cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor III

ENISA cybersecurity culture

Probably one of the more relevant reports on how to avoid typical security programme pitfalls you'll read.

 

https://www.enisa.europa.eu/publications/cybersecurity-culture-guidelines-behavioural-aspects-of-cyb...

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
2 Replies
Community Champion

Re: ENISA cybersecurity culture

One excerpt from it so true:

Organisations should strive for adherence (active participation) rather than compliance - rapidly emerging
threats require employees who are engaged and willing to step up. Organisational leadership has a key
role in developing effective and workable security - by helping security specialists to fit security into the
business, breaking down silos and leveraging other organisational capabilities (safety, HR,
communications) - but not least by setting the tone and leading by example. Measures to improve security
behaviour should be an ongoing, iterative process - the human factor in cyber-security is never ‘solved’,
and there is no simple ‘solution’, but human skills and knowledge, rather than vulnerabilities, can be made
to work in favour of an organisation’s defensive cybersecurity.

Community Champion

Re: ENISA cybersecurity culture

 

So very true. An organization won't be adequately secure unless it's culture is geared properly, for which senior management must support a strategy that aims to achieve this...

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz