Upload File

Download - How to build and maintain security culture in any organization

Transcript
Page 1: How to build and maintain security culture in any organization

SECURITY CULTUREby Kai Roer

ISACA Nordic Conference, Oslo, 2014

Page 2: How to build and maintain security culture in any organization
Page 3: How to build and maintain security culture in any organization

SECURITY CULTURESay what…?

Page 4: How to build and maintain security culture in any organization

WHAT IS CULTURE?

the ideas, customs, and social behavior of a particular people

or society

Ref: Oxford Dictionary

Page 5: How to build and maintain security culture in any organization
Page 6: How to build and maintain security culture in any organization
Page 7: How to build and maintain security culture in any organization
Page 8: How to build and maintain security culture in any organization
Page 9: How to build and maintain security culture in any organization
Page 10: How to build and maintain security culture in any organization
Page 11: How to build and maintain security culture in any organization

WHAT IS SECURITY?

• the state of being free from danger or threat

• the state of feeling safe, stable, and free from fear or anxiety

Ref: Oxford Dictionary

Page 12: How to build and maintain security culture in any organization
Page 13: How to build and maintain security culture in any organization
Page 14: How to build and maintain security culture in any organization
Page 15: How to build and maintain security culture in any organization
Page 16: How to build and maintain security culture in any organization
Page 17: How to build and maintain security culture in any organization
Page 18: How to build and maintain security culture in any organization

SECURITY CULTURE

the ideas, customs, and social behavior of a particular people or society, that helps them

being free from danger or threat

Ref: K. Roer

Page 19: How to build and maintain security culture in any organization
Page 20: How to build and maintain security culture in any organization
Page 21: How to build and maintain security culture in any organization

CREATINGa Security Culture Program

Page 22: How to build and maintain security culture in any organization

INTRODUCING: THE SECURITY CULTURE FRAMEWORK

Page 23: How to build and maintain security culture in any organization

WHERE TO START

1. Set up your team

2. Define your goals, and how to know you reach them (To-Be)

3. Measure your current status (As-Is)

4. Define target audience(s)

5. Choose relevant topic(s) and activities

6. Plan and execute

7. Measure and Revise

8. Restart

Page 24: How to build and maintain security culture in any organization

WHY A PROGRAM

• Culture is constantly evolving

• Organizations change

• People change

• Not one training to save them all!

Page 25: How to build and maintain security culture in any organization

MORE THAN TRAINING

• Security Culture must be nurtured

• Support business

• Create understanding && Awareness

• On-going

• One step at the time

Page 26: How to build and maintain security culture in any organization
Page 27: How to build and maintain security culture in any organization

THANKS, ISACA 2014!• http://theroergroup.com

• http://roer.com

• https://scf.roer.com

• @kairoer

http://theroergroup.com
http://roer.com
https://scf.roer.com
Page 28: How to build and maintain security culture in any organization

SOURCES OF INFORMATION

• The Security Culture Framework project

• Research

• SANS

• The Analogies Project

• The Security Awareness Framework project


Top Related

Design-Build Project Survey - Transportation · finance (i.e., design-build-maintain, design-build-operate-maintain, and design-build-finance). Franchise and concession agreements
Design-Build Project Survey - Transportation · finance (i.e., design-build-maintain, design-build-operate-maintain, and design-build-finance). Franchise and concession agreements
Culture To Build Loyalty 090920
Culture To Build Loyalty 090920
How to Create a Successful Organizational Culture: Build ... · How to Create a Successful Organizational Culture: Build It—Literally / 06.15 Collaborate Culture Control Culture
How to Create a Successful Organizational Culture: Build ... · How to Create a Successful Organizational Culture: Build It—Literally / 06.15 Collaborate Culture Control Culture
Online Fundraising: Harnessing Technology to Build & Maintain Relationships
Online Fundraising: Harnessing Technology to Build & Maintain Relationships
Build and Maintain a High-Functioning Insurance Committee ... · Build and Maintain a High-Functioning Insurance Committee: Maximize Your Employee Benefits Program THESE MATERIALS
Build and Maintain a High-Functioning Insurance Committee ... · Build and Maintain a High-Functioning Insurance Committee: Maximize Your Employee Benefits Program THESE MATERIALS
Empowering local communities to build, maintain and expand
Empowering local communities to build, maintain and expand
Nuts and Bolts: Build and Maintain Successful Partnerships
Nuts and Bolts: Build and Maintain Successful Partnerships
IIA Austin Chapter Culture... · GREAT CULTURE Create new stories Build a team Try new things . Consciously build a powerful company culture. Otherwise, it will build itself and you
IIA Austin Chapter Culture... · GREAT CULTURE Create new stories Build a team Try new things . Consciously build a powerful company culture. Otherwise, it will build itself and you