Kymatio Isotype
Why Kymatio
Partners
Book a demo
Book a demo
EN
Kymatio Isotype
Why Kymatio
Partners
Book a demo
This website uses cookies

We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

I acceptSettings
Cookie settings
Kymatio uses cookies to make your experience better. Check our Privacy Policy to learn more.
Strictly necessary (always active)
Cookies required to enable basic website functionality.
Accept all cookiesSave settings
Close
articles
Creating a Cybersecurity Culture. Recommendations, 5 things to do and 5 not to do
Cyberattacks
Cybersecurity Prevention

Creating a Cybersecurity Culture. Recommendations, 5 things to do and 5 not to do

by
Fernando Mateus
|
September 18, 2020

Building a strong cybersecurity culture starts with employees. Discover how Kymatio helps leaders improve awareness, training, and resilience, making the human factor the strongest link against cyber threats.

IN THIS article
Text Link
Book a demo

Expanding the Reach of Cybersecurity: Strategic Awareness for Leaders

In recent days, various experts have emphasized the need to expand the reach of cybersecurity, and I want to take this opportunity to join that line of strategic awareness for leaders of organizations of all sizes.

While reviewing Gartner’s Top Security Projects for 2020–2021—essential for all security and risk management leaders—I reflected on where Kymatio can best help our clients improve (which, by the way, are many).

Then a LinkedIn post caught my attention from J. Eduardo Campos (EMPA, CISM, CISA, CISSP, CPP), who stated:

“Make the human factor the best link by investing in people's training, awareness, and well-being.”

This, of course, aligns perfectly with our philosophy. Campos’ comment was a response to a post by Bret Arsenault, Corporate Vice President and Chief Information Security Officer at Microsoft, who said:

“Creating a cybersecurity culture at work becomes both more important and more challenging when employees work at home. Regardless of whether they're in the office or working remotely, employees are your last line of defense against cyber bad actors. Adopting interactive training and frequently testing with realistic scenarios can help drive an effective cybersecurity culture.”

Arsenault—recognized across the industry for innovative leadership—recommended reading Mark Soten’s article Creating a Cybersecurity Culture Starts With Your Team, published on SecurityIntelligence.

How Kymatio Helps Achieve These Objectives

From the “Do’s”:

  • Do test your employees monthly.
    Kymatio operates on a periodic basis with employees, with a default monthly cycle.
  • Do allow for a simple process to report suspicious emails.
    Kymatio goes further by preparing people to understand the motivations behind psychological manipulation techniques.
  • Do report program results to the C-suite.
    Kymatio provides clear, digestible metrics at both the organizational and personal level, tracking evolution over time.
  • Do use constructive, collaborative criticism.
    Kymatio quickly identifies where cultural change is needed and supports its implementation.
  • Do use interactive training before testing.
    Kymatio combines chat-based interactions to understand employee needs with situational cyber test sessions.

From the “Don’ts” (aligned with Kymatio’s philosophy):

  • Don’t be overly forceful with the program.
  • Don’t forget to involve managers, stakeholders, and IT teams.
  • Don’t repeat the same phishing test patterns.
  • Don’t start with overly complex concepts.
  • Don’t forget that security culture extends beyond the office.

At Kymatio, we are fully aligned with the spirit of Mark Soten’s words:

Your employees are the last line of defense against threat actors.

Read the full article here:
Creating a Cybersecurity Culture Starts With Your Team

📩 Contact us to learn how Kymatio allows you to manage human cyber risk.

Related information:

  • New Kymatio module prepares employees for social engineering techniques
  • Kymatio launches a module to manage the risks of employee's digital exposure
related articles

Explore more articles

Why an AI-Phishing Benchmark is Critical for Your 2025 Strategy
Cyberattacks
Cybersecurity Prevention
Why an AI-Phishing Benchmark is Critical for Your 2025 Strategy
by
Kymatio
|
August 19, 2025
NIS2 vs. DORA comparison — what applies to your organization
Cyberattacks
Cybersecurity Glossary
NIS2 vs. DORA comparison — what applies to your organization
by
Kymatio
|
August 1, 2025
Annual Campaign Calendar: Phishing, Smishing, Vishing and QRishing
Cyberattacks
Cybersecurity Prevention
Annual Campaign Calendar: Phishing, Smishing, Vishing and QRishing
by
Kymatio
|
July 29, 2025
ACTIVATE YOUR HUMAN FIREWALLS

Ready to uncover the real risk within your organization

Book a demo
Know the real risk
4.8 in Capterra

Join the Kymatio® newsletter and get the latest insights, research, and practical tips on cybersecurity awareness prevention straight to your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Services
HRMAssessment  & AwarenessAttack SimulationsBreach ScanDigital Wellbeing
Use cases
Public SectorFinancial SectorHealthcare SectorLarge enterprises
About us
Why KymatioKnow KymatioOur valuesSuccess Stories
Resources
BlogWebinarsWhitepapersNews
Get in touch
ContactLinkedInXFacebookYoutube
© 2025 Kymatio. All Rights reserved.
Privacy policy
·
Compliance
·
Cookies Policy
·
Legal Notice
·
AI Policy