Welcome to NBlog, the NoticeBored blog

I may meander but I'm 'exploring', not lost

Sep 5, 2006

Security awareness for outsource partners

A security manager outlines the security issues he is tackling during a tour of various offshore partners in parts of the world where intellectual property rights don't necessarily mean quite what they do at home. He describes doing an hour's security awareness presentation , starting with an explanation of intellectual property by analogy to the [secret] recipe for chocolate chip cookies. Fair enough but I'm left with the impression that his well-meaning pep-talk will be forgotten as soon as he leaves the premises. Do they even eat chocolate chip cookies there, I wonder?
The article hints at the issues involved in generating security awareness amongst culturally diverse populations, something that we are constantly reminded of in our own security awareness products. On the trivial end of the scale, we sometimes let the odd English spelling or phrase slip into our US-biased writing and very occasionally someone feels compelled to tick us off about it (now that's a culturally charged phrase!). At the other extreme, we are struggling to make any headway whatsoever into the Middle and Far Eastern markets and I suspect the problem goes much deeper than the language of our materials. It is entirely possible that "security" means different things in different cultures, despite being generally accepted as a fundamental human/animal concept.
The Japanese lead the world in BS 7799-2/ISO 27001 certificates so information security is clearly important to them but I can't recall offhand a single sales inquiry from Japan. If anyone can tell me how the Japanese tackle security awareness, I'd love to know and to learn more.
Read our security awareness white paper and find more links on intellectual property protection