Security Culture
Report cover of Security Culture: A strategic capability that builds resilience in a volatile world

Security Culture: A strategic capability that builds resilience in a volatile world

Many organizations today operate in a complex and volatile security environment. Security teams play a critical role, but they are only part of the story. No matter how well-designed security governance structures, controls, and technologies may be, they cannot on their own deliver secure outcomes at scale. Security is ultimately enacted through the everyday actions, decisions, and behaviours of employees, contractors, and partners. When people feel pressured, confused, disengaged, or fearful of consequences, even the strongest security frameworks can be undermined.  

This report, published by ASIS International and sponsored by the ASIS Foundation covers: 

  • Definition of security culture 
  • Key concepts underpinning security culture 
  • A security culture framework: attitudes, knowledge, behaviour, communication, compliance, and empowerment 
  • Measuring security culture 
  • How to build a security culture strategy 

 

The Full Report is available to ASIS members or can be purchased by nonmembers. 

Executive Summary (283.25 KB)