Question

In: Computer Science

IT/IS security culture can be described as the way we do things around here. What contributes...

IT/IS security culture can be described as the way we do things around here. What contributes to a company's IT/IS culture?

Solutions

Expert Solution

Answer :


We all are human beings. We do the things what we do, by and large beacause
it is the way that we have always done them. The same philosphy can be said
of cultures in our society and even in the organizations for which we work.
As a whole culture is everything, as it relates to information security.

In this modern day everyone knows how crucial security is and how it must be
included into everything an organization does. You can hear about the data breach
in an Information Security department taht resulted in lost data. Security is
widespread and mainstream.We need to focus on to build good rules and behavior
and then informing and enforcing them on the employees so that a strong security
culture could be build in IT/IS companies.

An organization's security culture requires care and great consideration. For
this one must have to inverest in security culture. When a security culture is
built it transform security from one event into a lifecycle that generates security
returns forever.

There are many things that contributes in comapny's IT/IS culture :

1. Delivering the concept that security culture belongs to everyone :

Employee of company have the opinion that the security depaertment is responsible
for security. Sustainable security culture requires everyone's contribution in
organization. So we have to deliver this message that security belongs to everyone.

2. Focus on security awareness:

Security awareness can be a process of teaching your entire team the basic lessons of
security. You will have to set each person's ability to judge threats before asking them
to understand the threats.Security awareness process must be easy to understand so that
whole employee of the oragranization can understand it.

3. Creating secure development lifecycle :

Secure Development Lifecycle is the root to sustainable security culture. It is a process
that your organization agrees to perform each software or system release. It includes all
the specification of the system requirements, threat modellingand security testing activities.

4. Give reward to those people who do contribute for security:

It ensures that every employees will be contributing in building security culture. It motivates
employee to do the right thing for security.


Related Solutions

IT/IS security culture can be described as the way we do things around here. What contributes...
IT/IS security culture can be described as the way we do things around here. What contributes to a company's IT/IS culture?
How would you react to the typical “this is how we do things here” response to...
How would you react to the typical “this is how we do things here” response to change? How can you help the employees make their transition from the unawareness stage to the action stage (stages in the acceptance of individual transition)? Specially thanks to the change curve we can predict people’s emotions and reactions to change. in reference with ringtone: exploring the rise and fall of nokia in mobile phones
What are some new things concerning training implementation that we can do now that we could...
What are some new things concerning training implementation that we can do now that we could not do before?” What do you think are the most promising new developments in HRD delivery or implementation? Why?
What are some new things concerning training implementation that we can do now that we could...
What are some new things concerning training implementation that we can do now that we could not do before?” What do you think are the most promising new developments in HRD delivery or implementation? Why?
What are some general things a company can do to reduce its DBMS security cost? Give...
What are some general things a company can do to reduce its DBMS security cost? Give some examples and why it would be cheaper for any company to have these options.
What are two things in the repeated measure anova test that we can do in our...
What are two things in the repeated measure anova test that we can do in our study that would increase our power?
In healthcare, what are things that we do or things that happen that make employees feel...
In healthcare, what are things that we do or things that happen that make employees feel unsafe?
Integrity can be described as a congruence (match) between what we think, say and do in...
Integrity can be described as a congruence (match) between what we think, say and do in our personal lives and our professional lives. It is indicative of honesty, moral strength, and courage. The concept of "core values" can be described as those values that guide our behaviors and serve as a vision for our life. As noted in this week's course material: "When you are able to identify your core values, you have a clear picture of the kind of...
Workstation security can be an issue in many organizations. What are some of the things a...
Workstation security can be an issue in many organizations. What are some of the things a health care organization can do to secure a workstation to ensure no PHI is viewed by someone who is not authorized to view it?
What are three things we can do at a citywide or county wide (ie local) level...
What are three things we can do at a citywide or county wide (ie local) level to slow the process of climate change? Explain briefly how each one would directly lower carbon emissions. (write answer in own words don't copy from internet.)
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT