Fork me on GitHub

Culture and Org. -> Education and Guidance: Reward of good communication

Risk and Opportunity

Risk: Employees are not getting excited about security.
Opportunity: Good communication and transparency encourages cross-organisational support. Gamification of security is also known to help, examples include T-Shirts, giftcards and 'High-Fives'.

Exploit details

Usefullness: Medium
Required knowledge: Medium (two disciplines)
Required time: Low
Required resources (systems): Very Low

Additional Information

Implementation hints: One example is the distributon of buttons as a reward, see OWASP Security Buttons Project