Governance & Risk Management , Leadership & Executive Communication , Training & Security Leadership
Profiles in Leadership: Hilary Walton
Building a Security Culture Is Rooted in Motivation, EducationOne of Hilary Walton's backgrounds is in organizational psychology, a field that is well aligned with thoughts on how to influence security culture.
See Also: Post-Transformation: Building a Culture of Security
Walton is CISO for Kordia Group in New Zealand, which is a telecommunications and broadcast infrastructure provider. Previously she worked in the U.K. with Mi5's behavioral science unit looking at security culture and was also head of information security, cyber security and security culture for the 2012 Olympics in London.
Building a security culture comes down to inspiring and motivating people to effect behavioral and cultural change, she says. Policy and education has its role, but also less overt "nudges" that encourage people to take the right path, such as following good security habits of their peer group, are important as well.
"It's about getting people to do something rather than just tell them," Walton says. "If you think about that in security, often we're telling people the messages and they just don't stick, people don't change their behavior."
In this video interview with Information Security Media Group as part of CyberEdBoard's ongoing Profiles in Leadership series, Walton discusses:
- How organizations can benefit by having people from different educational backgrounds in security;
- What factors contribute to a positive security culture and how to shape that culture;
- How to make risk more visible to executive teams.
Walton is CISO of Kordia Group and responsible for the business-critical connectivity, cybersecurity and cloud solutions for clients in both Australia and New Zealand. Previously, she worked for Mi5 in London and the London 2012 Olympic and Paralympic Games leading the information security program. She also an active podcaster, broadcasting her Digital Culture Ideas show, which is on YouTube and Apple Podcasts.
CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.