CeBIT, Hanover, Germany: Norwegian security culture startup CLTRe has announced at CeBIT its Security CLTRe Toolkit. The toolkit will provide organizations from SMEs to large multinationals across the globe with the tools necessary to easily assess, build and improve security culture within their organization. It is based on the Security Culture Framework created by Kai Roer, CEO and founder of CLTRe, from over 20 years’ experience working in security culture best practice consultancy, and is a versatile tool to finally understand an organization’s security culture level, and how to improve it.
The Security CLTRe Toolkit is the only toolkit to accurately measure security culture; the ideas, customs and social behavior that impact security. CLTRe is working with SINTEF and the University of Ljubljana to enhance the social scientific methods of measuring security culture.
According to Kai Roer, CEO and founder of CTRLe, “The human factor is still one of the top reasons for data breaches today. Effectively training employees to help them discover and avoid threats has been largely unsuccessful if we are to believe the data breach reports. Why, then, do we keep using the same techniques and content to train employees? Instead we should be looking at our employees’ social behavior by measuring the individuals’ and the organization’s overall security culture.”
Roer continued, “It never stops to amuse me to see how companies throw good money into security awareness trainings without any proof that the investment actually pays off. According to Gartner, more than 2.6 Billion USD is spent on security awareness trainings worldwide. No-one in their right mind would do that without being able to show return on investment. And no, we are not talking about the number of employees trained every year. We need to talk about how the employees change their social behavior and the organization’s security culture. Before now that would be impossible, because no method existed. Today, however, I am proud to announce the Security CLTRe Toolkit, the world’s first scientific method and Software-as-a-Service created to measure security culture.”