Skip to main content
close search
site logo
Dive Brief

Few employers have a culture that supports cybersecurity

Published Oct. 19, 2018
By
Valerie Bolden-Barrett Contributor
Deposit Photor

Dive Brief:

  • Nine in 10 organizations said the cybersecurity cultures they have aren't like the ones they want, according to the Cybersecurity Culture Report. The poll of 4,800 business and technology professionals also found that only 5% of organizations think their organizations' cybersecurity cultures are as advanced as they should be to protect against internal and external threats. The report's creators, the Information Systems Audit and Control Association (ISACA) and its enterprise, the CMMI Institute, describe a cybersecurity culture as one that incorporates cybersecurity into all of an organization's operations.
  • Other study results show that in organizations with high employee involvement in cybersecurity, 92% of respondents said C-level leaders have and share an excellent understanding of underlying cybersecurity issues. But 42% said their organizations lack a specific cybersecurity culture management plan or policy. Organizations with a gap between what they have in a cybersecurity culture and what they want spend 19% of their cybersecurity budget on tools and training, while those with cultures that are more supportive of cybersecurity spend far more (43%) on tools and training.
  • The study concluded that there's a correlation between company-wide employee involvement and organizations' satisfaction with their cybersecurity culture.

Dive Insight:

While cybersecurity may seem like an IT-only issue, a modern company requires HR and IT to work together on training employees and drafting cybersecurity policies to truly make security part of a company's culture. 

A Clutch report released in May showed that nearly half (47%) of employees don't acknowledge their employers' cybersecurity policies. Clearly, having a policy isn't enough; company-wide communication and training are needed and more critical now, with the rise in security breaches.

Employers shouldn't rely solely on password changes either; some organizations are turning to biometrics for an extra layer of security. Others are starting to use simulation to teach employees how to recognize breaches and lessen the damage attacks can have on IT systems. 

Employees are typically on the front lines when security breaches occur. Unsuspecting workers are caught off guard and unprepared. To remedy that, a Harvard Business Review report advises employers to keep cybersecurity policies user-friendly and simple for employees.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
Goodpath Launches Whole-Person Care Pathways for Diabetes and Weight Management
From Goodpath
October 23, 2024
LearnLux Financial Wellbeing Named Top 25 Work Tech Vendor
From LearnLux
November 07, 2024
Ignition Coaching Partners with ion Learning to Launch Breakthrough Solution to Employee Burno…
From ion Learning
October 24, 2024
CuraLinc Healthcare Expands Partner Network Announcing Strategic Oshi Health Partnership
From CuraLinc Healthcare
November 05, 2024
Editors' picks
Latest in HR Management
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell