Developing a Security-Awareness Culture – Improving Security Decision Making

By Chris Garrett

CIOs, managers and staff are faced with ever increasing levels of complexity in managing the security of their organizations and in preventing attacks that are increasingly sophisticated. As individuals we are subjected to enormous amounts of information across broad ranges of subjects, for example, security policies, new technologies, new patches, new threats, new sources of information, the list is endless. To fulfill the function of our role in the organization whether at a strategic or tactical level we make many decisions each day in the context of this information. As the environment continues to become more dynamic the process of making good security decisions is becoming more and more challenging. The answer lies in creating security-aware cultures in our organizations. This paper proposes that creating security aware cultures is dependent on improving how individuals make security decisions. Awareness of our decision-making processes as security practitioners can help us ma…

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *