Map your security culture
CLTRe Discover automates the distribution and collection of security culture assessments throughout your organisation to give you a precise picture of the security landscape of your business, and enabling you to determine:
- which areas need improvement
- what to focus on next
- who to involve and engage
- the effectiveness (value) of your programme
Also included are dedicated assessments and recommended action items for the security leaders in your organisation.
See the changes
By using a reliable and replicable method to ensure you measure the same thing, the same way every time, you are able to gather valuable data that is comparable over time. Scores are collected on an individual level and aggregated to create the score of each team, department and business unit.
- Identify potential insider threats and learn how to mitigate them
- Create a baseline and benchmark progress
- Pinpoint your strengths and weaknesses, and influence culture where it’s needed
- Document your effectiveness (in line with GDPR article 32.1d)
Demonstrate value
CLTRe Discover provides you with the data you need to demonstrate the effectiveness (value) of your security awareness/culture programme. Identify your strengths and weaknesses, focus your efforts more efficiently and gain different perspectives on the security culture throughout your organisation.
The Seven Dimensions of Security Culture
The CLTRe Toolkit measures security culture on the following seven dimensions:
- ATTITUDES*
Employees’ feelings, thoughts and emotions about the various activities that pertain to security culture. - BEHAVIOUR*
Actual or intended activities of employees that have direct or indirect impact on security culture and information security, including risk taking behavior. - COGNITION*
Employees’ awareness knowledge and beliefs regarding practices, activities and self-efficacy that are related to security culture. - COMMUNICATION
Employees’ feelings, thoughts and emotions about the various activities that pertain to security culture.
- COMPLIANCE
Awareness of existing organizational policies on information security, understanding and making significance of them, acting in line with them. - NORMS
Unwritten expectations regarding appropriate behaviors pertaining to usage of information technology in organizational context, perception of what practices are normal and unproblematic. - RESPONSIBILITY
Perceived obligation or role to behave correctly towards maintaining security culture.
See all the tools available:
CLTRe Discover
Discover what your security culture landscape looks like
CLTRe Insight
Identify the weakspots and strongholds of your security culture
CLTRe Profile
Involve and engage employees throughout your organisation
CLTRe Interact
Provide a safe way for employees to engage with you and provide feedback anonymously
Delivering Actionable Data
The CLTRe Toolkit uses social science principles and methodologies to measure ideas, customs and behaviours of employees. Let it take the guesswork out of your security awareness activities, and start building a strong security culture to combat cyberthreats!
- Measure norms, attitudes, and social behaviours
- See cultural differences organisation-wide
- Influence the culture where it’s needed
- Measure the effectiveness of your programme
- Non-intrusive to the employees
- No training required
- Minimal distraction for employees
- Deep insights for the CISO
Find Your Industry
The CLTRe Toolkit has bee designed to address the unique challenges that different industries face. Discover how it enables you to assess, build and improve the Security Culture in your industry.
Bank and Finance
The Banking and Financial Services Sector has to pay particular attention to risk, control and compliance. The CLTRe Toolkit is directly applicable to assess, build and improve Security Culture in the Banking and Financial Services sector.
Government
Government and Public Sector organisations face clear security challenges. The need to be accountable for a citizen’s most sensitive data in today’s environment of squeezed budgets, means that security is high on the list of pain points.
Healthcare
The Healthcare sector faces a unique set of security challenges. Ensuring patient data is secure whilst also available to a number of potential caregivers, can be tough, especially combined with high levels of regulatory compliance.
ICT
Large multi-national ICT organisations face a multitude of security challenges. The ICT sector is expected to be at the top of the game for Security Culture yet, it faces similar security issues to many other industries.