CHAPTER

3

Organizational Culture: A Primer

I’m going to make the case in this book that security culture is fundamental to security performance and offer a path to transforming your organization’s information security culture as a way to reduce risk, increase value, and avoid security incidents. But to make that case, I need to demonstrate that the critical link between organizational culture and organizational performance is not a new idea in industry, just one that is pretty new to InfoSec. Studying organizational and corporate culture as a means to making companies perform better in competitive and volatile circumstances has a rich history in both business and academia. In this chapter I will draw on some of this research to help you understand ...

Get People-Centric Security: Transforming Your Enterprise Security Culture now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.