16,99 €
16,99 €
inkl. MwSt.
Sofort per Download lieferbar
0 °P sammeln
16,99 €
Als Download kaufen
16,99 €
inkl. MwSt.
Sofort per Download lieferbar
0 °P sammeln
Jetzt verschenken
Alle Infos zum eBook verschenken
16,99 €
inkl. MwSt.
Sofort per Download lieferbar
Alle Infos zum eBook verschenken
0 °P sammeln
- Format: PDF
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
Bitte loggen Sie sich zunächst in Ihr Kundenkonto ein oder registrieren Sie sich bei
bücher.de, um das eBook-Abo tolino select nutzen zu können.
Hier können Sie sich einloggen
Hier können Sie sich einloggen
Sie sind bereits eingeloggt. Klicken Sie auf 2. tolino select Abo, um fortzufahren.
Bitte loggen Sie sich zunächst in Ihr Kundenkonto ein oder registrieren Sie sich bei bücher.de, um das eBook-Abo tolino select nutzen zu können.
- Geräte: PC
- mit Kopierschutz
- eBook Hilfe
- Größe: 2.42MB
Produktdetails
- Verlag: Jossey-Bass
- Seitenzahl: 256
- Erscheinungstermin: 8. März 2022
- Englisch
- ISBN-13: 9781119875291
- Artikelnr.: 63584578
Dieser Download kann aus rechtlichen Gründen nur mit Rechnungsadresse in A, B, BG, CY, CZ, D, DK, EW, E, FIN, F, GR, HR, H, IRL, I, LT, L, LR, M, NL, PL, P, R, S, SLO, SK ausgeliefert werden.
- Herstellerkennzeichnung Die Herstellerinformationen sind derzeit nicht verfügbar.
PERRY CARPENTER, C CISO, MSIA, is an author, podcaster, thought leader, and cybersecurity expert specializing in security awareness and the human factors of security. His research focuses on marketing, communication, behavior science, organizational culture management, sociology, and more. KAI ROER is the author of several books on security and leadership, a keynote speaker, and a thought leader in the security culture field. In addition to his research, he is an entrepreneur and the inventor of technology and frameworks that transformed the information security industry.
About the Authors viii
Acknowledgments xii
Introduction xxv
Part I: Foundation 1
Chapter 1: You Are Here 3
Why All the Buzz? 4
What Is Security Culture, Anyway? 8
A Problem of Definition 9
A Problem of Overconfidence 11
Takeaways 12
Chapter 2: Up-leveling the Conversation: Security Culture Is a Board-level Concern 13
A View from the Top 14
Telling the Human Side of the Story 15
What's the Cost of Not Getting This Right? 16
Cybercriminals Are Doubling Down on Their Attacks Against Your Employees 19
Your People and Security Culture Are at the Center of Everything 20
The Implication 22
Getting It Right 24
Takeaways 25
Chapter 3: The Foundations of Transformation 27
The Core Thesis 29
The Knowledge-Intention-Behavior Gap 29
Three Realities of Security Awareness 31
Program Focus 31
Extending the Discussion 33
Introducing the Security Culture Maturity Model 33
The Security Culture Maturity Model in Brief 35
The S-Curves 36
The Value of the Security Culture Maturity Model 37
You Are Always Either Building Strength or Allowing Atrophy 37
Takeaways 38
Part II: Exploration 39
Chapter 4: Just What Is Security Culture, Anyway? 41
Lessons from Safety Culture 42
A Jumble of Terms 44
Information Security Culture 45
IT Security Culture 45
Cybersecurity Culture 46
Security Culture in the Modern Day 46
Technology Focus 47
Compliance Focus 48
Human-Reality Focus 49
Takeaways 51
Chapter 5: Critical Concepts from the Social Sciences 53
What's the Real Goal--Awareness, Behavior, or Culture? 54
Coming to Terms with Our Irrational Nature 55
We Are Lazy 56
Why Don't We Just Give Up? 60
Security Culture--A Part of Organizational Culture 61
Takeaways 62
Chapter 6: The Components of Security Culture 63
A Problem of Definition 64
The Academic Perspective 64
The Practitioner Perspective 65
Defining Security Culture 66
Security Culture as Dimensions 67
The Seven Dimensions of Security Culture 69
Attitudes 69
Behaviors 69
Cognition 69
Communication 70
Compliance 70
Norms 70
Responsibilities 71
The Security Culture Survey 71
Example Findings from Measuring the Seven Dimensions 72
Normalized Use of Unauthorized Services 73
Confidentiality and Insider Threats 74
Last Thought 74
Takeaways 75
Chapter 7: Interviews with Organizational Culture Experts and Academics 77
John R. Childress, PYXIS Culture Technologies Limited 78
Why Is Culture Important? 78
Why Do You Find Culture Interesting? 79
Is There a Specific Definition of Culture That You Find Useful? 79
What Actions Can Be Taken to Direct Cultural Change? 80
Is There a Success or Horror Story You'd Like to Share Related to Culture Change? 81
How Does a Culture Evolve (or How Often?) 82
Professor John McAlaney, Bournemouth University, UK 82
Why Is Culture Important? 83
Why Do You Find Culture Interesting? 83
Is There a Specific Definition of Culture That You Find Useful? 83
What Actions Can Be Taken to Direct Cultural Change? 84
Is There a Success or Hor
Acknowledgments xii
Introduction xxv
Part I: Foundation 1
Chapter 1: You Are Here 3
Why All the Buzz? 4
What Is Security Culture, Anyway? 8
A Problem of Definition 9
A Problem of Overconfidence 11
Takeaways 12
Chapter 2: Up-leveling the Conversation: Security Culture Is a Board-level Concern 13
A View from the Top 14
Telling the Human Side of the Story 15
What's the Cost of Not Getting This Right? 16
Cybercriminals Are Doubling Down on Their Attacks Against Your Employees 19
Your People and Security Culture Are at the Center of Everything 20
The Implication 22
Getting It Right 24
Takeaways 25
Chapter 3: The Foundations of Transformation 27
The Core Thesis 29
The Knowledge-Intention-Behavior Gap 29
Three Realities of Security Awareness 31
Program Focus 31
Extending the Discussion 33
Introducing the Security Culture Maturity Model 33
The Security Culture Maturity Model in Brief 35
The S-Curves 36
The Value of the Security Culture Maturity Model 37
You Are Always Either Building Strength or Allowing Atrophy 37
Takeaways 38
Part II: Exploration 39
Chapter 4: Just What Is Security Culture, Anyway? 41
Lessons from Safety Culture 42
A Jumble of Terms 44
Information Security Culture 45
IT Security Culture 45
Cybersecurity Culture 46
Security Culture in the Modern Day 46
Technology Focus 47
Compliance Focus 48
Human-Reality Focus 49
Takeaways 51
Chapter 5: Critical Concepts from the Social Sciences 53
What's the Real Goal--Awareness, Behavior, or Culture? 54
Coming to Terms with Our Irrational Nature 55
We Are Lazy 56
Why Don't We Just Give Up? 60
Security Culture--A Part of Organizational Culture 61
Takeaways 62
Chapter 6: The Components of Security Culture 63
A Problem of Definition 64
The Academic Perspective 64
The Practitioner Perspective 65
Defining Security Culture 66
Security Culture as Dimensions 67
The Seven Dimensions of Security Culture 69
Attitudes 69
Behaviors 69
Cognition 69
Communication 70
Compliance 70
Norms 70
Responsibilities 71
The Security Culture Survey 71
Example Findings from Measuring the Seven Dimensions 72
Normalized Use of Unauthorized Services 73
Confidentiality and Insider Threats 74
Last Thought 74
Takeaways 75
Chapter 7: Interviews with Organizational Culture Experts and Academics 77
John R. Childress, PYXIS Culture Technologies Limited 78
Why Is Culture Important? 78
Why Do You Find Culture Interesting? 79
Is There a Specific Definition of Culture That You Find Useful? 79
What Actions Can Be Taken to Direct Cultural Change? 80
Is There a Success or Horror Story You'd Like to Share Related to Culture Change? 81
How Does a Culture Evolve (or How Often?) 82
Professor John McAlaney, Bournemouth University, UK 82
Why Is Culture Important? 83
Why Do You Find Culture Interesting? 83
Is There a Specific Definition of Culture That You Find Useful? 83
What Actions Can Be Taken to Direct Cultural Change? 84
Is There a Success or Hor
About the Authors viii
Acknowledgments xii
Introduction xxv
Part I: Foundation 1
Chapter 1: You Are Here 3
Why All the Buzz? 4
What Is Security Culture, Anyway? 8
A Problem of Definition 9
A Problem of Overconfidence 11
Takeaways 12
Chapter 2: Up-leveling the Conversation: Security Culture Is a Board-level Concern 13
A View from the Top 14
Telling the Human Side of the Story 15
What's the Cost of Not Getting This Right? 16
Cybercriminals Are Doubling Down on Their Attacks Against Your Employees 19
Your People and Security Culture Are at the Center of Everything 20
The Implication 22
Getting It Right 24
Takeaways 25
Chapter 3: The Foundations of Transformation 27
The Core Thesis 29
The Knowledge-Intention-Behavior Gap 29
Three Realities of Security Awareness 31
Program Focus 31
Extending the Discussion 33
Introducing the Security Culture Maturity Model 33
The Security Culture Maturity Model in Brief 35
The S-Curves 36
The Value of the Security Culture Maturity Model 37
You Are Always Either Building Strength or Allowing Atrophy 37
Takeaways 38
Part II: Exploration 39
Chapter 4: Just What Is Security Culture, Anyway? 41
Lessons from Safety Culture 42
A Jumble of Terms 44
Information Security Culture 45
IT Security Culture 45
Cybersecurity Culture 46
Security Culture in the Modern Day 46
Technology Focus 47
Compliance Focus 48
Human-Reality Focus 49
Takeaways 51
Chapter 5: Critical Concepts from the Social Sciences 53
What's the Real Goal--Awareness, Behavior, or Culture? 54
Coming to Terms with Our Irrational Nature 55
We Are Lazy 56
Why Don't We Just Give Up? 60
Security Culture--A Part of Organizational Culture 61
Takeaways 62
Chapter 6: The Components of Security Culture 63
A Problem of Definition 64
The Academic Perspective 64
The Practitioner Perspective 65
Defining Security Culture 66
Security Culture as Dimensions 67
The Seven Dimensions of Security Culture 69
Attitudes 69
Behaviors 69
Cognition 69
Communication 70
Compliance 70
Norms 70
Responsibilities 71
The Security Culture Survey 71
Example Findings from Measuring the Seven Dimensions 72
Normalized Use of Unauthorized Services 73
Confidentiality and Insider Threats 74
Last Thought 74
Takeaways 75
Chapter 7: Interviews with Organizational Culture Experts and Academics 77
John R. Childress, PYXIS Culture Technologies Limited 78
Why Is Culture Important? 78
Why Do You Find Culture Interesting? 79
Is There a Specific Definition of Culture That You Find Useful? 79
What Actions Can Be Taken to Direct Cultural Change? 80
Is There a Success or Horror Story You'd Like to Share Related to Culture Change? 81
How Does a Culture Evolve (or How Often?) 82
Professor John McAlaney, Bournemouth University, UK 82
Why Is Culture Important? 83
Why Do You Find Culture Interesting? 83
Is There a Specific Definition of Culture That You Find Useful? 83
What Actions Can Be Taken to Direct Cultural Change? 84
Is There a Success or Hor
Acknowledgments xii
Introduction xxv
Part I: Foundation 1
Chapter 1: You Are Here 3
Why All the Buzz? 4
What Is Security Culture, Anyway? 8
A Problem of Definition 9
A Problem of Overconfidence 11
Takeaways 12
Chapter 2: Up-leveling the Conversation: Security Culture Is a Board-level Concern 13
A View from the Top 14
Telling the Human Side of the Story 15
What's the Cost of Not Getting This Right? 16
Cybercriminals Are Doubling Down on Their Attacks Against Your Employees 19
Your People and Security Culture Are at the Center of Everything 20
The Implication 22
Getting It Right 24
Takeaways 25
Chapter 3: The Foundations of Transformation 27
The Core Thesis 29
The Knowledge-Intention-Behavior Gap 29
Three Realities of Security Awareness 31
Program Focus 31
Extending the Discussion 33
Introducing the Security Culture Maturity Model 33
The Security Culture Maturity Model in Brief 35
The S-Curves 36
The Value of the Security Culture Maturity Model 37
You Are Always Either Building Strength or Allowing Atrophy 37
Takeaways 38
Part II: Exploration 39
Chapter 4: Just What Is Security Culture, Anyway? 41
Lessons from Safety Culture 42
A Jumble of Terms 44
Information Security Culture 45
IT Security Culture 45
Cybersecurity Culture 46
Security Culture in the Modern Day 46
Technology Focus 47
Compliance Focus 48
Human-Reality Focus 49
Takeaways 51
Chapter 5: Critical Concepts from the Social Sciences 53
What's the Real Goal--Awareness, Behavior, or Culture? 54
Coming to Terms with Our Irrational Nature 55
We Are Lazy 56
Why Don't We Just Give Up? 60
Security Culture--A Part of Organizational Culture 61
Takeaways 62
Chapter 6: The Components of Security Culture 63
A Problem of Definition 64
The Academic Perspective 64
The Practitioner Perspective 65
Defining Security Culture 66
Security Culture as Dimensions 67
The Seven Dimensions of Security Culture 69
Attitudes 69
Behaviors 69
Cognition 69
Communication 70
Compliance 70
Norms 70
Responsibilities 71
The Security Culture Survey 71
Example Findings from Measuring the Seven Dimensions 72
Normalized Use of Unauthorized Services 73
Confidentiality and Insider Threats 74
Last Thought 74
Takeaways 75
Chapter 7: Interviews with Organizational Culture Experts and Academics 77
John R. Childress, PYXIS Culture Technologies Limited 78
Why Is Culture Important? 78
Why Do You Find Culture Interesting? 79
Is There a Specific Definition of Culture That You Find Useful? 79
What Actions Can Be Taken to Direct Cultural Change? 80
Is There a Success or Horror Story You'd Like to Share Related to Culture Change? 81
How Does a Culture Evolve (or How Often?) 82
Professor John McAlaney, Bournemouth University, UK 82
Why Is Culture Important? 83
Why Do You Find Culture Interesting? 83
Is There a Specific Definition of Culture That You Find Useful? 83
What Actions Can Be Taken to Direct Cultural Change? 84
Is There a Success or Hor