Three C’s of Security Awareness: Culture, Change and Creativity
description
Transcript of Three C’s of Security Awareness: Culture, Change and Creativity
![Page 1: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/1.jpg)
Barbara McCraryChief Information Security
Officer
Three C’s of Security Awareness:Culture, Change and Creativity
![Page 2: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/2.jpg)
• Culture • Change • Creativity
The Three C’s of Security
Culture, change, and creativity are central to protecting an organization’s data and assets.
![Page 3: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/3.jpg)
• A Company’s Way of Life – Behavior and Practice– Standards– Habits and Routines– Traditions
Culture
![Page 4: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/4.jpg)
Behavior and Practices
– Organization Silos– Communication– Productivity– Environment
![Page 5: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/5.jpg)
Change IT’s Ideas About Effectual Security
• Update Standards• Habits and Routines– Process pertinent data first– Simplify
• Automate Traditional Processes
![Page 6: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/6.jpg)
To improve security and security awareness:
Change!
Change
![Page 7: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/7.jpg)
Keys to Change
• Protecting data is a shared responsibility.
• Encourage active participation from all stakeholders.
![Page 8: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/8.jpg)
Change Everyone’s Idea of Security Awareness
Training• Regular, daily, weekly, monthly
campaigns that look more like conversations than training.– Focused and Small Bites– Reinforce– Applicable
![Page 9: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/9.jpg)
Change Everyone’s Idea of Normal
• Inspire thought and conversation about ethical computing.– Change unethical norms. – Redesign decision processes.– Reinforce organizational ethics
using reminders and currently held communication tools.
![Page 10: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/10.jpg)
What can we really do to encourage ethical and secure corporate behavior?
Get Creative!
Creativity
![Page 11: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/11.jpg)
Incorporate a Variety of Awareness Tools
• Add security to process training.• Send info on trending and current
events.• Include info that applies to
personal lives, families and personal finance.
![Page 12: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/12.jpg)
Designing Security Awareness Materials
• Consider the differences:– generations– gender – seniority
![Page 13: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/13.jpg)
Summing It Up
To quote ― St. Francis of Assisi
“Start by doing what is necessary, then what is possible, and suddenly you are doing the impossible.”
![Page 14: Three C’s of Security Awareness: Culture, Change and Creativity](https://reader035.fdocuments.us/reader035/viewer/2022070405/56813e78550346895da89b5f/html5/thumbnails/14.jpg)
QUESTIONS?