Today, my company CLTRe published its annual security culture report. In the 2018 edition, we examined the differences (and similarities) of 7 different languages across 8 countries. The findings are quite revealing. Most notably, there are quite some variation in the total scores — Finland and Poland seems to have a better security culture than the rest, and Holland and Denmark seems to be doing worst. If we start looking at individual security culture dimensions, for example Communication, there are quite large differences too.

For years, the (information|cyber) security industry has been pouring money into security awareness programmes. According to Gartner, some 2.6b USD was invested in computer based security culture programmes in 2015 alone. That is, the 2.6b …

I think it is time to realise that the days of self-hosting blogs is over and gone. With great new platforms like Medium, sharing thoughts and ideas becomes much more valuable — more readers equals more impact, and when you set out to create a better world, impact matters. I…

In March 2016, I attended the CeBIT in Germany. I was a part of the IBM booth, and my startup company CLTRe (https://get.clt.re) was invited to showcase our products as part of the IBM booth. A security culture specialist as I am, I could not help but make a few…

The Call for Presentations at the Security Culture Conference 2016 is open! Join your peers in Oslo, Norway to share your experiences, to learn, and to engage in discussions and panels on how to build and maintain security culture. The conference is two-days, two-tracks, with networking opportunities, exhibition area, Norwegian…

Culture is an interesting thing. We all live in it, we embrace it and we are totally dependent on it. …

Another Security Culture Summer Camp is over, and five weeks of learning how to build and maintain security culture is over for now. During the summer camp, students — security professionals — from around the world have learned how to use the Security Culture Framework to build and maintain security…

It is with great pleasure I invite you, you readers, to this special opportunity to join a full-day workshop on the Security Culture Framework. Why is this such a big thing? Simple: Previously, we have only done half-day workshops on parts of the workshop, or virtual workshops like the Security…

In June 2015, I visited Thailand, and the beautiful Bangkok. My visit was business first, as I was invited to lecture the psychology of security at the Mahidol University, and to be on a panel on cloud security standards on the CSA ASEAN Summit 2015. I did enjoy a couple…