Creating a Culture of Risk Throughout Your Organization presented at 3rdCybersecurityInternationalSymposium 2019

by Szuyin Leow,

Summary : Today, every employee and department is responsible for IT security. When the entire organization considers information security to be a top priority, it goes a long way toward keeping a company's data safe. Oftentimes, the ownership of a company's information security is siloed within the IT department. However, to have an effective risk culture companies must allow and encourage individuals and departments to take risks in an educated and confident manner.Unfortunately, many companies don't acknowledge risk. Rather, they spend the majority of their time managing risks, working towards achieving compliance and staying on-track and on-task. Employees in such organizations are typically siloed creating an environment where change will not happen unless they have faced criticism. By creating a culture of risk companies will see steps towards progress and innovation, improving every aspect of the organization.Why creating a culture of risk is importantHow to create a culture of riskWhat a good risk culture looks like