A Deep Dive into Winning Infosec Using Stickiness and Oiliness

Last year at the AISA conference, I presented on 8 essential ways of doing infosec - what I called the “More-Essential Essential-8”. In the talk, I noted that each of the “ways” could use more detail and this talk is a deeper dive into the one I called “Oiliness and Stickiness”. I believe that by organisations embracing the concepts of oiliness and stickiness, they can leverage corporate culture to increase the effectiveness of the information security department beyond what the department can achieve on its own. I will present some practical examples that I have seen and how these have helped. I will also give some first steps that can be taken immediately in order to get started with embedding this culture into your organisation.