Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
Cyber security culture as a strategic asset
Cyber Security: A Peer-Reviewed Journal,
7
(2),
154-162
(2023)
Abstract
Governments and companies rely heavily on information technology (IT) to perform even the most basic functions of the business. The technology is, however, only a piece of an overall strategy that must be considered for success. The need for a strong cyber security culture is an equally vital part. So how does the modern cyber security professional create, nurture and sustain such a culture across the organisation? With over 69 per cent of cyber-aware trained employees knowingly bypassing security controls to conduct their critical business functions and achieve their objectives quicker, the answer to a more secure environment is not just the addition of more security technology, but cultivating a culture of cyber judgment to empower and enable the business to fulfil its mission in the most secure way possible without hindering outcomes. This paper delves into the importance of cyber security in today’s digital landscape, and suggests ways to overcome the challenges and develop a successful cyber security culture as a strategic asset.
Keywords: cyber security culture; AI; talent; security friction
The full article is available to subscribers to the journal.
Author's Biography
Glendon Schmitz has worked in information technology and cyber security for more than 28 years in both the private and public sectors spanning military service, financial industry and healthcare. He is currently the Chief Information Security Officer for one of Virginia’s largest agencies, the Department of Behavioral Health and Developmental Services, overseeing information security for 12 state hospitals and the Central Office consisting of both traditional and remote workforce employees.
