The following references have been used to support the Lightning Talk deliverd at BSides Athens 2021 event. You may watch it here.
Cybersecurity culture refers to the knowledge, beliefs, perceptions, attitudes, assumptions, norms and values of people regarding cybersecurity and how they manifest in people’s behaviour with information technologies. (ENISA, Cyber Security Culture in Organisations, 2017)
- Cybersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity
- Cybersecurity Culture in organisations
- The contribution of fostering a cyber security culture in organizations’ cyber resilience - Introduction of Schein's "Enhanced" Framework
- A Cyber-Security Culture Framework for Assessing Organization Readiness
- Da Veiga’s Information Security Culture Framework
- Organizational Cybersecurity Culture Model
- AlHogail’s information security culture framework
- Tolah et al. comprehensive information security culture framework
- Nel and Drevin’s identification of key elements for ISC
- KasperskyLab Cybersafety Culture Assessment
- CLTRe Security Culture Framework
- CybSafe’s Culture Assessment Tool
- CultureAI
- Security Awareness Radar by TreeSolution
- IBM X-Force Threat Intelligence Index 2021 - Key Insights
- The role of human error in cybersecurity: what the stats tell us
- The Human Factor Report
- New CISOs should focus more on people and less on tech, report finds
"A journey of a thousand miles begins with a single step" (Lao Tzu)