Information security is taking place at senior management agenda around the world. Nowadays, too many enterprises have a specific area of information security in its structure. This area is responsible for protection the sensitive information. This protection is about from leaking, unauthorized access and integrity. However, a question is the main concern of managers. How will we protect the information against our poor security culture?
This question is about how many changes are needed to put in practice to increase information security maturity, and it is a person (human resource) issue. Change the people´s mind set is a hard task, because these influence the life style of them. There are many studies around the world about Corporate Culture Change. Most of them indicates that you will take at least one year to change Corporate Culture about one subject. Can you understand what you will face?
All vulnerabilities found inside the enterprises are same that affect all employees in your personal lives. Some common problems are missing information backup, antivirus not updated, information duplicated, bad user behavior, security misconfiguration, missing passwords, weak passwords and many other things.
The main strategy is making the information security a subject to be discussed inside the employee’s home. To begin this change is necessary to ask a personal question: How do you protect your credit card? Why this question is important? Simple, when you touch the people´s money, they will feel security impacts and will be aware about information security needs. With these examples is simpler to compare personal information security with corporate information security.
Moreover, all of company´s employees are active piece of business operation. Without employees, there are no business operation, so there are no reason to company existence, right? Therefore, we need to increase efforts to improve Corporate Security Culture. Information security is much more that technical controls, is about Business, People and Technology!