Quiz Entry - updated: 2026.07.05
What role does the Geschäftsleitung play in security awareness, and what motivates management to support it?
GL support is indispensable — it provides resources and acts as role model; its own motivation comes from risk costs, business impact, legal requirements, certification benefits, and industry best practice.
Why GL support is unabdingbar (indispensable):
- Notwendige Ressourcen — personnel and financial; awareness without budget is a poster
- Vorbildfunktion — the role-model effect: if executives bypass MFA or forward mails to private accounts, no campaign repairs that. (This includes sensitizing the GL itself — leadership is also a target group, and a favorite phishing target: CEO fraud!)
What motivates the GL (the arguments a CISO uses):
- Sicherheitsrisiken und Kosten — risks and their financial consequences
- Auswirkung auf die Geschäftsprozesse — business process impact of incidents
- Gesetzliche Bestimmungen — legal obligations
- Vorteile einer Zertifizierung (ISO 27001) — market signal, customer requirements
- 'Best Practice' und Standards aus der Branche — peer pressure works on companies too
Tip: Note the theory echo — Vorbildfunktion is TPB's subjektive Normen in action: what leadership visibly does becomes the social norm employees follow.
Go deeper:
ISO/IEC 27001 — Wikipedia — Zertifizierung und Management-Verantwortung im ISMS untermauern das GL-Motiv.