Beyond Compliance: Cultural Change Enabling Transformation to a IT Security-Focused Culture through Communications
Within the last two decades, Federal agencies have been directed to engage in large-scale change efforts to develop and implement IT security programs that protect organizational assets. These efforts have been guided by regulations such the Federal Information Security Management Act (FISMA) and Office of Management and Budget Circular A-130, Appendix III, each of which specify that programs must be designed and executed immediately. All too often, program development efforts focus on compliance with these regulations and do not take action that supports changing cultural values. This paper advocates Federal agencies taking an approach to program development that reaches beyond compliance and enables cultural change. In doing so, this paper discusses how individual behavior change and organization-wide cultural change occur. Finally, the paper provides a step-by-step process for establishing a communications element within the IT security program to enable lasting change.
The Colloquium™ recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The goal of The Colloquium™ is to work together to define current and emerging requirements for information assurance education and to influence and encourage the development and expansion of information assurance curricula, especially at the graduate and undergraduate levels.
If you value our mission of service, please consider making a donation, or supporting the organization through charitable pledges.
Recent Posts
28th Colloquium - Writers Workshop
CISSE's next Writers Workshop is scheduled for April 25, 2024. This series is tailored for professionals and academics seeking to enhance their publication skills and amplify the impact of their research. This webinar is complimentary and will be hosted by CISSE's Editorial Committee.
28th Colloquium - Opportunities
The Colloquium for Information Systems Security Education™ offers a distinctive platform for showcasing your organization with precision, targeting not just cybersecurity enthusiasts, but the educators in cybersecurity.
Copyright © 2024 CISSE™. All rights reserved.