1 / 14

Three C’s of Security Awareness: Culture, Change and Creativity

Three C’s of Security Awareness: Culture, Change and Creativity. Chief Information Security Officer. Barbara McCrary. The Three C’s of Security. Culture Change Creativity. Culture, change, and creativity are central to protecting an organization’s data and assets. Culture.

allan
Télécharger la présentation

Three C’s of Security Awareness: Culture, Change and Creativity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Three C’s of Security Awareness:Culture, Change and Creativity Chief Information Security Officer Barbara McCrary

  2. The Three C’s of Security • Culture • Change • Creativity Culture, change, and creativity are central to protecting an organization’s data and assets.

  3. Culture • A Company’s Way of Life • Behavior and Practice • Standards • Habits and Routines • Traditions

  4. Behavior and Practices • Organization Silos • Communication • Productivity • Environment

  5. Change IT’s Ideas About Effectual Security • Update Standards • Habits and Routines • Process pertinent data first • Simplify • Automate Traditional Processes

  6. Change To improve security and security awareness: Change!

  7. Keys to Change • Protecting data is a shared responsibility. • Encourage active participation from all stakeholders.

  8. Change Everyone’s Idea of Security Awareness Training • Regular, daily, weekly, monthly campaigns that look more like conversations than training. • Focused and Small Bites • Reinforce • Applicable

  9. Change Everyone’s Idea of Normal • Inspire thought and conversation about ethical computing. • Change unethical norms. • Redesign decision processes. • Reinforce organizational ethics using reminders and currently held communication tools.

  10. Creativity What can we really do to encourage ethical and secure corporate behavior? Get Creative!

  11. Incorporate a Variety of Awareness Tools • Add security to process training. • Send info on trending and current events. • Include info that applies to personal lives, families and personal finance.

  12. Designing Security Awareness Materials • Consider the differences: • generations • gender • seniority

  13. Summing It Up To quote ― St. Francis of Assisi “Start by doing what is necessary, then what is possible, and suddenly you are doing the impossible.”

  14. QUESTIONS?

More Related