Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

The Security Culture Conference

So the Security Culture conference happened! On an Island…no really…it was on an island…look…



The journey there took about twenty minutes via a ferry and a small boat to get to the island called Lille Herbern. The venue was actually a restaurant – the only one on the island.



The day began with Roar Thon’s key note – He explored what security culture is and what makes it an important tool for organizations. Roar is the Specialist Director at the Norwegian National Security Authority – You can find him on Twitter as: @secdefence



Next up we had Wolfgang Goerlich – He looked at how to apply the Security Culture Framework to a software development team. I think Wolf was about to get he’s Bollywood groove on there 😉 Wolfgang is a Cyber Security Strategist at CBI Inc, his Twitter handle is: @jwgoerlich



The second half of the morning we saw Kai explaining how you can build and maintain a security cutlure using the framework. I think we all know who he is and what he does 🙂 He’s Twitter handle is: @kairoer



The final talk before lunch was by Waldo Rocha Flores who works for Ernst & Young. He’s work has a lot to do with measuring the behavioural outcomes of security culture. Waldo also held a workshop after lunch. I couldn’t find him on Twitter.



Then it was time for lunch – yum!




Some lunch time conversations and networking…



Waldo’s workshop discussions – after lunch Waldo held a workshop which delved deeper in to his talk.



After the workshop we stretched our legs and got ready for the final part of the day with Shan Lee Head of Information Security for Just Eat. Shan told us about his security culture story at Just Eat, he gave us great insight into what it’s like to build a security within a dynamic company. You can find Shan on Twitter as: @secwaza



Turns out I was last on the list to present, I don’t like being last. Especially when you’re preceded by such quality. I spoke about how you can pop your bubble in the corporate environment. I’m on Twitter as: @infosecmo



With the talks over and everybody ready to chill we headed back to the boat and on to the post conference dinner party – much fun was had here.


I was going write a long post but then I went through the pictures from the day and I think they explain it all. The first Security Culture Conference had speakers with real experience and insight and I think everyone took something useful away at the end. Yes there were a few niggles but no conference out there is ever without those – it’s how you handle things that matters. It was a small and intimate affair with great conversation and a stunning setting.

Thank you to Kai, Eli, Kristina and Lars for making us all feel welcome.

See you all at the next one…I wonder where that will be 🙂