Your shopping cart is currently empty.
Indispensable guide to help create a robust security culture that will be understood by your staff and the business.
When implementing security polices, information security professionals are constantly faced with a conflict between the security team and the rest of the business. They must ensure that their organization is adequately addressing information security risks, whilst also communicating the value of security appropriately.
David Ferbrache, Technical Director at KPMG UK, says “No approach can ever succeed without considering people – and as a profession we need to look beyond our computers to understand the business, the culture of the organizations, and, most of all, how we can create a security environment which helps people feel free to actually do their job.”
By gaining an understanding of the psychology of information security, you can ensure your security program is a success.
Based on insights gained from academic research and interviews with security professionals from various sectors, this essential guide explains the importance of careful risk management and reveals how to align a security program with wider business objectives, providing methods and techniques to engage stakeholders and encourage buy-in.
The Psychology of Information Security redresses the balance by considering information security from both end users’ and security professionals’ perspectives, and helps you to understand how a security culture, that puts risk into context, promotes compliance.
Leron Zinatullin (zinatullin.com) is an experienced risk consultant specialising in cybersecurity strategy, management, and delivery. He has led large-scale, global, high-value security transformation projects with a view to improve cost performance and support business strategy.
He has extensive knowledge and practical experience in solving information security, privacy, and architectural issues across multiple industry sectors.
He has an MSc in information security from University College London, where he focused on the human aspects of information security. His research was related to modelling conflicts between security compliance and human behaviour.
