Security news aggregator

Latest coverage for Culture

Explore the intersection of society and information security, where culture shapes cyber norms and practices in our digital world.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Information security culture describes the shared attitudes, behaviors, and practices within an organization that influence how employees handle cybersecurity. It shapes whether staff consistently follow security protocols, recognize phishing attempts, and report suspicious activity. This culture is reflected in everyday actions, not just formal policies, affecting how effectively security measures are implemented across all levels.

A strong security culture reduces risks like social engineering attacks and insider threats by promoting vigilance and accountability. Regular training and clear communication help embed security awareness, making employees active participants in defense rather than passive users. Without this cultural foundation, technical controls may be undermined by human error or neglect, increasing the likelihood of successful attacks and data exposure.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 25 Filtered view
Bank Info Security 3 months, 2 weeks ago

When Liability Turns the CISO Into the Fall Guy

Rising Liability Risks Are Reshaping the CISO Role and Cybersecurity LeadershipAs regulators pursue accountability after major breaches, CISOs face growing personal liability. This is changing how security leaders report risk, weakening security culture and making the role less attractive to experienced practitioners.

Bank Info Security 9 months ago

Security as a Business Enabler, Not a Barrier

ISMG's Sean Mack on Aligning Strategy and Culture for Long-Term Risk ReductionCybercrime is accelerating while budgets stay flat. To keep pace, organizations must treat security as a strategic enabler - not an afterthought. Sean Mack of ISMG's CXO Advisory Practice outlines how aligning business goals, shifting left, and building a security culture drive better outcomes.

Bank Info Security 9 months, 3 weeks ago

Finding Ways to Cut Costs Without Sacrificing Cyber Defense

CXO Advisory Practice's Sean Mack on How Fractional CISOs Help SMBs Boost SecuritySmall and mid-sized businesses face the same threats as large enterprises but with fewer resources. Sean Mack of ISMG's CXO Advisory Practice explains how SMBs can cut cybersecurity costs by consolidating tools, embedding security and building a culture that scales without scaling costs.

Bank Info Security 10 months, 1 week ago

Closing OT Blind Spots With Asset Visibility, Culture

Merck's Luis Contasti Aguirre on Building Resilient OT Security ProgramsLuis Contasti Aguirre from Merck shares how visibility into OT assets, clear processes and a strong risk-aware culture help secure critical systems. He explains how aligning people, process and technology strengthens compliance, reduces false positives and ensures operational resilience.

Bank Info Security 10 months, 2 weeks ago

AI and the New Rules of Observability

FPT's Leonard Bertelli on the Shift From Reactive Monitoring to Predictive InsightObservability has now become a mission-critical capability for enterprises operating complex, distributed and AI-driven systems. Leonard Bertelli, senior vice president at FPT Americas, shares how observability is changing and why both culture and technology must align to move enterprises forward.

Cybersecurity Awareness Programs Need Focus on Human Risk and Changing BehaviorsThanks to Cybersecurity Awareness Month, everyone knows security is a priority, but what are we doing differently to change the culture? If our goal is to reduce risk, not just meet regulatory expectations, then we need to focus on behavior, not just boxes on a checklist.

Bank Info Security 3 Jul 2025, 10:30 a.m. Culture

CIO Greg Barbaccia's Memo Targets Churn, Burnout, Fragmented CultureWhen Gregory Barbaccia took the job as the U.S. federal CIO in January 2025, he became the sixth person to hold the position in eight years. Five months into his tenure, he laid out 16 operating principles in the latest attempt to stabilize leadership churn.

Bank Info Security 1 year, 1 month ago

AI May Fix a 15-Year-Old Bug It Helped Spread

Researchers Turn to AI to Fix a Zombie Flaw that AI Helped PropagateArtificial intelligence tools that inadvertently perpetuated a decade-old bug may now also help eliminate it. The path traversal vulnerability became so embedded in developer culture that it found its way into training data for today’s AI models.

Bank Info Security 1 year, 4 months ago

The Time to Speak to Employees About Insider Risk Is Now

Recent Upheavals in Job Market Underscore the Need for a Security-Minded CultureTechnology and training are key components of a strong insider risk program, but in times like these, the real key to success lies in your organization's culture. Do your employees feel valued? If the answer is no, your insider threat level could be off the charts.

Bank Info Security 1 year, 5 months ago

The Crux of Security Awareness: Stopping 'Death Clickers'

Who Are 'Death Clickers,' and How Do They Weaken Company's Cyber Defense?Employees who repeatedly click on malicious links or "death clickers" are a risk to an organization's cybersecurity. This blog explains how awareness, behavior testing and simulations can help organizations strengthen their cybersecurity culture and manage human risks.

Bank Info Security 1 year, 6 months ago

FRAML Reality Check: Is Full Integration Really Practical?

Experts Weigh the Pros and Cons of Work Culture and Merging AML and Fraud TeamsA recent report found that more than 57,000 Americans fall victim to scams every day. Financial fraud is rising globally. In response, the National Automated Clearinghouse Association is pushing for real-time fraud monitoring by 2026, requiring closer collaboration between fraud and AML teams.

Bank Info Security 1 year, 8 months ago

CyberEdBoard Profiles in Leadership: Alex Gahlo

CIO Alex Gallo on Balancing Digital Change, Security and Continuous LearningAlex Gallo, CyberEdBoard member and CIO, shared how he drives secure digital transformation by balancing AI integration with cybersecurity, fostering a security-first culture, and emphasizing continuous learning across his teams and the organization’s leadership.

Bank Info Security 1 year, 9 months ago

How Microsoft Is Beefing Up Security With 34,000 Engineers

After Review Board Criticism, Microsoft Targets Culture, Governance, EngineeringAfter high-profile security incidents, Microsoft has dedicated 34,000 engineers to advancing security across all platforms, focusing on identity protection and rapid response. The company is embedding security into product development and governance frameworks to mitigate growing cyberthreats.

Bank Info Security 2 years, 1 month ago

HHS on Guard: Prioritizing Patient Data Security

CISO and Acting Deputy CIO La Monte Yarborough on Building a Culture of SecurityThe U.S. Department of Health and Human Services is actively enhancing its cybersecurity measures to protect sensitive health data. CISO and Acting Deputy CIO La Monte Yarborough outlined the measures HHS is taking to protect sensitive data and critical infrastructure amid rising threats.

Bank Info Security 2 years, 3 months ago

Employees Are 'Quiet Quitting' - What Can Employers Do?

How Employers and Employees Can Create an Engaging, Satisfying Workplace Culture"Quiet quitting" is when employees strictly adhere to their job descriptions and meticulously avoid any tasks that fall outside their defined responsibilities. Here's how employers and employees can prevent it and create a workplace culture that promotes engagement, satisfaction and shared success.

Bank Info Security 10 Apr 2024, 7:00 a.m. Culture
Bank Info Security 2 years, 3 months ago

The US or the UK: Where Should You Get a Cybersecurity Job?

Differences in How the United States and United Kingdom Think About CybersecurityThe differences between working in cybersecurity in the U.K. and U.S. are not just a matter of accent or office culture; they are a study in how national security priorities, regulatory environments and cultural attitudes toward privacy and surveillance affect cyber workers' professional lives.

Loading more headlines...