Upload
kai-roer
View
211
Download
2
Embed Size (px)
Citation preview
BACKGROUND
KAI ROER, CEO AND CO-FOUNDER OF CLTRE
▸ Ron Knode Service Award, National Cybersecurity Institute (DC) Fellow
▸ 20+ industry exp. 40+countries, 4 books, awards +++
▸ Creator of The Security Culture Framework and the global Security Culture Community
▸ Focus area: Soft-skills with Psychology, Sociology and Social Behaviour
▸ https://roer.com - @kairoer
VANITY METRICS▸ Looks nice - says little (new)
▸ Checkbox compliance
▸ No information about culture
▸ Not useful for meaningful discussion
▸ Not helpful for improvements
▸ Says nothing about effectiveness (as required by Article 32)
THE CLTRE TOOLKIT
THE CHALLENGE OF MEASURING CULTURE
LEARNING ABOUT CULTURE STARTS WITH PEOPLE
▸ Psychological measures
▸ Self-assessments
▸ Experiments
▸ Sociological measures
▸ Analysing communication
▸ Social Anthropological measures
▸ Observation and comparison
MEASURING WHAT MATTERS▸ Full compliance focus
▸ Use for strategic and tactical advancements
▸ Measures the effectiveness of your programme
▸ Measure real security behaviours and change (avoiding vanity metrics)
▸ As required by GDPR Article 32
THE CLTRE TOOLKIT
BETTER INSIGHTS REDUCE RISK▸ EU to issue fines on negligence
▸ Insurance to expect documentation
▸ Litigation to require documentation effectiveness of measures
▸ Reduce risk by measuring what matters - today!
THE CLTRE TOOLKIT