Perry Carpenter - The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer

1. Chapter 12

1. Chapter 1
2. Chapter 2
3. Chapter 3
4. Chapter 6
5. Chapter 8
6. Chapter 9
7. Chapter 10
8. Chapter 12
9. Chapter 13

The best security behaviors are the ones you never think about, that get ingrained as habits and become part of who you are. Perry's exploration of security as a cultural force, created by processes and communications but separate from them, is a unique look into precisely that zone of our identity. By stepping away from our biases about what security looks like and focusing on what it practically does, this book invites us forward.

Matt Wallaert, Behavioral Scientist and Author of Start At The End: How to Build Products that Create Change

In my time advising companies on how to become more resilient to social engineering, Ive always touted the importance of building a strong security culture. Perry Carpenter is one of the worlds foremost experts in how to do just that. Security leaders and business executives would be wise to listen to his advice and implement his suggestions.

Kevin Mitnick, Principal, Mitnick Security

Perry has his finger on the pulse of security awareness culture and knows how to bring it to life. His real-world expert advice focuses on what is actionable and most essential for protecting your organization right now.

Rachel Tobac, CEO of SocialProof Security and Friendly Hacker

Perry Carpenter understands that cyber security takes both technology and human accountability. In this excellent new book, he is able to show how both must work together to keep our companies, institutions, and society safe and secure. You should find a number of best practices and insights in this timely book.

John R. Childress, Chairman, PYXIS Culture Technologies

Security culture is fundamental to organizational resilience, efficiency, and success. Perry Carpenter is one of the worlds leading experts in this space, and he communicates his expertise in a way that is engaging and accessible for all.

Dr Jessica Barker, co-CEO of Cygenta and Author of Confident Cyber Security

My friend Perry Carpenter has had a long and distinguished infosec career and has had a front row seat to the cybersecurity culture wars from the very beginning. I cant think of a better guide for organizational executives trying to reduce their inherent risk via an improved internal security culture.

Rick Howard, CSO, Chief Analyst, and Senior Fellow at the CyberWire. Past lives include CSO at Palo Alto Networks, TASC, iDefense GM, Counterpane SOC Director, and the Army's Computer Emergency Response Team (CERT) Commander

Perrys forgotten more on human element security than the rest of us will ever know! Perry understands how our brains work, and how that affects our propensity to be both duped by bad guys and engaged by security awareness content. Hes one of my go-to people in the field.

Lisa Plaggemier, Executive Director, National Cybersecurity Alliance

Security is very much a human issue, and there is no other human I would turn to in order to understand the critical crosshairs of where technology meets culture more than Perry Carpenter. He walks in both realms effectively and, if you want to truly understand how to keep safe in a world without secrets, Perry is your guide and guru. He and Kai have created and curated a playbook that our world needs now more than ever.

Michael Leckie, Author of The Heart of Transformation: Build the Human Capabilities That Change Organizations for Good

Too frequently those of us in security think technology first without truly understanding the first priority issue of organizational culture. Culture is integral to organizational success and initiatives. Perry Carpenters work in this space is truly second to none. Building on the insights from Transformational Security Awareness, Perrys work illustrates the vital role of culture with respect to our security programs and risk management.

Matt Stamper, Co-Author of the CISO Desk Reference Guide (Volumes1 & 2) CISO & Executive Advisor

Kai is a pioneer in security culture awareness, showing CISOs how to drive meaningful changes and move their organizations forward.

Mirko Zorz, Editor in Chief, Help Net Security

Kai has been pioneering the concepts around security culture for more than a decade, and I've known him for that time as he's built, and sold up, his CLTRe concept. His knowledge on benchmarking a security culture is second to none.

Dan Raywood, Cybersecurity journalist (former)

I have seen Kai Roer demonstrate his passion and sincere dedication to improving the security culture of organizations for many years. Kai providing guidance for executives to understand their role and responsibility for creating a secure business ecosystem, through using The Security Culture Playbook, is a brilliant idea!

Rebecca Herold, CEO of The Privacy Professor consultancy, and Privacy & Security Brainiacs SaaS services

I am enthused to learn that Kai Roer has written a new book about security culture.

Kai Roer has taken his many years of cyber experience and combined those with a vested interest in cyber security. By using Kai's Security Culture Framework, I got a tool to address the human and cultural factors in our organization to improve the security maturity.

With clear, everyday examples and analogies to reveal social and cultural triggers that drive human behaviour he guided me through my work. I immediately saw the experience, knowledge, and interpersonal skills that he had for working with people. I most admire Kai for his humor, his determination to reach whatever goals he has put up, and his devotion to throw light on the less technical part of information security.

Anne-Marie Eklund Lwinder, Founder of Amelsec AB, inducted into the Internet Hall of Fame, Member of the Royal Swedish Academy of Engineering Science

There is no one better placed to present expertise related to security culture than Kai. Further, developing a security culture within a given organization is the first line of defence, which makes this book essential reading.

Raj Samani, McAfee Fellow, Chief Scientist

Kai Is the world leader on security culture helping organizations understand what culture they currently have, what culture they would like to have, and more importantly how to get there.

Quentyn Taylor, Senior Director Product, Information Security and Global Incident Response Canon Europe Middle East and Africa

For over a decade, Kai Roer has advised and guided security executives on leading teams and developing culture. His pragmatic approach, informed by psychology and backed by metrics, moves beyond the fluffy platitudes so often found in leadership books. If you are looking for where to begin or wondering what good looks like, Kai Roer's expertise lights the path.

J. Wolfgang Goerlich, CISO

I was quite happy living with the knowledge that I had invented the phrase Security Culture. Then I met Kai. He had been working on the concept for a couple of years already and went on to become the master of the subject. I am proud to have been on some of that journey with him and have followed and implemented his work at some of the most forward-thinking organizations on the planet.

Shan Lee, CISO, Wise PLC, ex-Just Eat

Kai is a consummate professional cyber security risk adjudicator and educator; I have known Kai and worked with him for several years, and he is someone I implicitly trust in all settings.