cltre-slider-1

Our new Security Culture Report gives you insight on your industry like never before

Objective scientific method for assessing, reporting and comparing the relative cybersecurity culture-related strengths and weaknesses of individuals, organizations, industry sectors, and regions.

Download the Report Now!

Measure to Improve - Security Culture Report 2020

Think about your organization’s security culture and answer the following questions:

  • Do you even have a security culture?
  • What does it look like?
  • What does it mean to you?
  • Is it supported and role modeled by leadership?

If you’re having difficulty answering any of these questions, then your security culture is most likely not well defined or apparent to your employees.

Well, you’re in luck because KnowBe4 has done the research to put you in the know.

KnowBe4’s Security Culture Report is the result of data collected from 120,000 global employees in the following industries: Banking, Financial Services, Insurance, Consulting, Business Services, Technology, Healthcare & Pharmaceuticals, Consumer Services, Not for Profit, Other, Retail & Wholesale, Legal, Manufacturing, Government, Construction, Energy & Utilities, Transportation & Education.

The purpose of the Security Culture Report is to provide an objective scientific method for assessing, reporting and comparing the relative cybersecurity culture-related strengths and weaknesses of individuals, organizations, industry sectors, regions and across the following 7 dimensions: Attitudes, Behavior, Cognition, Communication, Compliance, Norms & Responsibility.

Security Culture Report
Download the Report Now!

Dimension

Definition

Attitudes

The feelings and beliefs that employees have toward the security protocols and issues

Behaviors

The actions and activities of employees that have direct or indirect impact on the security of the organization

Cognition

Employees’ understanding, knowledge, and awareness of security issues and activities

Communication

The quality of communication channels to discuss security-related topics, promote a sense of belonging, and provide support for security issues and incident reporting

Compliance

The knowledge of written security policies and the extent that employees follow them

Norms

The knowledge of and adherence to unwritten rules of conduct in the organization

Responsibilities

How employees perceive their role as a critical factor in sustaining or endangering the security of the organization


The research provided a security culture score which is a measurement that describes the overall security culture of an organization. By aggregating the scores of organizations in each industry, we can learn how each industry compares across the seven outlined dimensions of security culture. In general, a score below 80 is considered moderate, and a score below 60 is poor to moderate.


Security Culture Report

When was the last time you took the attitude pulse of your employees relative to security?

If there is a level of indifference vs. ownership, especially from the top, that can create significant issues with overall employee adoption and poor attitudes. Your end-users need to see your leadership “walk the walk.” And, they need to believe that the work they do, coupled with their adherence to security policies, really makes a difference.

Expected organizational security behaviors need to be taught, modeled, and reinforced. Your employees may have bad security related behaviors, either acquired on their own or collected through a lack of organizational discipline, that you need to fix through training, coaching and reinforcement.

The power of the Security Culture Report is that it helps you better understand the distinct factors that comprise an otherwise amorphous concept. Armed with an understanding of the 7 dimensions of Culture, you can then begin to consider your own organization’s security culture – and you can begin to intentionally measure and move your culture to improve your security and reduce risk.

Ready to begin the journey? Download the 2020 Security Culture Report from KnowBe4 Research.

Want to measure your own Security Culture? KnowBe4 customers have access to the Security Culture Survey (SCS) in the ModStore Training Library.

Download the Report Now!


Get the latest about social engineering

Subscribe to CyberheistNews