The 7 Dimensions of Security Culture

August 22, 2022

Weak information security culture has led to unwanted exposures of personal sensitive information of billions of individuals worldwide, and information security attacks are a major concern.

In KnowBe4's research, they have developed and investigated seven key dimensions of security culture; employee attitudes to security and policies, behaviors, cognitive processes surrounding security, quality of communication, compliance to security policies, organizational unwritten rules or norms, and individual responsibilities.

Information about these dimensions is vital when it comes to improving security culture, and thus reducing risk in the organization. This text builds on CLTRe’s model for measuring security culture and provides a comprehensive resource for practitioners seeking a deeper understanding of the dimensions that comprise security culture. Knowing what these dimensions are, how they relate to security, and how they can be positively influenced, will provide practitioners with the tools and practical advice needed to start building and improving security culture in organizations.

Previous Resource
The Wrong & Right Way to Do Security Culture Surveys
The Wrong & Right Way to Do Security Culture Surveys

Looking to develop a security awareness survey? Consider these knowledge areas for your assessment.

Next Resource
Building an Effective and Comprehensive Security Awareness Program
Building an Effective and Comprehensive Security Awareness Program

Not sure where to start building a security awareness program? Then this white paper is a great place to st...