Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

Why a Security Culture Framework?

Since it’s beginning in 1994, The Roer Group have provided organizations around the world with expertise within information security, communications, and organizational development. Over the years, we have learned how different organizations in a variation of sectors world-wide, plan and implement their security strategies.


Our experience is that many security professionals focus on architecture and technology, and policies and compliance. These are important areas where they often excel. We have found that the focus and understanding of the human mind and behavior is often lacking, and we have dedicated ourselves to bridge that gap.

It is acknowledged that humans are the weakest link in the security chain, a fact hackers, criminals and other adversaries constantly reminds us of. Building security awareness is a strategy to mitigate risk. It is a way to create awareness, understanding, motivation and change, using clear metrics, defined target audiences, a selection of relevant topics and a well executed plan.

The Security Culture Framework is developed in dialogue with clients and partners alike in order to create a standardized approach to working with user awareness. The result of this work is The Roer Security Culture Framework.

Latest posts by Cultura von Fun (see all)