A toxic cybersecurity culture can harm morale, productivity, and security, which is why it's critical for organizations to address these issues early. In an article for CSO Online, Chris Reffkin, Fortra's Chief Security and Risk Officer, shares insights on recognizing the signs of a struggling security culture and taking corrective actions. His advice highlights the importance of leadership alignment, creating a supportive security environment, and empowering employees to prioritize security.
Originally published in CSO.
Excerpt: "The lack of a security-first culture will prevent or minimize the willingness of employees to raise issues that pose risks to the organization."