Norwegian security startup being showcased by IBM to provide businesses with the tools to create positive security culturesCeBIT, Hanover, Germany – 16th March 2016 – Norwegian security culture startup CLTRe has announced today at CeBIT its Security CLTRe Toolkit.

This Software-as-a-Service (SaaS) based toolkit will be demonstrated on the IBM Stand, Hall 2, Booth A10, Demopoint 122 at CeBIT.

CLTRe logo

The toolkit will provide organizations from SMEs to large multinationals across the globe with the tools necessary to easily assess, build and improve security culture within their organization.
It is based on the Security Culture Framework created by Kai Roer, CEO and founder of CLTRe, from over 20 years’ experience working in security culture best practice consultancy, and is a versatile tool to finally understand an organization’s security culture level, and how to improve it.
The Security CLTRe Toolkit is the only toolkit to accurately measure security culture; the ideas, customs and social behavior that impact security.

CLTRe is working with SINTEF and the University of Ljubljana to enhance the social scientific methods of measuring security culture.
According to Kai Roer, CEO and founder of CLTRe, “The human factor is still one of the top reasons for data breaches today.

Effectively training employees to help them discover and avoid threats has been largely unsuccessful if we are to believe the data breach reports. Why, then, do we keep using the same techniques and content to train employees? Instead we should be looking at our employees’ social behavior by measuring the individuals’ and the organization’s overall security culture.”
Roer continued, “It never stops to amuse me to see how companies throw good money into security awareness trainings without any proof that the investment actually pays off.

According to Gartner, more than 2.6 Billion USD is spent on security awareness trainings worldwide. No-one in their right mind would do that without being able to show return on investment.

And no, we are not talking about the number of employees trained every year. We need to talk about how the employees change their social behavior and the organization’s security culture.

Before now that would be impossible, because no method existed.

Today, however, I am proud to announce the Security CLTRe Toolkit, the world’s first scientific method and Software-as-a-Service created to measure security culture.”
The software based toolkit works to achieve three key areas of security culture best practice:
Assessing security culture within the organization. Measuring security culture is the critical first step for improving it.
It is vital to document the cultural change to reduce risk and ensure compliance.

Assessments are created in cooperation with European research groups to ensure the utmost quality.
Building strong security culture within the organization.

Based on assessment using the toolkit, organizations can design and implement security culture campaigns to improve their security culture using the Security Culture Framework principles.

The toolkit ensures campaigns are adjusted to the requirements of specific industries such as: Bank and Finance; Oil, Gas and Energy; Healthcare; Government and Defense.

There is also an option specifically for small and medium sized enterprises (SME’s).
Continuous improvement and monitoring.

The human factor of security in an organization needs constant attention.

The toolkit helps organizations learn exactly where in the organization they need to focus to ensure ongoing improvements.The toolkit is available across all platforms from desktops to mobile devices SaaS (Software-as-a-Service) tool that works on any modern browser.
The toolkit is available as 14-day trial online at:
Notes to EditorsTo demo the toolkit or secure a briefing with CLTRe at CeBIT, please contact Rose Ross onsite (contact details below).
About CLTReCLTRe (pronounced Culture) is a European Software-as-a-Service (SaaS) company focusing on changing security behaviours headquartered in Oslo, Norway.

CLTRe’s approach is to use the globally leading, de-facto standard Security Culture Framework, to facilitate the necessary transformation to assess, build and improve the security culture.

The framework actually forms part of the curriculum of the MBA in Cybersecurity Management.
CLTRe’s CEO and founder Kai Roer is a driving force behind leading global security culture event, The Security Culture Conference, which is being held on the 14th and 15th June 2016 in Oslo, Norway.
For more information, visit the CLTRe website on: or follow them on Twitter on
Media ContactOmarketing for CLTReRose 8255 5225+44 (0)7976 154 597 (Onsite at CeBIT)@omarketingnews