The fourth part of Senteon’s CIS Benchmarks webinar series with Brad Powell shifts focus toward the people side of cybersecurity—how browser security settings can shape user habits and reinforce a company-wide security culture. Brad connects the technical with the tactical, explaining that securing Microsoft Edge through CIS Benchmarks is not only about data control and compliance but also about building a team mindset where everyone understands their role in cybersecurity.
Brad’s philosophy is simple: every small action, every setting adjusted, and every process streamlined helps make security a company value rather than a chore.
Brad opens by discussing settings that enforce accountability, such as disabling guest mode and restricting profile creation in Edge. While these configurations seem technical, they directly affect user behavior, ensuring that each action is attributable to an authorized user. Without guest access, each click and data entry is linked to a specific individual, which reinforces a culture of responsibility across the team.
For Brad, enabling this kind of transparency is an essential piece of company-wide security. When people understand that their actions are tracked, they’re more likely to adhere to security protocols, creating a shift in habits that supports the organization’s overall security goals. These changes might seem minor but have an impact that extends well beyond technical security into cultural behavior.
Another key takeaway Brad shares is the importance of consistency in security configurations, such as enforcing authentication protocols and ensuring that code integrity is monitored. For example, enabling command-line security warnings serves as a safeguard against unauthorized changes, helping companies ensure that any browser modifications are made only by authorized personnel.
Brad sees these security measures as signals to employees that security is prioritized at every level. By standardizing configurations like authentication and code integrity monitoring, companies set clear expectations for their teams, establishing a culture where security isn’t an afterthought but a daily practice.
A crucial point Brad emphasizes is the importance of executive support in fostering a security-minded culture. Top-down commitment is essential; when leadership champions these configurations as a priority, employees are more likely to adopt and respect security measures. Brad describes how executive buy-in can elevate the perception of security across the organization, making it a fundamental part of the business rather than a collection of policies.
As Brad explains, executives must not only endorse security practices but also communicate the reasons behind them to the team. With a committed leadership, the organization can cultivate a security-first mindset, which Brad notes is essential in regulated industries or any company with significant data protection needs.
For companies in sectors like finance and healthcare, browser configurations aligned with CIS Benchmarks serve as a proactive compliance measure. By focusing on settings that reduce data exposure, limit access, and enforce authentication, organizations can more easily meet HIPAA, PCI-DSS, and other regulatory requirements. Brad points out that when security and compliance standards are met, companies gain credibility with both clients and regulators, while reducing the risk of costly breaches.
Ultimately, Brad advocates for browser configurations as an accessible, practical tool for aligning security with business objectives. Each setting not only improves technical security but also demonstrates a tangible commitment to safeguarding data, fostering a company culture that values both security and trust.
To explore Brad’s full approach to building a security-first culture, watch the full episode here. Stay in the loop—register for upcoming episodes here. Ready to assess your own browser configurations? Senteon offers free internal and external reports; reach out with “settings webinar” in the comments here to start building your organization’s security foundation.