KnowBe4 has launched its 2023 Security Culture How-To Guide, which delves into the fundamentals of what security culture is and the steps an organisation can take to understand, build and maintain a strong culture within their workplace.
KnowBe4 defines security culture as the ideas, customs and social behaviours of a group that influence its security. Additionally, security culture can be broken down into seven different dimensions as described in KnowBe4’s 2022 Security Culture Report. These dimensions include the attitudes, behaviours, cognition, communication, compliance, norms and responsibilities of employees and organizations that can be used to measure security culture.
This guide covers the essential ideas and definitions of security culture and provides seven basic, yet detailed steps for organisations to use to begin their journey toward building and strengthening their security culture. The guide also provides examples along with a checklist for an easy way to measure and track improvement.
“Security culture is a critical, contributing factor in reducing risks and improving overall security within organisations,” said Stu Sjouwerman, CEO, KnowBe4. “At KnowBe4, we recognise security culture as a vital backbone for a strong workforce that is educated and prepared to defend against bad actors who utilise social engineering and other malicious types of attacks. We created this how-to guide to inspire and support organisations around the world as they work to build human firewalls and fortify their security culture.”