Implementing a Successful Security Culture Diagnostic Project

We’ve covered a lot of territory in this part of the book, including a framework (Chapter 5) and a survey (Chapter 6) for measuring an organization’s information security culture, and security culture maps for visualizing and communicating the survey results (Chapter 7). As you’ve read, you can interpret the data collected from such measurement projects not only to understand where your security culture is today, but also to determine where you want your security culture to be in the future. But one question still remains: how does an organization actually perform a security culture assessment? This chapter tackles that question, discussing how you can get support for diagnosing ...

Get People-Centric Security: Transforming Your Enterprise Security Culture now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.