What do Organizations Need to Build a Security Minded Culture?
As many organizations struggle with ongoing phishing attacks, data breaches and lapses in physical security, they continue to wonder why employees are making poor security decisions despite the availability of training. The answer is that merely offering security training once or twice a year doesn’t build the habits, mindset and motivation needed for employees to care about protecting the organization. Instead of offering “check the box” training, organizations of all sizes should look at continuous learning programs that focus on building users’ ownership and responsibility for safeguarding the organization’s data and IT assets. That sense of ownership and responsibility is one component of a security-minded organizational culture.