The current year, 2017, has already seen an excessive amount of cyber security disasters, apart from the continuation of standard corporate breaches. In the first half of the year, there had already been full-on campaign hacking, leaks of spy tools from intelligence agencies and viral, state sponsored ransomware. In the light of such serious incidents and the constant evolution of cyber threats, it is ironic that employees in most organisations seem to lack a strong security culture. Furthermore, the organisational trend to ensure cyber security, seems to focus on more high-tech and new-tech solutions to threats, rather than addressing the human domain. The latter is another irony, as statistically, most breaches happen because of human error and not systems vulnerabilities. This paper discusses possibilities why people generally lack the will to adhere to cybersecurity policies and procedures and proposes a framework for cybersecurity skills education and training as well as measures to improve and maintain a cyber security culture in organisations that differs from the current beaten track of compulsory content driven awareness training.
Reference:
Van 'T Wout, M.C. 2019. Develop and maintain a cybersecurity organisational culture. In: Proceedings of the 14th International Conference on Cyber Warfare and Security, Stellenbosch University, 28 Feb - 1 Mar 2019
Van 't Wout, M. C. (2019). Develop and maintain a cybersecurity organisational culture. ACPI. http://hdl.handle.net/10204/11345
Van 't Wout, Magdalena C. "Develop and maintain a cybersecurity organisational culture." (2019): http://hdl.handle.net/10204/11345
Van 't Wout MC, Develop and maintain a cybersecurity organisational culture; ACPI; 2019. http://hdl.handle.net/10204/11345 .
Presented in: Proceedings of the 14th International Conference on Cyber Warfare and Security, Stellenbosch University, 28 Feb - 1 Mar 2019. Due to copyright restrictions, the attached PDF file contains the abstract of the full-text item. For access to the full-text item, please consult the publisher's website.
