors and security culture, I provide organizations around the world with advice on assessing, building and maintaining good security culture using the Security Culture Framework. I am working with researchers and practitioners worldwide to bring insights on human behavior from a security perspective, thus creating better products, services and organizations.

Recognitions (Selection)
* Ron Knode Service Award by the Cloud Security Alliance
* NCI Fellow at the National Cybersecurity Institute in Washington DC
* JCI ITF #132
* Amazon Bestselling Author

Author/editor of the success books:
* Build a Security Culture, IT-Governance 2015
* Protecting our Future (Chapter: Cybersecurity in International Perspective), Hudson Whitman 2013
* The Cloud Security Rules (Editor, author), The Roer Group 2012
* The Leaders Workbook, The Roer Group 2010
Engage me!