Information Security Culture: It’s Time to Upgrade to 2.0 (Info Security)


Information security requires an approach that involves people, process and technology. But, while we have made great strides in technological advancements in information security, security culture for many organizations remains in a state of stasis.

For enterprises to achieve the level of information security needed for today’s world, major changes to culture and process must be addressed.

Modern businesses have digital adversaries; that is a fact we, as information security professionals, face every day. If you are like most infosecurity professionals I know, the challenges you face can seem insurmountable: keeping apprised of new threats, finding security vulnerabilities in systems, hiring and training new staff and getting the buy-in of C-level execs who never seem to “get it.”

With the rapidly changing threats we now face, businesses need new approaches to information security and professionals that can think strategically about big picture challenges while having the tactical acumen and agility to respond to threats.