Security news aggregator

Latest coverage for Culture

Explore the intersection of society and information security, where culture shapes cyber norms and practices in our digital world.

107 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Information security culture describes the shared attitudes, behaviors, and practices within an organization that influence how employees handle cybersecurity. It shapes whether staff consistently follow security protocols, recognize phishing attempts, and report suspicious activity. This culture is reflected in everyday actions, not just formal policies, affecting how effectively security measures are implemented across all levels.

A strong security culture reduces risks like social engineering attacks and insider threats by promoting vigilance and accountability. Regular training and clear communication help embed security awareness, making employees active participants in defense rather than passive users. Without this cultural foundation, technical controls may be undermined by human error or neglect, increasing the likelihood of successful attacks and data exposure.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 107

Anna’s Archive’s idealism doesn’t quite survive its own blog post What would happen to the world's music collections if streaming services disappeared? One hacktivist group says it has a solution: scrape around 300 terabytes of music and metadata from Spotify and offer it up for free as what it calls the world’s first “fully open” music preservation archive.…

More from The Register 23 Dec 2025, 6:24 a.m. Culture

PLUS: Manga publishers win Cloudflare copyright case; India, EU to link payment systems; Storm over Australia’s weather website; And more! Asia In Brief Infosys co-founder Narayana Murthy has suggested Indian citizens should work even longer, suggesting his previous target of 70-hour weeks could climb to 72.…

Bank Info Security 9 months ago

Security as a Business Enabler, Not a Barrier

ISMG's Sean Mack on Aligning Strategy and Culture for Long-Term Risk ReductionCybercrime is accelerating while budgets stay flat. To keep pace, organizations must treat security as a strategic enabler - not an afterthought. Sean Mack of ISMG's CXO Advisory Practice outlines how aligning business goals, shifting left, and building a security culture drive better outcomes.

Bank Info Security 9 months, 3 weeks ago

Finding Ways to Cut Costs Without Sacrificing Cyber Defense

CXO Advisory Practice's Sean Mack on How Fractional CISOs Help SMBs Boost SecuritySmall and mid-sized businesses face the same threats as large enterprises but with fewer resources. Sean Mack of ISMG's CXO Advisory Practice explains how SMBs can cut cybersecurity costs by consolidating tools, embedding security and building a culture that scales without scaling costs.

Merck's Luis Contasti Aguirre on Building Resilient OT Security ProgramsLuis Contasti Aguirre from Merck shares how visibility into OT assets, clear processes and a strong risk-aware culture help secure critical systems. He explains how aligning people, process and technology strengthens compliance, reduces false positives and ensures operational resilience.

U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called "gross cybersecurity negligence" that enabled ransomware attacks on U.S. critical infrastructure, including against healthcare networks

Bank Info Security 10 months, 2 weeks ago

AI and the New Rules of Observability

FPT's Leonard Bertelli on the Shift From Reactive Monitoring to Predictive InsightObservability has now become a mission-critical capability for enterprises operating complex, distributed and AI-driven systems. Leonard Bertelli, senior vice president at FPT Americas, shares how observability is changing and why both culture and technology must align to move enterprises forward.

After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth: tools and technologies alone are not enough to mitigate cyber risk. As tech stacks have grown more sophisticated and capable, attackers have shifted their focus. They are no longer focusing on infrastructure vulnerabilities alone. Instead, they are increasingly

Cybersecurity Awareness Programs Need Focus on Human Risk and Changing BehaviorsThanks to Cybersecurity Awareness Month, everyone knows security is a priority, but what are we doing differently to change the culture? If our goal is to reduce risk, not just meet regulatory expectations, then we need to focus on behavior, not just boxes on a checklist.

Loading more headlines...