Singapore businesses stumbling over what security culture entails

Despite the number of high profile data breaches in recent years, Singapore employees apparently are scratching their heads over what it means to have a security culture. 

Just one third of IT decision makers in the Asian nation understood what constituted having a “security culture”, while 53% of employees admitted to never coming across the term, according to research commissioned by security training provider KnowBe4. Conducted by YouGov over a fortnight last December, the online survey polled 1,009 office workers and 214 IT decision makers in Singapore. 

Some 15% of IT decision makers also had never heard of security culture. Amongst 85% of those who recognised it, 73% knew what it actually meant.

And amongst the senior IT executives who understood what it meant, 6% did not believe their organisation needed a security culture. Another 14% said their organisation had such practices in place, but did not know how to successfully attain a security culture.

Asked to define what it meant, 79% of IT decision makers who knew the term pointed to an awareness of security issues, while 71% described it as recognition that security was a shared responsibility across the organisation. Another 57% pointed to compliance with security polices and 47% described as having security embedded into the corporate culture. 

Amongst employees, 30% noted that their organisation had not communicated about security culture and 53% had never heard of the term. Some 30% said their company had discussed security culture, though, a lower 23% said they

Read more