by Claire Harratt

Head of Managed Security Awareness Services

Connect with Claire Harratt on Linkedin Connect with Claire Harratt on Linkedin

The Challenges of Creating a Robust Security Culture

There is no doubt that creating a robust security culture within your organisation can lead to a reduced risk of cyberattack, but where do you start?


Key questions to ask yourself

  • How can I define security culture?
  • How do I measure it?
  • How do I create/enhance it?
  • How do I approach this when most people are now working from home?


A research study conducted by Forrester and commissioned by KnowBe4 concluded the following:

Forrester stats - knowbe4 blog


At Saepio, we see these stats borne out time and time again. There is a seeming disconnect between the aims and objectives of traditional security awareness training programs and the actual outcomes. The effectiveness of any awareness program ultimately depends upon the behaviour of people. Behaviour though, depends not just upon what people know, but how they feel, and what they actually do when they are confronted with a security dilemma.

Creating a strong security culture can influence how your people feel about security, and their consequent security behaviours, but how do you define it, create and measure it; not least with today’s highly distributed workforce?


The good news is that it is possible!

The Challenges of Creating a Robust Security Culture

As a first port of call we recommend downloading CLTRe’s ‘Security Culture Report 2020’. If you’d like to learn more about approaches for creating, measuring and enhancing security culture/behaviours then why not join us for an exclusive, interactive cocktail/mocktail making event where we will be looking at practical solutions you can implement now to improve your security culture and employee engagement with your awareness programs.