Event Registration

Moving the needle on security culture metrics

Tuesday 18 July 2023

About the session

With cyber threats rapidly evolving, business leaders are constantly looking at improving technology and processes within businesses. To tackle the ever-threatening cyber landscape, security leaders need to be ahead of the emerging threats, and while having the right technology is a must-have, organisational culture plays an effective role in safeguarding the business.

This year’s report paints a positive picture, with cyber security culture improving, however, CISOs have reported facing many other competing priorities. So, how can they measure the security culture’s success and accelerate its progression?

Join the next Hot topic session to find out how and why metrics and reporting have the potential to close the communication gap between CISOs and the non-technical audiences or the board.

Register Now!

What gets measured, gets managed!

This year’s report highlights how behavior and culture have been elevated from a tactical to a more strategic level. Many more senior stakeholders understand the importance of security as a whole, as well as security culture in particular. Alongside this, mechanisms for raising awareness and influencing cultures, such as simulated phishing and tailored training, scored lower in terms of their effectiveness in influencing culture this year compared to 2022

62% of CISOs consider cyber security culture ongoing progress, which highlights its effectiveness. But reporting and providing context on cybersecurity metrics can tell the story of success or failure and help CISOs further address their challenges to the board and to non-technical audiences.

Security is seen as an innovation enabler now more than it has been in the past, but still, 40% of CISOs reported that the business is not measuring or reporting on the value security adds to the business.

With budgets remaining flat across many businesses this year, is this the start of a more mature approach to security culture, with intelligent metrics demonstrating the return on investment?


Moving the needle on security culture metrics

Jessica Barker

As a leader in the human nature of cyber security, Jessica has been named one of the top 20 most influential women in cyber security in the UK and awarded as one of the UK’s Tech Women 50 in 2017. She co-founded Cygenta, who work with a variety of organisations from small creative agencies through to multi-national banks. With a background in sociology and civic design, Jessica delivers thought-provoking and engaging presentations about cyber security around the world. Her speaking engagements are rooted in the work she does around the psychology and sociology of cyber security, particularly regarding cyber security threats, social engineering, how to effectively communicate cyber security messages, the psychology of fear and cyber security and the language of cyber security. Her specialisms span cyber security awareness, behaviour and culture. Jessica’s many appearances discussing cyber security on national and international TV and radio and in the press have cemented her place as the media’s go-to expert on subjects that require graceful, clear and engaging communication of technical subjects. She frequently appears on the BBC, Sky News, Channel 4 News, Channel 5 News, Radio 4’s Today programme, Radio 2’s Jeremy Vine show and more. She has been published in the Sunday Times and the Guardian, and frequently in industry press.

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.