Episode 110: How Security Culture and Corporate Culture Mesh

 

 

In episode 110 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Lee Noriega, Executive Director of the Cybersecurity Services Organization and Acting General Manager of Sales and Business Services at the Center for Internet Security^® (CIS^®); and Jerry Gitchel, founder of Leverage Unlimited and listener to Cybersecurity Where You Are. Together, they examine a question sent in by Jerry: if a corporate culture is lacking, can a security culture exist?

Here are some highlights from our episode:

• 01:33. What security culture is and how it differs from corporate culture
• 05:30. What elements factor into a strategy to drive corporate culture
• 09:30. The importance of a feedback loop for culture
• 15:43. How to cultivate "institutional ownership" in an organization's workforce
• 19:03. What goes into fostering security consciousness in support of security champions
• 25:14. The challenges of engaging corporate culture to think about security culture
• 29:13. Examples and takeaways for listeners

Resources

• Why Employee Cybersecurity Awareness Training Is Important
• Episode 107: Continuous Improvement via Secure by Design
• Seth Godin | Why People Like Us Do This
• The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].