What is Cultural Armour?
Cultural Armour™ is achieved when InfoSec is deeply embedded in company culture. It means you walk the talk that “Information security is everyone’s job”.
Each employee, from the top down and bottom up, can articulate their InfoSec role and is empowered to include InfoSec consistently in Business As Usual (BAU). The hallmark is active, even proactive, engagement with InfoSec to meet the challenges of changing regulatory and customer requirements as well as developments in the threat landscape . Cultural Armour is a level 4+ result of the 5 levels in SecuriThink methodology.
More FAQ
How does SecuriThink relate to the maturity scale for information security ?
While various InfoSec maturity scales do not map directly to the 5 levels of results in SecuriThink methodology, there is a lot of common ground at the highest levels of both.
Why does a SecuriThink project always begin with an assessment?
Our clients engage us to get from one place to another so we might think of an example as “We’re in Chicago and we want you to help us get to San Francisco.” What we’ve learned is that someone who says they’re in Chicago might actually be in St. Louis or maybe even Miami.
How does SecuriThink relate to Security Education and Awareness (SEA) efforts?
SEA is a subset of a SecuriThink engagement strategy. We work in cooperation with existing efforts and leverage them to the fullest extent possible.
How is SecuriThink different from other business transformation resources?
SecuriThink senior practitioners are to business transformation specialists as engineers are to physicists. The distinction is one of theory versus applied theory.
Are SecuriThink practitioners experts in information security technology?
Starting with our founder’s degree in computer engineering, technology is at the core of what we do. We work well with Subject Matter Experts (SME) and we have some on our team but most of us don’t consider ourselves technology SMEs.
Why does SecuriThink get more traction than most business transformation efforts?
Our information security specialty gives SecuriThink a tighter focus than most business transformation efforts. We aim to shift your culture, not turn it inside out. We stay in our lane.
How does SecuriThink approach an assessment?
The SecuriThink methodology draws on a bank of over 200 questions from which a dynamic subset is selected for your project.