When we develop a security program, we are usually focused on tangible things like understanding people's expectations, understanding the risk scenario, setting a business case and strategy plan, and striving to be compliant to applicable regulations. The only issue in this approach is ignoring one of the main components: organizational culture.
This presentation shares some lessons learned from 10-plus years' experience in leveraging and confronting organizational culture during security program implementations. In addition, we'll share some frameworks and tools that can be used to help security professionals in this kind of journey.
Learning Objectives:
Understand how organizational culture could be used as leverage to the security program, and not as a barrier.
Extend the career portfolio over traditional technical knowledge and be able to see how human factors can enable the participants to be more effective at their journey in the field.
Be more strategic on leading security programs that go beyond technology and processes by considering the organizational culture in the equation.
