For years, the (information|cyber) security industry has been pouring money into security awareness programmes. According to Gartner, some 2.6b USD was invested in computer based security culture programmes in 2015 alone. That is, the 2.6b USD only includes the money spent on computer based training programmes — imagine the amount…

I think it is time to realise that the days of self-hosting blogs is over and gone. With great new platforms like Medium, sharing thoughts and ideas becomes much more valuable — more readers equals more impact, and when you set out to create a better world, impact matters. I…

In March 2016, I attended the CeBIT in Germany. I was a part of the IBM booth, and my startup company CLTRe (https://get.clt.re) was invited to showcase our products as part of the IBM booth. A security culture specialist as I am, I could not help but make a few…

The Call for Presentations at the Security Culture Conference 2016 is open! Join your peers in Oslo, Norway to share your experiences, to learn, and to engage in discussions and panels on how to build and maintain security culture. The conference is two-days, two-tracks, with networking opportunities, exhibition area, Norwegian…

Culture is an interesting thing. We all live in it, we embrace it and we are totally dependent on it. It is also very easy to dismiss — it is only when we see other groups of people, and realizing they are not doing things like we do, that we…

Another Security Culture Summer Camp is over, and five weeks of learning how to build and maintain security culture is over for now. During the summer camp, students — security professionals — from around the world have learned how to use the Security Culture Framework to build and maintain security…

It is with great pleasure I invite you, you readers, to this special opportunity to join a full-day workshop on the Security Culture Framework. Why is this such a big thing? Simple: Previously, we have only done half-day workshops on parts of the workshop, or virtual workshops like the Security…

In June 2015, I visited Thailand, and the beautiful Bangkok. My visit was business first, as I was invited to lecture the psychology of security at the Mahidol University, and to be on a panel on cloud security standards on the CSA ASEAN Summit 2015. I did enjoy a couple…

Security culture is gaining popularity around the world, and I am continuing talking and training the topic. This time at the virtual summit Brighttalk Summit Incident Response and Insider Threats EMEA 2015. A virtual summit means I do not have to travel, and nor do you! Another bonus as far…