The Security Culture Diagnostic Survey (SCDS)
The Competing Security Cultures Framework, introduced in Chapter 5, is a cornerstone of this book’s people-centric security approach. It provides a means of visualizing the tensions between information security stakeholders, priorities, and values that exist in every organization. There will always be differences between organizational cultures, and every company and enterprise will have its own unique approach to InfoSec, a mix of cultures, beliefs, and assumptions that will drive everyday decisions and behaviors across all people involved. The CSCF encourages observation and identification of these unique traits, placing them in a spatially oriented framework that allows the organization ...