Blog

Cybersecurity Committee: Creating Cyber Security Leadership and Culture

For a more visual presentation, download the Cybersecurity Committee's Step Three Part One infographic here. Otherwise, read the blog below!

• Executive Support, Participation and Knowledge
  • Support from Senior Leadership is the crucial first step to the success in building a Cyber Security Culture in your organization. Participation and knowledge are what sustains it.
• Clear Communication Plan
  • Communication can make or break the plan. Provide good communication early and often to keep your employees informed and engaged. Share successes.
• Awareness Education/Training
  • Remember, your employees are not Cyber Security Experts. They are good at doing the things that make your organization run. Invest in good tools to education them and make it fun.
• User Friendly Process/Tools
  • Ease of use goes a long way in adoption of the Cyber Security Culture. If it's difficult and time consuming, employees are likely to go around it.
• Celebrate the Wins and Don't Promote Shame
  • Remember you are starting from zero. When something good happens, celebrate it. When a mistake is made, learn from it.
• Performance Evaluation
  • Evaluation starts at the top. Participation and awareness are needed at every level of the organization. Be honest about how your organization is performing.
• Culture Transformation
  • The goal is to sustain transformation. This isn't a project; it is a culture shift.

• Small - All roles under one/two employees
• Medium - Roles fall under 2-4 employees
• Large - Rolls are typically separated out to departments for each area

• Executive Sponsor
• Communications
• Policy Maker
• Procedure Writer
• Implementation
• Monitoring/Maintaining

To learn more from the PSA Cybersecurity Committee, visit PSAEducation.com!