Chapter 5. Establishing a Culture of CyberSecurity

 

‘It is necessary to create a change in attitudes which change the organizational culture. The cultural change is the realization that IT security is critical because a security failure has potentially adverse consequences for everyone. Therefore, IT security is everyone’s job.’

 
 --US National Institute of Standards and Technology

When thinking about the term organizational culture, what is the first thing that pops into your mind? Most will respond with something like: ‘It’s how we do things around here.’ That may be true, but it only begins to address the implications of culture.

Whether or not culture can be clearly defined, it is obvious that it exists and impacts how things get done; it critically ...

Get CyberWar, CyberTerror, CyberCrime: A Guide to the Role of Standards in an Environment of Change and Danger now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.