Customising Cyber Security Culture

I recently met up with someone in the Information Privacy sector, and we had a great chat about how our two industries are so closely related and beneficial to one another. This person's company was already implementing cyber security awareness training, and was also starting on cultural change (i.e. keeping awareness front of mind for staff).

 One of the initiatives was particularly interesting for me, because it highlights how cultural change must never be a cookie cutter approach, and what works for one company may not work for another.

They started by picking a slogan: "Security is everyone's responsibility". It's a popular choice, because it's true! The next initiative is something that worked for them, but I could equally see it failing in other companies.

Basically the message was that they all needed to support one another, and that meant highlighting when someone could be doing better. So they introduced stickers that could be placed on monitors where the computer was unlocked, or for unlocked office doors, messy desks etc.

IT began placing the stickers, but the process was quickly adopted by staff and Management, keen to jump on the bandwagon and point out where others could be doing better. Due to the culture of this organisation it was never a shaming exercise, more of a bit of light-hearted fun. However the outcome was that behaviour was modified, there was no push back towards the initiative, and everyone had a bit of fun.

Now an exercise like this could be a total disaster in a different organisation, depending on the people and how they interact. But in this case it was a great call, because they thought about their people and what would work for them!

If you want to change your cyber security culture, it must be done properly! There are some great frameworks available to guide you through the process (or people like me), and if you do it right the staff will be along for the ride and produce massive benefits for the organisation!


Get in Touch

Contact Details