What is considered a prerequisite for a successful security program according to the text?

According to the text, what percentage of global survey respondents identified a gap between their current and desired organizational culture of cybersecurity?

What is the main focus of the ISACA/CMMI study mentioned in the text?

Which organization developed the Security Culture Framework process?

What is the main goal of a security culture strategy according to the text?

Which of the following is NOT mentioned as an attribute of a healthy security culture?

What is the main challenge in measuring security culture according to the text?