Security Spotlight: How to create a positive security culture

There is mounting pressure on organizations to assess their email security under regulations including GDPR, NIS2 and DORA. The tools we use every day to manage sensitive data must reach the standards of data protection regulations. In addition, awareness and training is a common theme across all laws; indeed, every employee has a role to play in information security. However, establishing a positive security culture is often easier said than done.

In our latest Security Spotlight webinar, Inge Wetzer, Social psychologist in cybersecurity & compliance at Secura, and Nadine Hoogerwerf, CISO at Zivver, share insights on how to motivate secure behaviors to avoid data loss and meet compliance. 

“In psychology, behavior is made up of three components. Capacity; people should have the ability to do what they should do and be able to perform the behavior. The second one is motivation; people should be willing to perform the secure behavior. And the third one is opportunity; people have to be enabled to do what we want from them. And that is one factor that is frequently overlooked when organizations start security programs for their people. Are the things we asked from our employees actually doable? Are they workable? If not, they will create workarounds. So, the first step to motivating people to perform the behaviors that you want to see from them is to make sure that you facilitate them in the right way, and that the things you ask of them are actually doable. That is the first check you should always start with.” Inge Wetzer, Social psychologist in cybersecurity & compliance at Secura  

 Register to learn: 

• The signs of security fatigue and how to tackle it 
• How to avoid overwhelming employees with information and expectations 
• The biggest security risks hidden in plain sight and how to prevent them 
• Actionable steps to establish a positive infosec conscious culture 

Watch the webinar.