Security and Culture

Along with deploying security technology, organizations can forget about a key part of the whole security picture—the human component. In the podcast, Strengthening Intel’s Security Culture, Xochitl Monteon, Senior Director in Information Security at Intel IT, discusses the importance of looking at the culture of an organization when implementing a security strategy. She makes several key points including why security needs to be a mindset in multiple areas, the importance of security being part of the thinking of every employee and how people can be an unrecognized resource for security.

Security Needs to be a Mindset in Multiple Areas

From incorporating security thinking when building applications to opening e-mails, organizations need all their staff thinking about security. Retrofitting an application with the proper security is much more expensive than building it securely in the first place. To build security skills, Intel IT has set up an internal security college and required courses for all employees.

Security needs to be part of the thinking of every employee

From learning how to spot suspicious e-mails to how to handle specific kinds of data with the company, people play a key role in keeping the company secure. Intel provides multiple ways to educate employees on security.

People can be unrecognized resource for security

A security-aware employee population forms a human sensor and a human perimeter—another layer of protection in addition to automated security mechanisms. This becomes more and more important as the number of connected devices increases and more processing gets pushed into the cloud.

The podcast, Strengthening Intel’s Security Culture, is a fascinating listen, so I suggest you check it out to learn more about importance of looking at the culture of an organization when implementing a security strategy. For more information on Intel IT Best Practices, please visit www.intel.com/IT.

Published on Categories SecurityTags , , ,
Jeff Sedayao

About Jeff Sedayao

Jeff Sedayao is the domain lead for security in Intel's IT@Intel group. He has been an engineer, enterprise architect, and researcher focusing on distributed systems—cloud computing, big data, and security in particular. Jeff has worked in operational, engineering, and architectural roles in Intel's Information Technology group, done Research and Development in Intel Labs, as well as performed technical analysis and Intellectual Property development for a variety of business groups at Intel.