2
Executive Summary
With 85% of data breaches being caused by social engineering
or human error
1
, it is clear that organizations can't afford to
neglect the importance of the human side of cybersecurity.
Employees have become the de facto attack vector of choice for
cybercriminals. Their knowledge, beliefs, values and behaviors
will be the difference between protection and breach. That's
why focusing on security culture is so important.
KnowBe4 Research has a developed data-driven and evidence-
based Security Culture Maturity Model. The model is fueled by
KnowBe4's massive security awareness, behavior, and culture
dataset. This dataset is ultimately comprised of individual
datapoints that we call Culture Maturity Indicators (CMIs).
The aggregation of several CMIs gives the Security Culture
Maturity Model unparalleled insight into the true maturity of
an organization's security culture.
Security Culture:
the ideas, customs,
and social behaviors
of a group that
influence its security.
1
https://www.verizon.com/business/resources/reports/2021/2021-data-breach-investigations-report.pdf
