Poor security culture accounts for 3 in 4 breaches
Let's fix that!
CLTRe was established in 2015 to accurately answer the question, how do you measure security culture? Pooling the knowledge and experience of its co-founders and a wider team of experts together, CLTRe provides effective and easy-to-use tools that use proven social scientific methods and principles to provide evidence-based results and enables organizations to assess, build and improve their security culture.
This suite of solutions is aptly named the Security Culture Toolkit.
Meet our management:
Co-founder and CEO
With over 20 years experience in the Security sector, Roer is an award winning specialist on security behaviours and Security Culture. He is also the creator of the Security Culture Framework and community.
Roer is an avid and engaging speaker, trainer and writer. The author of “Building a Security Culture”, “The Cloud Security Rules” and “The Leadership Workbook”, amongst other titles, Roer also writes for several monthly columns. He is frequent speaker at industry conferences like CeBit, RSA, and InfoSecurity Europe, and serves on several advisory boards.
Kai is proud to have received the following recognitions:
- Ron Knode Service Award by the Cloud Security Alliance
- NCI Fellow at the National Cybersecurity Institute in Washington DC
- Mentor at the Founder’s Institute
- Member of the Permanent Stakeholder Group for the European Union Agency for Network and Information Security (ENISA)
- JCI ITF #132
- Amazon Bestselling Author
Co-founder and COO
With a background in sales and marketing from several industries within the Nordics and the UK, Aimee Laycock first joined CLTRe to manage Business Development. Now, in her role as COO and co-founder, Aimee is enjoying being able to influence the way the company grows, the product develops and the business succeeds.
Rapidly being recognised as a thought leader within the industry, Aimee is learning to enjoy the stage as she travels the world sharing CLTRe’s insights with audiences in both the public and private sector.
Aimee has a Bachelor of Science degree in Business Economics from the University of Surrey, England and received numerous awards for her achievements and outstanding performance in previous roles.
Dr. Gregor Petrič
Co-founder and Chief Scientist
A leading researcher in ICT, society and social informatics, Gregor brings considerable expertise in information security culture. He and his team of researchers, based in Ljubljana, Slovenia, are responsible for furthering CLTRe’s research in this specialist field.
Studying the relationship between people and technology has been Gregor’s lifework. In the early stages of developing our security culture measurement tool, Gregor’s extensive experience has been invaluable in developing the seven dimensions used by CLTRe to evaluate how organisational culture pertains to security and ensuring the reliability and validity of our tools.
As well as a co-founder of CLTRe and our Chief Science Officer, Dr Gregor Petric also holds the following positions and credentials:
- Associate Professor, Social Informatics, University of Ljubljana
- Chair of the Center for Methodology and Informatics
- Scientific Excellency Award
- Awarded for best PhD by the University of Ljubljana
His extensive research on information security culture, social informatics, ICT and society has been published by the most-cited scientific journals in the field, e.g. The Information Society, Computers and Human Behavior, Cyberpsychology, Journal of Medical Internet Research, and more.
Security Culture Defined
"the ideas, customs and social behaviours that your organisation, and its subgroups, have, use and act upon to create a state of being free from threat and danger"
Kai Roer, Build a Security Culture, 2015
What we do
Security culture is an effective mechanism to influence employee behaviour and thereby reduce risk. We help organisations measure and manage their security culture by providing an efficient platform to assess and build their security culture or awareness training programs. Dissatisfied with the lack of useful metrics that awareness programs typically provide, organisations come to us from around the world for services that include:
- security culture assessments,
- action items tailored to their needs,
- external and internal benchmarking used to meet compliance requirements,
- detailed reports and insights that provide clear strategical direction for managing security culture
Customers include both private and public organisations, such as large banks, multinational retailers and governmental organisations. CLTRe bring insights on human behaviour from a security perspective to influential industry and government bodies, researchers and security practitioners worldwide. We are passionate about helping organisations understand and make sustainable improvements to their security culture long-term.
Our team is growing, with some located in Norway, some in South-East Europe and others in Asia and the USA. We believe in respect, trust and communication, and work together to learn something new every day. A great team is a critical building block to security culture.
At CLTRe we believe in continuous improvement. We adhere to a fail fast philosophy by testing and learning, and we use lean principles to build our products, services and business. The CLTRe Crew consists of great people with amazing skills, and we like to see our people work together to learn and grow.
We believe in respect, trust and communication. We respect differences, trust in ourselves and our colleagues, and we communicate our concerns. An environment built on these values enables us to grow strong as a team, to challenge the status quo, and to constantly face challenges by focusing on solutions.
Join the CLTRe Crew!
Tech Trailblazers Winner
CLTRe have been selected as a winner in the Firestarter category in the Tech Trailblazers Awards.
The Firestarter award is to showcase young and excellent global startups in the technology sector. The shortlist is selected by a panel of leading IT industry experts and winners decided by public vote.
Recommended by ENISA
In their report, ‘Cyber Security Culture in Organisations’, ENISA set out the best practices for creating, maintaining and working with cybersecurity culture. They recommend that organisations measure the seven dimensions of security culture as created by CLTRe and refer the CLTRe Toolkit as an off-the-shelf solution. (The only solution to be named in the report!)
Given EU Seal of Excellence
CLTRe are honoured with a Seal of Excellence issued by the European Commission. Following evaluation by an international panel of independent experts, the CLTRe Toolkit has been recommended for funding, scoring as a high-quality project proposal in a highly competitive evaluation process. The certificate was delivered by the European Commission as the institution managing Horizon 2020, the EU Framework Programme for Research and Innovation 2014-2020.
Where we are
SEND A MESSAGE
In the media
Today @getcltre pitched measuring the #HumanInside to business representatives from @orange. Proud and honoured to have been invited to this @EU_EIC matchmaking event in Paris. Thank you! #OrangeStartup #EIC #BusinessAcceleration #SecurityCulture pic.twitter.com/vn1oFarmrI
— CLTRe Research (@CLTReResearch) March 14, 2019
— Dan Raywood (@DanRaywood) December 11, 2018
— Help Net Security (@helpnetsecurity) February 9, 2018
— Help Net Security (@helpnetsecurity) September 25, 2018
It is so cool to see @enisa_eu use our work in their #securityculture report! https://t.co/xEcncBajpk
Especially honoured to see they recommend the @SCFramework and that measuring culture is necessary! cc. @getcltre Thank you!
— Kai Roer (@kairoer) February 7, 2018
— Tom Andreas Mannerud (@TAMannerud) October 3, 2017
— Cyware (@CywareCo) May 8, 2017
— Shan Lee (@secwaza) May 8, 2017
Great to read your comments on this, Kai. And my experience from working with you is definitely that CLTRe is the place where #diversity is welcomed. Supercool place to work! Thanks, Kai!
— Jonas (@JonasHusabo) January 24, 2019
— The People Hacker (@Jenny_Radcliffe) December 21, 2018
— Kai Roer (@kairoer) October 7, 2018
How can companies evaluate their metrics, and measure cultural change inside their organization? Interview with Aimee Laycock @getcltre https://t.co/xHkskW57oK #infosec #securityculture #benchmarking pic.twitter.com/fZMehe1RCT
— Infosecurity Mag (@InfosecurityMag) September 17, 2018
— Help Net Security (@helpnetsecurity) May 8, 2017
— CLTRe Research (@CLTReResearch) May 8, 2017
— Joe Pettit (@joepettit2) May 8, 2017