Culture Is Where Great Cybersecurity Begins

Posted on by Victor Congionti

As more businesses realize how critical cybersecurity is becoming to the success of their organization, it is paramount that companies of all industries have a strategy for improving the culture around data protection. To properly execute the cybersecurity goals of the business, employees must have a positive attitude, adhering to the policies and procedures set forth by leaders of the business. Companies regularly struggle with compliance but fail to look internally at why there aren’t better approaches to employee engagement. Together, we need to further be alert and help educate so that we truly change the culture in cybersecurity. 


There are infinite ways in which organizations can increase awareness and get more resources out to employees that will help bolster confidence in the security framework. One approach businesses should use is to regularly share news stories and current events highlighting recent cybercrime tactics and vulnerabilities. As cybersecurity continues to evolve, cybercriminals are using a variety of attack vectors to gain unauthorized access to business data. If employees are more aware of what’s happening on a regular basis, then we are all reminded of how ongoing this issue has become. 


It’s evident that cybersecurity won’t be achieved through individual accomplishment or one department at an organization. This is beyond an issue of one particular role or function, across any IT responsibility or technical asset. So, let us now think about the variety of positions where data security is needed, and create significant, meaningful change during training and implementation of resources. Cybersecurity will mean something different to each person in an organization, and the key to this junction is defining what different employees think about it with the most context. 


Participation must be underscored as a principle to successfully change our values of cybersecurity in the workplace. Without regular engagement and exercises to help us become more familiar with how, not just why the cyberthreats are carried out, the tangibility of the practice can become a reminder for many. Frequently testing for phishing and incoming cyberthreats can create playful competition between departments, adding excitement and sportsmanship to cybersecurity, too. 

As businesses, consumers, and government agencies alike around the world celebrate National Cybersecurity Awareness Month this upcoming October, there’s never been a better time to start improving the culture and attitude around cybersecurity. Local and national initiatives can help engagement through creative social media campaigns and fun platforms. Take the time to really make a difference in the way we collectively think about the security goals for the organization and apply a more positive approach to culture. If we educate through interest and expand our approaches to educating our current and next generations, cybersecurity will be the threshold between business culture and beyond. 


Changing the culture at an organization is truly where great cybersecurity begins. With more resources and awareness being directed at employees and having their attitudes change, we can collectively leave a lasting impact that can bolster cybersecurity much more than any one product or service. The future of cybersecurity success lay within businesses and their willingness to grow this culture!

Victor Congionti

Co-Founder & Chief Information Officer, Proven Data

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs