Security awareness | Deloitte solution
- We rely on humans to implement controls and policy because we cannot “engineer around the end user” — avoiding incidents remains highly dependent of what your end users do.
- In addition, people do not act securely by nature, and secure behaviour erodes with time, especially when there is a lack of security awareness. This makes life easier for any malicious party; you don’t need to hack the system if you can compromise the human.
- To further complicate matters, significant changes in behaviour are often required — but few things are harder to change than security culture — which is an integral part of company culture.
- We have a variety of services allowing the organisation to instil the knowledge, ability and inclination in people to act securely.
- We cover the complete scope of activities required to develop and improve security awareness: assessments (to what extent are people acting securely or not), designing and delivering content, measuring how security awareness improves and perhaps most importantly, providing the support you need to change the security culture of your organisation.
- Security awareness starts at the top, which is why our approach to security awareness starts with the identification of key stakeholders and joint development of the security awareness strategy with the stakeholders. This significantly improves the chances of achieving the required change in security culture.
This flyer is also available in German.
Page Last Updated