A culture hacking how to complete with strategies, techniques, and resources for securing the most volatile element of information security—humans People-Centric Security: Transforming Your Enterprise Security Culture addresses the urgent need for change at the intersection of people and security. Esentially a complete security culture toolkit, this comprehensive resource provides you with a blueprint for assessing, designing, building, and maintaining human firewalls. Globally recognized information security expert Lance Hayden lays out a course of action for drastically improving organizations’ security cultures through the precise use of mapping, survey, and analysis. You’ll discover applied techniques for embedding strong security practices into the daily routines of IT users and learn how to implement a practical, executable, and measurable program for human security. Features downloadable mapping and surveying templates Case studies throughout showcase the methods explained in the book Valuable appendices detail security tools and cultural threat and risk modeling Written by an experienced author and former CIA human intelligence officer

Expert guidance on the art and science of driving secure behaviors Transformational Security Awareness empowers security leaders with the information and resources they need to assemble and deliver effective world-class security awareness programs that drive secure behaviors and culture change. When all other processes, controls, and technologies fail, humans are your last line of defense. But, how can you prepare them? Frustrated with ineffective training paradigms, most security leaders know that there must be a better way. A way that engages users, shapes behaviors, and fosters an organizational culture that encourages and reinforces security-related values. The good news is that there is hope. That’s what Transformational Security Awareness is all about. Author Perry Carpenter weaves together insights and best practices from experts in communication, persuasion, psychology, behavioral economics, organizational culture management, employee engagement, and storytelling to create a multidisciplinary masterpiece that transcends traditional security education and sets you on the path to make a lasting impact in your organization. Find out what you need to know about marketing, communication, behavior science, and culture management Overcome the knowledge-intention-behavior gap Optimize your program to work with the realities of human nature Use simulations, games, surveys, and leverage new trends like escape rooms to teach security awareness Put effective training together into a well-crafted campaign with ambassadors Understand the keys to sustained success and ongoing culture change Measure your success and establish continuous improvements Do you care more about what your employees know or what they do? It's time to transform the way we think about security awareness. If your organization is stuck in a security awareness rut, using the same ineffective strategies, materials, and information that might check a compliance box but still leaves your organization wide open to phishing, social engineering, and security-related employee mistakes and oversights, then you NEED this book.

Understand how to create a culture that promotes cyber security within the workplace. Using his own experiences, the author highlights the underlying cause for many successful and easily preventable attacks.

Mitigate human risk and bake security into your organization’s culture from top to bottom with insights from leading experts in security awareness, behavior, and culture. The topic of security culture is mysterious and confusing to most leaders. But it doesn’t have to be. In The Security Culture Playbook, Perry Carpenter and Kai Roer, two veteran cybersecurity strategists deliver experience-driven, actionable insights into how to transform your organization’s security culture and reduce human risk at every level. This book exposes the gaps between how organizations have traditionally approached human risk and it provides security and business executives with the necessary information and tools needed to understand, measure, and improve facets of security culture across the organization. The book offers: An expose of what security culture really is and how it can be measured A careful exploration of the 7 dimensions that comprise security culture Practical tools for managing your security culture program, such as the Security Culture Framework and the Security Culture Maturity Model Insights into building support within the executive team and Board of Directors for your culture management program Also including several revealing interviews from security culture thought leaders in a variety of industries, The Security Culture Playbook is an essential resource for cybersecurity professionals, risk and compliance managers, executives, board members, and other business leaders seeking to proactively manage and reduce risk.

Technology advances are making tech more . . . human. This changes everything you thought you knew about innovation and strategy. In their groundbreaking book, Human + Machine, Accenture technology leaders Paul R. Daugherty and H. James Wilson showed how leading organizations use the power of human-machine collaboration to transform their processes and their bottom lines. Now, as new AI powered technologies like the metaverse, natural language processing, and digital twins begin to rapidly impact both life and work, those companies and other pioneers across industries are tipping the balance even more strikingly toward the human side with technology-led strategy that is reshaping the very nature of innovation. In Radically Human, Daugherty and Wilson show this profound shift, fast-forwarded by the pandemic, toward more human—and more humane—technology. Artificial intelligence is becoming less artificial and more intelligent. Instead of data-hungry approaches to AI, innovators are pursuing data-efficient approaches that enable machines to learn as humans do. Instead of replacing workers with machines, they're unleashing human expertise to create human-centered AI. In place of lumbering legacy IT systems, they're building cloud-first IT architectures able to continuously adapt to a world of billions of connected devices. And they're pursuing strategies that will take their place alongside classic, winning business formulas like disruptive innovation. These against-the-grain approaches to the basic building blocks of business—Intelligence, Data, Expertise, Architecture, and Strategy (IDEAS)—are transforming competition. Industrial giants and startups alike are drawing on this radically human IDEAS framework to create new business models, optimize post-pandemic approaches to work and talent, rebuild trust with their stakeholders, and show the way toward a sustainable future. With compelling insights and fresh examples from a variety of industries, Radically Human will forever change the way you think about, practice, and win with innovation.

If you’re striving to make products and services that your customers will love, then you’ll need a customer-driven organization. As companies transform their businesses to meet the demands of the digital age, they find themselves grappling with uniquely human challenges. Organizational knowledge becomes siloed, employees move to safeguard their expertise, and customer data creates polarization and infighting between teams. All of these challenges widen the distance between the people who make your products and the customers who use them. To meet today’s challenges, companies need to do more than build processes for customer-driven products. They need to create a customer-driven culture. With the help of his friend and mentor Monty Hammontree, Travis Lowdermilk takes readers through the cultural transformation of the Developer Division at Microsoft. This book shows readers how to "hack" their culture and reduce the distance between them and their customers’ needs. It’s a uniquely personal story that’s told amidst a cultural revolution at one of the largest software companies in the world. This story acts as your guide. You’ll learn how to: Establish a Common Language: Help employees change their thinking and actions Build Bridges, Not Walls: Treat product building as a team sport Encourage Learning Versus Knowing: Help your team understand their customers Build Leaders That Build Your Culture: Showcase star employees to inspire others Meet Teams Where They Are: Make it easy for teams to to adopt vital behavior changes Make Data Relatable: Move beyond numbers and focus on empathizing with customers

Security governance in the second decade of the 21st century is ill-serving the American people. Left uncorrected, civic life and national continuity will remain increasingly at risk. At stake well beyond our shores is the stability and future direction of an international political and economic system dependent on robust and continued U.S. engagement. Outdated hierarchical, industrial structures and processes configured in 1947 for the Cold War no longer provide for the security and resilience of the homeland. Security governance in this post-industrial, digital age of complex interdependencies must transform to anticipate and if necessary manage a range of cascading catastrophic effects, whether wrought by asymmetric adversaries or technological or natural disasters. Security structures and processes that perpetuate a 20th century, top-down, federal-centric governance model offer Americans no more than a single point-of-failure. The strategic environment has changed; the system has not. Changes in policy alone will not bring resolution. U.S. security governance today requires a means to begin the structural and process transformation into what this book calls Network Federalism. Charting the origins and development of borders-out security governance into and through the American Century, the book establishes how an expanding techno-industrial base enabled American hegemony. Turning to the homeland, it introduces a borders-in narrative—the convergence of the functional disciplines of emergency management, civil defense, resource mobilization and counterterrorism into what is now called homeland security. For both policymakers and students a seminal work in the yet-to-be-established homeland security canon, this book records the political dynamics behind the creation of the Department of Homeland Security, the impact of Hurricane Katrina and the ongoing development of what is now called the Homeland Security Enterprise. The work makes the case that national security governance has heretofore been one-dimensional, involving horizontal interagency structures and processes at the Federal level. Yet homeland security in this federal republic has a second dimension that is vertical, intergovernmental, involving sovereign states and local governments whose personnel are not in the President’s chain of command. In the strategic environment of the post-industrial 21st century, states thus have a co-equal role in strategy and policy development, resourcing and operational execution to perform security and resilience missions. This book argues that only a Network Federal governance will provide unity of effort to mature the Homeland Security Enterprise. The places to start implementing network federal mechanisms are in the ten FEMA regions. To that end, it recommends establishment of Regional Preparedness Staffs, composed of Federal, state and local personnel serving as co-equals on Intergovernmental Personnel Act (IPA) rotational assignments. These IPAs would form the basis of an intergovernmental and interdisciplinary homeland security professional cadre to build a collaborative national preparedness culture. As facilitators of regional unity of effort with regard to prioritization of risk, planning, resourcing and operational execution, these Regional Preparedness Staffs would provide the Nation with decentralized network nodes enabling security and resilience in this 21st century post-industrial strategic environment.

“Bob Chapman, CEO of the $1.7 billion manufacturing company Barry-Wehmiller, is on a mission to change the way businesses treat their employees.” – Inc. Magazine Starting in 1997, Bob Chapman and Barry-Wehmiller have pioneered a dramatically different approach to leadership that creates off-the-charts morale, loyalty, creativity, and business performance. The company utterly rejects the idea that employees are simply functions, to be moved around, "managed" with carrots and sticks, or discarded at will. Instead, Barry-Wehmiller manifests the reality that every single person matters, just like in a family. That’s not a cliché on a mission statement; it’s the bedrock of the company’s success. During tough times a family pulls together, makes sacrifices together, and endures short-term pain together. If a parent loses his or her job, a family doesn’t lay off one of the kids. That’s the approach Barry-Wehmiller took when the Great Recession caused revenue to plunge for more than a year. Instead of mass layoffs, they found creative and caring ways to cut costs, such as asking team members to take a month of unpaid leave. As a result, Barry-Wehmiller emerged from the downturn with higher employee morale than ever before. It’s natural to be skeptical when you first hear about this approach. Every time Barry-Wehmiller acquires a company that relied on traditional management practices, the new team members are skeptical too. But they soon learn what it’s like to work at an exceptional workplace where the goal is for everyone to feel trusted and cared for—and where it’s expected that they will justify that trust by caring for each other and putting the common good first. Chapman and coauthor Raj Sisodia show how any organization can reject the traumatic consequences of rolling layoffs, dehumanizing rules, and hypercompetitive cultures. Once you stop treating people like functions or costs, disengaged workers begin to share their gifts and talents toward a shared future. Uninspired workers stop feeling that their jobs have no meaning. Frustrated workers stop taking their bad days out on their spouses and kids. And everyone stops counting the minutes until it’s time to go home. This book chronicles Chapman’s journey to find his true calling, going behind the scenes as his team tackles real-world challenges with caring, empathy, and inspiration. It also provides clear steps to transform your own workplace, whether you lead two people or two hundred thousand. While the Barry-Wehmiller way isn’t easy, it is simple. As the authors put it: "Everyone wants to do better. Trust them. Leaders are everywhere. Find them. People achieve good things, big and small, every day. Celebrate them. Some people wish things were different. Listen to them. Everybody matters. Show them."

"Information security has become an important and critical component of every organization. In his book, Professor Chatterjee explains the challenges that organizations experience to protect information assets. The book sheds light on different aspects of cybersecurity including a history and impact of the most recent security breaches, as well as the strategic and leadership components that help build strong cybersecurity programs. This book helps bridge the gap between academia and practice and provides important insights that may help professionals in every industry." Mauricio Angee, Chief Information Security Officer, GenesisCare USA, Fort Myers, Florida, USA "This book by Dave Chatterjee is by far the most comprehensive book on cybersecurity management. Cybersecurity is on top of the minds of board members, CEOs, and CIOs as they strive to protect their employees and intellectual property. This book is a must-read for CIOs and CISOs to build a robust cybersecurity program for their organizations." Vidhya Belapure, Chief Information Officer, Huber Engineered Materials & CP Kelco, Marietta, Georgia, USA Cybersecurity has traditionally been the purview of information technology professionals, who possess specialized knowledge and speak a language that few outside of their department can understand. In our current corporate landscape, however, cybersecurity awareness must be an organization-wide management competency in order to mitigate major threats to an organization’s well-being—and be prepared to act if the worst happens. With rapidly expanding attacks and evolving methods of attack, organizations are in a perpetual state of breach and have to deal with this existential threat head-on. Cybersecurity preparedness is a critical and distinctive competency, and this book is intended to help students and practitioners develop and enhance this capability, as individuals continue to be both the strongest and weakest links in a cyber defense system. In addition to providing the non-specialist with a jargon-free overview of cybersecurity threats, Dr. Chatterjee focuses most of the book on developing a practical and easy-to-comprehend management framework and success factors that will help leaders assess cybersecurity risks, address organizational weaknesses, and build a collaborative culture that is informed and responsive. Through brief case studies, literature review, and practical tools, he creates a manual for the student and professional alike to put into practice essential skills for any workplace.

Managing an Information Security and Privacy Awareness and Training Program provides a starting point and an all-in-one resource for infosec and privacy education practitioners who are building programs for their organizations. The author applies knowledge obtained through her work in education, creating a comprehensive resource of nearly everything involved with managing an infosec and privacy training course. This book includes examples and tools from a wide range of businesses, enabling readers to select effective components that will be beneficial to their enterprises. The text progresses from the inception of an education program through development, implementation, delivery, and evaluation.