Does A Bad Corporate Culture Equal A Bad Cyber Security Culture?
October is Cyber Security Awareness Month and every year I hear how impossible it is to patch the human firewall, the human being is the weakest link, etc. and I was reading the attached article and it dawned on me. I read somewhere that most employees are unhappy, so I did some research and found a report published last year by Mind The Workplace about job satisfaction and it said that 71% of employees are either “actively looking for new job opportunities” or had the topic on their minds “always, often or sometimes.”
It got me to thinking, if you have a bad corporate culture, with unhappy employees, they can simply care less about cyber security! Yes, even in October! The attached article states that only “34% of employees have a sound understanding of their role in their organizations’ security culture.” So that means 66% either don’t know or don’t care. The numbers track so I think I am on to something here. :-)
Corporate culture is of course a fickle thing, hard to grasp but one thing is for certain, your company culture is defined by your leadership. Educate leadership better on their responsibility in improving your cyber security culture, to set an example for employees. Also, if you can somehow weave cyber security into your efforts to improve your company culture then maybe movement can be made. And maybe people will begin to care.