Good security culture depends on an environment where managers and leaders—including those at the highest level—lead by example and support their staff to implement good security practice.
Leaders should be actively involved in managing and implementing good security, understand the threat and risk picture, and work to continuously improve security practice across their organisation. Leaders should always act as role models by recognising and demonstrating that security in the aviation sector is critical to success.
Executive commitment and oversight
A robust security culture requires clear commitment, support and leadership from executive management ensuring security considerations are integrated into the organisation, and the appropriate level of priority, responsibilities and accountabilities are made clear.
Organisational commitment to a robust security culture includes producing a charter and governance structure for security responsibilities. Ensure it is clear how this structure supports the board and/or executive leadership to gain meaningful insights into information to inform their decision-making on key security issues.
The charter should:
- Incorporate security responsibilities and accountabilities into senior management position descriptions, to set a clear expectation that security plays a core role in each leaders’ duties.
- Establish clear and measurable security targets for your organisation. Determine an appropriate way you can measure security performance within your operating context and track this over time to understand overall security behaviours.
- Ensure your organisation has a clear understanding of the relationship between financial targets and required security practices and outcomes.
Effective leadership communication on security
Strong communication from leadership is key to successfully building a strong security culture. Taking opportunities to promote messaging and highlight responsibilities through leadership engagement with staff, reinforces the importance of security matters as a management priority and sets clear expectations for staff to follow. Communication from leaders should be clear, concise, meaningful, timely and accurate.
Ways to communicate your security culture:
- Communicate clear messages on the threats and risks that security measures are designed to protect the aviation sector against, to achieve buy-in and ensure staff, managers and leaders have a good understanding of their threat/risk environment.
- Use organisational or sector publications, blogs, or articles to cover security updates relevant to all staff. Publicising the importance of security in your workplace signals to staff the role it plays in your organisation’s conduct and culture.
- Raise awareness of security incidents and the lessons derived from them. Security breaches and incidents are invaluable learning opportunities. These should be shared across your organisation in a positive way so that all staff may learn from them and adjust their processes or procedures accordingly to close security vulnerabilities.
Be a role model
Managers and leaders are stewards of the security system and play a vital role in both influencing requirements and ensuring correct behaviours become habitual. Aviation sector leaders should always lead by example, be role models for security behaviours, and inspire positive security practice from staff through their own actions and attitude.
- Apply security equally to everyone, all the time. Senior managers should not be given exemptions from security measures, nor should they encourage workarounds or circumvent ordinary processes.
- Leaders should be seen to respect and champion security practice, and fully participate in required security activities. Do not cut corners to save time or money in developing security policies and procedures.
Support your staff to be security aware
Leaders have a special role in supporting staff to be security aware and enabling them to understand and appreciate the importance of security initiatives in aviation and sector environments. Security awareness may not come naturally to all individuals; often these requirements are supplementary to what are already busy and demanding jobs. This reality further increases the importance of leadership support in enhancing the security culture of your organisation.
Ways to support staff to develop their security culture:
- Allow staff the necessary time and resources to comply with security measures, especially when under pressure from business-as-usual work commitments.
- Show patience and understanding when reinforcing positive security behaviours. Staff come from a range of backgrounds, and all have different levels of appreciation of issues. Allow time and support staff to develop and grow their knowledge.
- Become actively involved in security awareness events and staff briefings. Taking the time to attend sends the message to staff that managers and leaders prioritise security and are supportive of ongoing security initiatives.
Acknowledge positive security behaviour
Proactively acknowledging positive security behaviours can be a highly effective means of fostering a culture where security is talked about, valued, and prioritised by staff in your organisation. Recognise when positive security behaviours are demonstrated, acknowledge any shortcomings, and incentivise good security practice across the whole organisation.
You can acknowledge staff by
- Writing ‘thank you’ messages to acknowledge those who have performed effective security behaviours, including reporting suspicious activities or security breaches. Small gestures reinforce positive security behaviours and motivate staff to continually do the right thing.
- Recognising those who have performed security behaviours, in organisational newsletters or internal communications. This recognition is effective in highlighting what success looks like and becomes a model for others to follow.
- Considering employee rewards scheme to promote and reward positive security behaviours. These schemes are effective in tracking staff performance, incentivising positive actions, and demonstrating the importance of security to all staff in your organisation.
- Speaking openly about improvements that can be made to organisation security practices to make expectations clear for all staff.
Assess your security leadership [PDF 91 KB]