CORPORATE CULTURE: IT IS A GREAT INFORMATION SECURITY TOOL. Culture, in general terms, can be understood as a set of ideas, habits and social behavior in a specific group. This translates into values, beliefs, ideologies, beliefs, group behavior. In a corporate environment, it is only natural that absolutely every organization has its own culture. And yes, this is one of the key factors that can define the success or failure of information security.
The fact is CULTURE EATS STRATEGY FOR BREAKFAST. The phrase, originally attributed to Peter Drucker, has never been as true as in modern organizations, especially in subjects related to Information Security and Risk Management. Corporate culture can either motivate or drain the energy of professionals. Understand: Culture is the environment where corporate strategy, even the most well defined, blooms or agonizes. Any company that tries to disconnect these two factors is creating an unnecessary risk on the way to success.
Over the past years, several companies have learned – the hard way – that neglecting information security can bring disastrous impacts on operations, brand and financial results. This scenario leads us to believe that the mindset of senior management should have evolved into a more mature approach, where security is seen as a business facilitator and incorporated into all aspects of the strategy and transmitted in corporate culture, right? Yeah, dream on.