Purchasers’ acceptance of norms reduces risky behaviors and positively contributes to an coordination’s security culture, finds a new report.In their study Indepth comprehensions into the human factor: The 2017 Security Culture Report, originators Kai Roer of CLTe and Dr. Gregor Petric of the University of Ljubljana analyzed information collected from more than 10,000 employees working 38 organizations across five fatherlands in Norway and Sweden that use the CLTe Toolkit. This solution compiles metrics on seven dimensions or a company’s security culture: quality of communication, compliance, insight, secure behavior, positive attitudes, norms, and responsibilities.
Indepth discernments into the human factor: The 2017 Security Culture Report messenger 9For their research, Roer and Dr. Petric compared security cultures across Norway and Sweden’s boundaries. Here’s what they found:“Our data show some attractive differences between Norway and Sweden. In Norway, there seems to be a enormous frequency of risky behaviours than in Sweden. This is interesting all in all that our data also shows that there is a higher prone of openness and dialogue about security risks in Norway. One possible analysis is that openness and dialogue result in better understanding and recognition of hazard and risky behaviors, thereby resulting in greater self-awareness and more reporting. This commentary can be backed by organizations who implement incident report systems, seeing a hefty increase in reported incidents in the early stages of the implementation.”Meanwhile, the designers observed a weak correlation between formal training, knowledge, and behaviors. The creators interpret these findings as evidence that people adhere to company-based and nationalist norms in information security. As such, they suggest that compositions embrace a risk-based security culture that incorporates group command ofs rather than just awareness training.The researchers also institute some gender-based differences in how employees approach risk. Their backfire reveals that women are more likely to interfere with a co-worker who pickets risky behaviors and are more accepting of security controls. As opposed to spouses, men report a higher accountability for their actions, the study found.
Indepth insights into the anthropoid factor: The 2017 Security Culture Report page 16Roer fondles organizations need to be cognizant of these differences when designing their assurance cultures:“Putting these factors together, we believe that a deposit culture program that aims to improve security culture, should aim for gender steadiness. We also see a strong correlation between adherence to norms, and secure actions. No such correlation is found between awareness and behavior, leading us to conclude that sanctuary awareness training programs are all in desperate need of modernisation. Move away from long-drawn-out trainings, apply peer pressure and group dynamics instead.”The gunshot also examines how industry, age, length of an employee’s career shapes the estate to which employees buy into a security culture. For insight into these representatives, download the study here.