From the breakroom to the boardroom: Creating a cybersecurity culture

It’s week two of National Cyber Security Awareness Month, and the focus is on cybersecurity culture.

September’s list of data breaches and cyber attacks highlighted that data breaches caused by staff – or threats that were ignored by staff and which later developed into a breach – were high in number.

It’s not surprising that an organization’s staff can pose such a threat – they have access to sensitive data and it’s unlikely to raise flags when they access it. So how do you handle the insider threat?

Build a security culture

All organizations need a security culture that stretches from the breakroom to the boardroom.

A security culture is a combination of multiple factors, such as:

  • Employee education (staff awareness)
  • Security exercises (breach drills, phishing simulations)
  • Information security awareness posters
  • Security advocate(s)
  • Specialist training for security personnel
  • Regular security refresher presentations

Although security cultures will differ from organization to organization, the overall goal remains the same: make staff aware of security threats and how they can be prevented.

Start building your culture today

Kai Roer, author of Build a Security Culture, has years of experience in helping organizations to build a culture of security throughout their workforces. If you want to build a security culture within your organization, then his book is the ideal place to start.

You can read more about the book here, as well as view a free sample.

IT Governance provides a series of invaluable and thought-provoking books and tools to empower your staff and prepare them to fight cyber crime.

  • Learn how you can influence your staff’s behavior with the best-seller The Psychology of Information Security.
  • Educate your staff about the key elements that make up an information security management system by engaging them with the ISMS card game.
  • Passively convey security-best practices with information security awareness posters. Hang them in critical spots – by the printer, waiting room, or in the kitchen – to reinforce your staff awareness program.
  • Provide your staff with informative and thought-provoking pocket guides to strengthen their knowledge of information and online security.

Fight cyber crime by creating a culture of cybersecurity!