In response to the Covid-19 impact, Living Security has released CyberEscape Online - A Digital Team Training Experience
Click here for more information

Security Awareness - The Culture Map

Security Awareness - The Culture Map

Maps are one of the ultimate data visualization tools, though they are seldom thought of as such. The same techniques used to express relationships between physical locations can be used to visualize all kinds of data. Maps help us see relationships that would otherwise be too complex or abstract.

Lance Hayden’s Competing Security Cultures Framework (CSCF) is a prime example of using maps to visualize enterprise security cultures.

Security Awareness - The Culture Map

Process Culture (upper left)

A Process Security Culture tends to be internally facing and tightly controlled, likely quite bureaucratic in nature. Things get done by the book and there's a "book" (or a policy or SOP) for almost everything. These cultures value stability and standardization as the key to their success. This process culture is best described like a police officer, who is often described as having an internal locus of control, high self-efficacy—which is to say that they are confident that they know the right thing to do and are not influenced by external factors in carrying it out. This quadrant loosely maps to the Watch Dog and Crypto Cat personality types, which influence security cultural perception through the lens of ensuring internal policies are followed.

Compliance Culture (upper right)

A Compliance Security Culture tends to be externally facing and tightly controlled, likely due to an environment of audits, competition and external scrutiny. Documentation and evidence are the lifeblood of the organization. These cultures value conformity and repeatability as the key to their success. This quadrant loosely maps to the Watch Dog and Crypto Cat personality types, which influence security cultural perception through the lens of ensuring external regulatory best practices are followed.

Autonomy Culture (lower right)

An Autonomy Security Culture tends to be externally facing and loosely controlled: the classic startup model. People are given autonomy and authority to do what they need to, innovating in order to get results. These cultures value flexibility and agility as the key to their success. This quadrant loosely maps to the Digital Narwhal personality type, which influences security cultural perception through a quirky, innovative lens.

Trust Culture (lower left)

A Trust Security Culture tends to be internally facing and loosely controlled, a community of empowered stakeholders. Everyone has skin in the game and is driven to share success and failure collectively, not as individuals. These cultures value communication and mutual commitment as the key to their success. This quadrant loosely maps to the Zen Fox personality type, which influences security cultural perception through a relationship-based, people-centric lens.

 

About Living Security

OUR MISSION

At Living Security, we reduce the #1 cybersecurity risk for enterprises, human error, through engaging and impactful security awareness training that is brought to life by innovative tech enabled experiences.

OUR STORY

Living Security co-founders, Ashley and Drew Rose, recognized that traditional security awareness programs were failing to move the needle and it was time for a fresh approach. Our immersive training experiences engage the enterprise using science backed techniques to motivate behavior change and refreshed content that’s relevant for the current threat landscape.

Our Core Values

We strive to build a company that you are proud to come to work for everyday, and a team of people that you are excited to work with everyday.

Immersive Cyber Escape Room

Our innovative Cybersecurity Escape Room experience builds security awareness concepts into an engaging team experience people actually enjoy.  Watch the video here.

Customized Cybersecurity Training At Scale

Online security awareness training platform leverages game based learning and a custom curriculum to make cybersecurity awareness training fun and effective.

BACKED BY SCIENCE. BUILT TO SCALE.

Our science-based approach drives user engagement and reinforces positive security behaviors across the enterprise.

Hosted Platform or SCORM Delivery

Our gamified training platform allows program owners to assign users training and track through completion and beyond. Our interactive video series are broken in to episodes that cover critical security awareness concepts through story based learning and interactive puzzles. Customize your program through the addition of role and concept specific micro-modules and incentivize completion through leaderboard challenges and rewards and recognition. Series and modules are also available in your SCORM packages for delivery on your LMS.

Gamified Learning

Training experiences are brought to life through engaging storylines that people actually enjoy.

Brain is 68% more engaged when you are having fun.

Immersive Experience

Our approach focuses on experiential learning that motivates participants to get engaged with relevant security concepts.

Science Backed

Our proven techniques engage participants, increase retention rate and motivate behavior change.

16x Increase in retention from experiential learning

Tech Enabled

Our tech-enabled platform makes managing and scaling the experience easy, allowing you to extend the reach of your security team.

Smart Analytics

Insightful metrics provide program owners with deep understanding of human risk within their organization and provides the tools to make the right changes.

Request a Demo