How To Use Your Company’s Culture to Decrease Risk

by | Apr 12, 2022 | 37th CELAES Bank Security Conference, Fiba Blog

Humans are not rational, cultural forces greatly influence how they act. “We deal with a combination of knowledge, values, beliefs, and behaviors. When we think of all that in totality we can use combinations of those elements [to influence others] in the direction we want but this is not an overnight journey,” says Perry Carpenter, an awareness practitioner, CISO mentor, researcher, and author.

According to him, awareness doesn’t necessarily mean actions will follow. That is why he advocates for a more practical behavior management approach. “Just because someone is aware doesn’t mean they will care. We must give the right messaging to the right people at the right time but also implement technology that helps and incentivizes the right behavior,” he says.

In Perry’s opinion, to move more from awareness to behavior, drive down risk in a sustainable way, and build a culture that self-reinforces the values you are looking to get, you need to look at the culture.

During his keynote address  at the upcoming 37th Latin American Congress of Experts in Banking Security – CELAES 2022 in Miami, he will explain how to drive human risk down in your organization by focusing on awareness, behavior, and culture.

“Within an established social norm, normalized behavior in a group, those that do not conform and act  negatively are called deviants while those that do so in a positive way get idealized. They become an example everyone aspires to. We need to understand the social dynamics of an organization to push towards the positive side.”

Perry will share insights from both his books, teaching the audience what organizational culture is, how it is measured, how to intervene and move it in the desired direction, using his recently launched “security culture maturity model.” The model is based on the capabilities maturity model but uses evidence-based information and factual data, therefore moving from a conceptual model to an actionable one by giving them the tools and language to understand what culture is and move the needle.”

Hear more about Perry’s ground breaking work and learn from other industry leaders on June 20 and 21, 2022 in Miami.

Register now and enjoy early bird prices! Plus the first 250 people to register will win a signed copy of Perry Carpenter‘s “The Security Culture Playbook” or Peter Warmka, CFE, CPP‘s “Confessions of a CIA Spy, The Art of Human Hacking.”  

Humans are not rational, cultural forces greatly influence how they act. “We deal with a combination of knowledge, values, beliefs, and behaviors. When we think of all that in totality we can use combinations of those elements [to influence others] in the direction we want but this is not an overnight journey,” says Perry Carpenter, an awareness practitioner, CISO mentor, researcher, and author.

According to him, awareness doesn’t necessarily mean actions will follow. That is why he advocates for a more practical behavior management approach. “Just because someone is aware doesn’t mean they will care. We must give the right messaging to the right people at the right time but also implement technology that helps and incentivizes the right behavior,” he says.

In Perry’s opinion, to move more from awareness to behavior, drive down risk in a sustainable way, and build a culture that self-reinforces the values you are looking to get, you need to look at the culture.

During his keynote address  at the upcoming 37th Latin American Congress of Experts in Banking Security – CELAES 2022 in Miami, he will explain how to drive human risk down in your organization by focusing on awareness, behavior, and culture.

“Within an established social norm, normalized behavior in a group, those that do not conform and act  negatively are called deviants while those that do so in a positive way get idealized. They become an example everyone aspires to. We need to understand the social dynamics of an organization to push towards the positive side.”

Perry will share insights from both his books, teaching the audience what organizational culture is, how it is measured, how to intervene and move it in the desired direction, using his recently launched “security culture maturity model.” The model is based on the capabilities maturity model but uses evidence-based information and factual data, therefore moving from a conceptual model to an actionable one by giving them the tools and language to understand what culture is and move the needle.”

Hear more about Perry’s ground breaking work and learn from other industry leaders on June 20 and 21, 2022 in Miami.

Register now and enjoy early bird prices! Plus the first 250 people to register will win a signed copy of Perry Carpenter‘s “The Security Culture Playbook” or Peter Warmka, CFE, CPP‘s “Confessions of a CIA Spy, The Art of Human Hacking.”