Recently, in a blog titled “Cybersecurity Predictions for 2014 and Beyond,” Matt Rosenquist stated that:
“People are an integral part of security and our behaviors are one of the most important aspects. However, psychologically, most people defer the responsibility of security to other entities such as product manufacturers, software vendors, service owners, law enforcement, or system administrators. It has been a long road, but this year I predict society will begin to look inward and realize they have tremendous control over their security and it is their actions which fuel the cause-and-effect cycle.”
Indeed, many IT and security professionals struggle with the human error aspect of keeping the enterprise secure. Some address the issue through employee education, while others try expository methods, such as phishing simulations.
In the comments section, tell us about your perspective on fostering a culture of security within your organization. Please feel free to share tips, or provide a counter-view of some traditional methods!