Culture

Culture is a concept that is easy to envisage, but hard to quantify and vocalise. It broadly refers to all the factors external to an individual that can influence their behaviour and cognitions. Within the research literature a distinction is often made between national culture and organisational culture, albeit with the acknowledgment that these concepts can become blurred when considering multi-national corporations. The rise of online technologies has added further complexities and debates around whether the internet constitutes a culture of its own, and how these cultural factors may influence cybersecurity. Cultural factors are something that impact not only on individuals and organisations seeking to protect themselves from cyber-attack; but also, the attackers who must consider how to shape their attack strategies to maximise impact within the culture of their targeted population. As discussed in this chapter, the organisational culture factors that can cause friction and barriers to productivity in legitimate businesses also appear to be evident in the cybercriminal ecosystem, at times exacerbated by the nature of trust relationships in those groups.