The competitive edge
Gartner®, Innovation Insight on Security Behavior and Culture Program Capabilities, William Candrick, Richard Addiscott, Andrew Walls, Alex Michaels, 16 November 2022.
This report is a must-read for anyone who wants to stay ahead of the curve in security awareness.
It provides a comprehensive overview of the latest trends in security behavior and culture program (SBCP) capabilities. It’s packed with insights that you can use to improve your own security program.
“Eighty-four percent of cybersecurity leaders want to mitigate risk by managing employee behavior, yet under half (43%) consistently track behavior and few deploy effective solutions.”
“Core capabilities offered by security awareness computer-based training (SACBT) vendors achieve regulatory and audit compliance — and some rudimentary behavior change — but fail to make impactful changes to human risk.”
“Security behavior and culture programs (SBCP) adopt emerging capabilities — including behavioral science principles, data analytics and automation — to reduce risk exposure via measurable culture change.”
Source: Gartner®, Innovation Insight on Security Behavior and Culture Program Capabilities, By William Candrick, Richard Addiscott, Andrew Walls, Alex Michaels, 16 November 2022
Disclaimer: GARTNER® is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Creating a security conscious culture
Janet’s fascinating career journey, which began in journalism and included stints in media relations and paralegal work, eventually led her to the dynamic field of security awareness, even though it was initially only supposed to occupy 10% of her time in a domestic U.S. insurance company.
Today, Janet and Joe look at the Gartner Report into CISO Foundations Building a Culture of Security Consciousness. Throughout their discussion, they challenge the notion that security awareness is limited to phishing exercises and annual training. Janet highlighted the need for a broader range of metrics that go beyond click rates to measure behavioral change effectively.Localization and cultural considerations in security awareness, vendor partnerships, and long-term strategies for building security awareness programs are discussed.
Joe Giddens Director of Content & Communication, CybSafe
Janet Roberts Former Global Head of Security, Education, and Awareness for Zurich Insurance.