The Cybersecurity
Culture Gap

An ISACA and CMMI Institute Study

The importance of strong cybersecurity is no longer in question in today's harrowing threat landscape, but less clear is how organizations put a strong culture of cybersecurity in place, beginning with leadership from the board of directors and inclusive of all employees. The 2018 Cybersecurity Culture Report from ISACA and CMMI Institute shows there is much progress to be made, as 95 percent of global survey respondents identify a gap between their current and desired organizational culture of cybersecurity.

The research shows that prioritizing investment in training can be a meaningful driver of strong cybersecurity culture, while annually measuring and assessing employee views on cybersecurity is among the other steps that can lead to heightened awareness and improved culture.

View the press release, infographic, blog posts and related resources for further insights on how organizations can build a stronger culture of cybersecurity to improve their profitability—and even their viability.

Executive Summary

Culture Considerations


It's Time to Stop
Today's Cybersecurity

by Gregory Touhill, CISM, CISSP

Read Article

Press Release

Study Reveals
Culture Gap




Blog Posts