Sometimes, organizations confuse cultural transformation around security with security awareness training.
Making annual cyber security training mandatory doesn’t take
much to implement. A little bit of coordination with the right people and
perhaps some pointing at some cyber security framework language and it is done.
Checkbox checked.
But making real, large scale change across the enterprise?
Transforming security culture?
That takes a constant full court press across the business.
Winning where you can today with a plan for the rest tomorrow.
Tenacity and focus on the hard work of changing user perception and secure practices.
A consistent narrative
and conversation.
Courage in the weeds of daily meetings.
.
Guts.
Follow me on Twitter
for discussion and the latest blog updates: @Opinionatedsec1. Or, start your
own discussion using #crazygoodcyberteams on twitter or Linkedin and I'll read
it.
SEE ALSO
Cyber Security Shared Consciousness: A Primer
The Value of Levels of Abstraction in Cyber Security
No comments:
Post a Comment