Cybersecurity ABCs by Jessica Barker, Adrian Davis, Bruce Hallas, Ciarán Mc Mahon

In the previous chapter I explained how culture is understood, generally and in an organisational context. This chapter summarises how, having understood how cultures are formed, we may use this to start to build a cohesive approach to embedding cybersecurity values into organisations, industry sectors and even, arguably, nation states, through a cybersecurity culture.

For many of this book’s readers their role will be to bring about a change in culture within an organisation or to ‘develop a security culture’. The scale of this journey is, as you will anticipate, large, so this chapter is not a definitive guide, nor is it a checklist to take to your CISO or board. It is, however, a small but influential part ...