MADISON, Wis., June 29, 2021 /PRNewswire-PRWeb/ — Infosec, the leading cybersecurity education company, today released findings from its new research report, Cybersecurity Culture – Quantified. Designed to assess employee perceptions and sentiments towards cybersecurity best practices and policies, the study revealed a significant variation of security culture by industry, department and organization size.
A strong cybersecurity culture, an organization’s collective awareness, attitudes and behaviors toward security, is based on employees willingly embracing security best practices both professionally and personally. Accordingly, ISACA and CMMI Institute research has shown organizations with strong cybersecurity cultures experience increased visibility into potential threats, reduced cyber incidents and greater post-attack resilience among other measurable benefits.
However, cybersecurity culture has historically been seen as an abstract concept and difficult to quantify. To help overcome this challenge, Infosec developed a framework and survey to classify cybersecurity culture and systematically measure results, allowing organizations to turn this important security variable into a data-driven element in their cybersecurity strategy.
“Our goal with this study was to understand the current state of security culture and uncover employee sentiments impacting security behaviors. The results show employee beliefs toward cybersecurity vary widely, which can have a major impact on an organization’s security posture.” said Jack Koziol, CEO and founder at Infosec. “If employees aren’t engaged in security training and best practices, it limits the security team’s ability to effectively mitigate security threats. Understanding where your security culture is today is an essential first step to build an effective cybersecurity strategy.”