Fostering a strong cybersecurity culture is recognized by those in the profession as a foundational element of creating a strong and healthy security program. However, recent research by TechTarget’s Enterprise Strategy Group and the Information Systems Security Association (ISSA) found that many CISOs believe that firms have a long way to go in establishing appropriate cybersecurity cultures within their organizations.
Just what is cybersecurity culture? The European Union Agency for Network and Information Security (ENISA) offers the following definition: