Security education and awareness programs are an important component of any organizations security posture. However, quantifying the effectiveness of such initiatives can be difficult. Prudential Financial is working on a new way to quantify cybersecurity culture internally. The goal is to create a reliable indicator of the company’s future risk. The insurance company sought to first define what it meant by company values, culture and behaviors. The test focused on five main security areas to determine how well users understood them: The business and what is business critical.”]