by Perry Carpenter (Author), Kai Roer (Author)
Mitigate human risk and bake security into your organization's culture from top to bottom with insights from leading experts in security awareness, behavior, and culture.
The topic of security culture is mysterious and confusing to most leaders. But it doesn't have to be. In The Security Culture Playbook, Perry Carpenter and Kai Roer, two veteran cybersecurity strategists deliver experience-driven, actionable insights into how to transform your organization's security culture and reduce human risk at every level. This book exposes the gaps between how organizations have traditionally approached human risk and it provides security and business executives with the necessary information and tools needed to understand, measure, and improve facets of security culture across the organization.
The book offers:
- An expose of what security culture really is and how it can be measured
- A careful exploration of the 7 dimensions that comprise security culture
- Practical tools for managing your security culture program, such as the Security Culture Framework and the Security Culture Maturity Model
- Insights into building support within the executive team and Board of Directors for your culture management program
Also including several revealing interviews from security culture thought leaders in a variety of industries, The Security Culture Playbook is an essential resource for cybersecurity professionals, risk and compliance managers, executives, board members, and other business leaders seeking to proactively manage and reduce risk.
Front Jacket
An expert demonstration of weaving security into your organization's culture
In The Security Culture Playbook, two of the world's foremost experts in security awareness, behavior, and culture deliver actionable insights--grounded in data and their own extensive experience--into how to revamp your organization's security culture and reduce behavioral risk at every level of your company. You'll discover the shortcomings in how firms have traditionally approached human risk and strategies and how to understand, measure, and improve every facet of your company's security culture.
The authors demonstrate what security culture really means and how it can be measured, and identify the seven dimensions that make up a culture of security. You'll find practical tools for managing your security culture program, including the celebrated Security Culture Framework and Security Culture Maturity Model. Importantly, you'll also gain critical insights into how to build support within your executive team and Board of Directors to implement your culture management program.
Perfect for cybersecurity professionals, risk and compliance managers, executives, board members, and other business leaders, The Security Culture Playbook delivers a concrete blueprint for producing real change, reducing risk, and proactively managing your company's exposure to cybersecurity threats. You'll also find:
- Revealing interviews from security culture thought leaders in a variety of industries
- Strategies for bringing all the security culture pieces together into a coherent program
- Actionable and modern insights from sociology and other academic disciplines
- In-depth explanations of how to implement and shape behavioral outcomes, foster social pressures, and create positive patterns
Back Jacket
"Perry's exploration of security as a cultural force, created by processes and communications but separate from them, is a unique look into precisely that zone of our identity."
-- Matt Wallaert, Behavioral Scientist and author of Start At The End: How to Build Products That Create Change
" Perry has his finger on the pulse of security awareness culture and knows how to bring it to life. His real-world expert advice focuses on what is actionable and most essential for protecting your organization right now."
--Rachel Tobac, CEO of SocialProof Security and Friendly Hacker
"I can't think of a better guide for organizational executives trying to reduce their inherent risk via an improved internal security culture."
--Rick Howard, CSO, Chief Analyst, and Senior Fellow at the CyberWire
"I have seen Kai Roer demonstrate his passion and sincere dedication to improving the security culture of organizations for many years ... Kai providing guidance for executives to understand their role and responsibility for creating a secure business ecosystem through using The Security Culture Playbook is a brilliant idea!"
--Rebecca Herold, CEO of The Privacy Professor consultancy, and Privacy & Security Brainiacs SaaS services
"There is no one better placed to present expertise related to security culture than Kai."
--Raj Samani, McAfee Fellow, Chief Scientist
Author Biography
PERRY CARPENTER, CCISO, MSIA, is an author, podcaster, thought leader, and cybersecurity expert specializing in security awareness and the human factors of security. His research focuses on marketing, communication, behavior science, organizational culture management, sociology, and more.
KAI ROER is the author of several books on security and leadership, a keynote speaker, and a thought leader in the security culture field. In addition to his research, he is an entrepreneur and the inventor of technology and frameworks that transformed the information security industry.