Skip to main content

Create a Culture of Cybersecurity

Learning Objectives

After completing this unit, you’ll be able to:

  • Describe the importance of creating a culture of cybersecurity.
  • List best practices for fostering a strong culture of cybersecurity.

Employ Users as the First line of Defense

The traditional enterprise security paradigm described a technology boundary that isolated and protected the workers behind it. Today, a growing number of user interactions with the outside world bypass the physical and network perimeters and the security controls they offer. For this reason, keeping an organization secure is every employee’s job. Front-door attack vectors such as phishing, for example, are leveraged by many attackers. This puts users in the first line of defense and recognizes the critical role employees play in the organization’s security. 

Image of a circular table with users around it each with a laptop, mobile phone, tablet, and a padlock image in the middle.

According to IBM X-Force research in 2019, 43 percent of compromised records were linked to human error and misconfigured IT services. Effective organizations are mindful of the fact that a majority of data breaches are enabled by internal actors. This can occur through unintentionally disclosing sensitive information, clicking on a phishing link, the negligent use of USB drives, Wi-Fi networks, or use of weak passwords.

Foster a Stronger Culture of Cybersecurity

The following practices foster a stronger culture of cybersecurity.

  • Customize: Develop user awareness and training tailored to the business context.
  • Engage: Leverage diverse and novel ways to better engage the organization.
  • Incentivize: Incentivize your employees to participate in the awareness campaign.
  • Sanction: Enforce sanctions on major or repeat offenders.

Finally, security knowledge must be mainstream. Organizations benefit from partnering with academia and educational systems to develop a curriculum that is adapted to the needs of their industry, in order to develop a cybersecurity workforce with the skills for the digital age.

Sum It Up

In this unit you’ve learned how a successful cybersecurity strategy and its implementation are dependent on the culture of the organization. Throughout this module and the previous one, Cybersecurity Risk Management, you’ve learned more about how to think like a business leader and foster internal and external partnerships to achieve this goal. 

The explosion of connectivity present in today’s digital economy provides companies with opportunities to increase operational efficiencies, and improve customer satisfaction. It comes with a caveat, however: As customer data, intellectual property, and brand equity evolve, they become new targets for theft, directly impacting shareholder value and business performance. 

In response, business leaders need cybersecurity leaders to take a stronger and more strategic leadership role. Doing so enables you to implement the other tenets we have learned about, including practicing strong cyber hygiene, protecting mission-critical assets, and protecting the organization from phishing. When all users understand and work toward common security goals, the entire organization benefits. With the effective cyber-risk management strategies you have learned in this trail, your business can achieve a smarter, faster, and more connected future, driving growth. Interested in exploring more cybersecurity-related information? Check out the  Cybersecurity Learning Hub  on Trailhead.

Resources

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback