Jump to content

Security culture

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Nøkkenbuer (talk | contribs) at 04:52, 7 June 2016 (See also: minor wikilinking cleanup). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Security culture is a term used to describe the ideas, customs and social behaviors of a group of people, that impacts their security.[1][2] Security culture is a subset of the larger cultural scope of any particular people or group. Today, security culture is being used to describe the kind of behaviors organizations would like to see in their employees, in areas like cybersecurity, physical security and personnel security. The term is used by government institutions within defense, police and intelligence agencies to explain the focus on security, security trainings and the need to change an individuals behavior into a behavior that is coherent to the security behaviors determined by the organization.

All groups of people have a security culture. The difference between groups is determined by the level of security focus in their culture, which can be measured on a continuum—from bad to excellent. Groups who need secrecy of their information, or have determined they require a higher level of security, tends to build a better security culture.

Security culture is also being used by activist groups and other groups who have a focus on a secure behavior of their followers.

An example of how activists define security culture, is below. This definition is political and not neutral.

A set of customs shared by a community whose members may engage in illegal or sensitive activities, the practice of which minimizes the risks of such activities being subverted, or targeted for sabotage. The term is used in the context of activist groups and movements, particularly ones that might be involved in direct action, but it is also in use in most corporations, and certain arms of government. The main focus of a security culture is keeping infiltrators and other potentially damaging parties out.[3]

See also

References

  1. ^ Definition of Security Culture as used by the Security Culture Framework. Retrieved 20160323 from https://securitycultureframework.net/
  2. ^ Defined in the book "Build a Security Culture" by Kai Roer, March 2015: http://www.itgovernance.co.uk/shop/p-1687-build-a-security-culture.aspx
  3. ^ "Security Culture." Retrieved 20070104 from http://security.resist.ca/personal/culture.shtml