Security teams can’t protect what they cant see. Security teams should empower users with a culture of personal responsibility. IT and security teams should treat data security in the same way they approach other company policies like health and safety. CISOs should concentrate on providing a strong security culture, says Mark Parr, CISO at KPMG UK. A good security culture looks like that of intuitively understanding people’s day-to-day activities and having the confidence and ability to mitigate that risk, says Parr.”]
Source: https://www.csoonline.com/article/3404518/4-ways-to-build-a-strong-security-culture.html