While developing security plans, we often ignore one of the most powerful tools in our arsenal, corporate culture. Most studies indicate that security breaches by employees account about half of the security problems. Most employees who steal money, information, time or other resources from their employers do so, at least in part, to redress a perceived wrong. Regardless of the law, they rationalize that their actions are justified by the circumstances.
If we can influence corporate culture to enhance job satisfaction, we will eliminate some security problems. There are many ways to do this, and I will offer my opinions in the next few posts. In the meantime, I would like to hear from you about what you believe are the most important factors in a positive corporate culture.