New Infosec IQ Cybersecurity Culture Survey Quantifies Security Beliefs, Sentiments

Infosec, the leading cybersecurity education company, today released one of the industry’s first cybersecurity culture assessment tools. The new Infosec IQ Cybersecurity Culture Survey introduces an actionable, scalable way to analyze and measure employee attitudes and perceptions towards security practices, policies and training strategies across five cultural domains.

The Infosec IQ Cybersecurity Culture Survey collects employee feedback and scores organizations across these five domains: 

  • Confidence: how employees classify their own ability to put their cybersecurity knowledge to practical use
  • Responsibility: how employees perceive their role in organizational security
  • Engagement: how willingly employees participate in an organization’s security awareness and training program and apply available resources and support to improve security behaviors
  • Trust: how employees perceive the security posture and processes at their organization
  • Outcomes: how employees perceive the consequences of a security incident at their organization

The Infosec IQ Cybersecurity Culture Survey helps security awareness managers evolve program goals and success metrics to align with recommendations from leading research firms like Forrester. According to a Forrester report authored by analysts Jinan Budge and Claire O’Malley, “Cultural change takes time and results are difficult to measure.” One technique they recommend CISOs use is “surveying the workforce to measure motivation, ability and triggers. This will allow you to quantify the strengths and weaknesses of an existing or potential SA&T [security awareness and training] program and gain insight into the current state of security culture.”1

Infosec IQ program managers can administer the Cybersecurity Culture Survey as needed and use results to guide changes to cybersecurity policies, practices or training strategies. The tool generates scores across all five domains and provides recommendations for strengthening cybersecurity culture and improving scores in each domain. Recommendations include training content and employee engagement features built within the Infosec IQ security awareness platform and suggestions for increasing the impact of security-related communications.

Click here to learn more about the Infosec IQ Cybersecurity Culture Survey.

Leave a Reply

%d bloggers like this: