Norwegian security culture startup CLTRe has announced today at CeBIT its Security CLTRe Toolkit.
The SaaS-based toolkit will provide organizations from SMEs to large multinationals across the globe with the tools necessary to easily assess, build and improve security culture within their organization. It is based on the Security Culture Framework created by Kai Roer, CEO and founder of CLTRe, from over 20 years’ experience working in security culture best practice consultancy, and is a versatile tool to finally understand an organization’s security culture level, and how to improve it.
The Security CLTRe Toolkit is the only toolkit to accurately measure security culture; the ideas, customs and social behavior that impact security. CLTRe is working with SINTEF and the University of Ljubljana to enhance the social scientific methods of measuring security culture.
“The human factor is still one of the top reasons for data breaches today. Effectively training employees to help them discover and avoid threats has been largely unsuccessful if we are to believe the data breach reports. Why, then, do we keep using the same techniques and content to train employees? Instead we should be looking at our employees’ social behavior by measuring the individuals’ and the organization’s overall security culture,” said Kai Roer, CEO and founder of CLTRe.
The software based toolkit works to achieve three key areas of security culture best practice:
Assessing security culture within the organization
Measuring security culture is the critical first step for improving it. It is vital to document the cultural change to reduce risk and ensure compliance. Assessments are created in cooperation with European research groups to ensure the utmost quality.
Building strong security culture within the organization
Based on assessment using the toolkit, organizations can design and implement security culture campaigns to improve their security culture using the Security Culture Framework principles. The toolkit ensures campaigns are adjusted to the requirements of specific industries such as: Bank and Finance; Oil, Gas and Energy; Healthcare; Government and Defense. There is also an option specifically for SMEs.
Continuous improvement and monitoring
The human factor of security in an organization needs constant attention. The toolkit helps organizations learn exactly where in the organization they need to focus to ensure ongoing improvements. The toolkit is available across all platforms from desktops to mobile devices SaaS tool that works on any modern browser.