Challenges and Solutions for Building a Cybersecurity Culture in a Complex Organization

As the Cybersecurity Culture and Competence Manager at KONE, a global organization with over 65,000 employees, including factory workers and operatives, I face a significant challenge in implementing and embedding a strong cybersecurity culture.

While cybersecurity is a top priority for our leadership, and there is strong engagement from the highest levels, we encounter recurring obstacles in translating this commitment into tangible change. The complexity of our organization—spread across multiple countries, languages, cultures, and business units—presents unique challenges when it comes to reaching every employee and driving real behavioral change.

In this session, I will explore these challenges and offer practical solutions for building a sustainable cybersecurity culture in large, diverse organizations. I’ll share the key lessons learned from our efforts, including the communication barriers faced when working with a global, multilingual workforce and the difficulties in creating consistent cybersecurity awareness across varied employee segments, from office-based professionals to factory operatives.

Despite strong organizational support, the reality is that implementing a culture change is not as simple as setting goals and expecting results. We will dive into why initiatives often fall short, even when leadership buy-in is evident, and how to address the gap between strategy and execution. I’ll provide actionable insights into how organizations can:

- Leverage innovative tools and platforms to overcome cultural, language, and accessibility barriers.

- Establish effective communication channels that resonate with diverse employee groups.

- Measure and track the success of cybersecurity culture initiatives, despite the complexities of a global organization.

Through real-life examples, I will explain what has worked and what hasn’t in our journey.