This chapter covers
- Comparing different types of company cultures and learning how they impact security
- Learning how to leverage the three concepts of cybersecurity to build and enhance your own organization’s security culture
- Learning how to protect against the most common form of attack: ransomware
- Providing good education and support to end users and using this to create a powerful culture of security
Computers do what we program them to do, but people are unpredictable and fallible. This makes the people in our organizations much better targets than our closely monitored and protected computers and software. But protection isn’t about stopping people from doing things; it’s about educating them, supporting them, and making it easier for them to be more secure when doing their everyday work. Before we go further, you’ll find it helpful to have read chapter 3 (where we talk about the hacker mindset and the different types of hackers) and chapter 5 (where we looked at social engineering attacks and how these different types of hackers exploit end users).