Published: January 2019
Summary: Organisational cyber security requires more than just the latest technology. To secure an organisation, all members of the organisation must act to reduce risk.
Leaders have a special responsibility to understand, shape and align the beliefs, values, and attitudes of the entire organisation with overall security goals. Managers need practical solutions for dealing with the human side of cybersecurity.
The model presented in this paper describes organisational cybersecurity culture, the factors that contribute to its creation, and how it can be measured. A case study of a “culture of data protection” created by leaders at financial services firm Liberty Mutual illustrates these factors to help managers understand and apply recommendations to create a more mature cyber security culture in their organisation.
Available from: https://hdl.handle.net/10125/60074