Infosec is a lot like punk rock. We?re an odd sub-culture full of odd people driven by oddly intense passion. In response to increasingly sophisticated attacks, and a series of well televised breaches, the infosec industry has been calling for organizations to ?change the security culture.? But like other sub-cultures we have issues communicating our ideas to the masses. We have a duty to evangelize for security in a way that doesn't expect infosec militants but rather naturally grows a security culture from the bottom up. You can't teach someone to like punk rock. But over time the Sex Pistols' influence eventually led to Offspring, Green Day and Blink-182, and fans of those successful bands were not typically part of the die-hard punk rock sub-culture. Our culture can, and will, adapt this way. If we want to scale we also need to go pop - but we can't do it overnight. We will give an introduction to complexity theory and the psychology of belonging to a sub-culture. We will show how you can grow your security team and broaden awareness with these ideas in mind - and show a number of ways that organizational change is sure to fail.