There’s a misapprehension that because culture is a complex phenomenon it’s hard to define. Actually, it doesn’t have to be difficult: Culture is how we communicate what matters to us through what we say and do on a daily basis.
Not so long ago, technical attacks by cyber-criminals required security professionals to find technical solutions. But as social engineers target human vulnerabilities more aggressively, we must find people solutions. A more holistic approach is required. We still need the ‘hard tech’, but we also need to embrace ‘soft skills’.
I feel, rightly or wrongly, that whilst the human factor in security is acknowledged as something that needs to be addressed, there are many people who still don’t believe that people can change.
I deeply believe that change is possible. But people need a catalyst to change. I believe that catalyst is conversation. If we drop conversation from our security awareness tool-set, then we lose our ability to change. Conversation on its own will not create secure behaviours but adding it to existing security awareness programmes is the catalyst many organisations need to make the shift.
In this White Paper I cover the theory and combine it with practical solutions personally tried and tested over many years. I hope you discover something fresh, if you do, give it a go in your business. Good luck!
I was also privileged that Marilise de Villiers wrote the forward for this paper, and many colleagues provided quotes, which I will share over the coming weeks.
You can download the full White Paper here: www.layer8ltd.co.uk/resources/.