Security culture recognizes the possibility that anarchist spaces and movements are surveilled and/or infiltrated by informants or undercover operatives. Security culture has three components: determining when and how surveillance is occurring, protecting anarchist communities if infiltration occurs, and responding to security breaches. Its origins are uncertain, though some anarchists identify its genesis in the new social movements of the 1960s, which were targeted by the Federal Bureau of Investigation's COINTELPRO projects. The sociologist Christine M. Robinson has identified security culture as a response to the labelling of anarchists as terrorists in the aftermath of the September 11 attacks.
The geographer Nathan L. Clough describes security culture as "a technique for cultivating a new affective structure". The political scientist Sean Parson offers the following definition: "'security culture' ... includes such rules as not disclosing full names, one's activist history, or anything else that could be used to identify oneself or others to authorities. The goal of security culture is to weaken the influence of infiltrators and 'snitches,' which allows groups to more readily engage in illegal acts with less concern for arrest." The media scholar Laura Portwood-Stacer defines security culture as "the norms of privacy and information control developed by anarchists in response to regular infiltration of their groups and surveillance by law enforcement personnel."
Security culture does not involve abandoning confrontational political tactics, but rather eschews boasting about such deeds on the basis that doing so facilitates the targeting and conviction of anarchist activists. Advocates of security culture aim to make its practices instinctive, automatic or unconscious. Participants in anarchist movements see security culture as vital to their ability to function, especially in the context of the War on Terror.
Portwood-Stacer observes that security culture impacts upon research on anarchist subcultures and that, while subcultures are often resistant to observation, "the stakes are often much higher for anarchist activists, because they are a frequent target of state surveillance and repression."
Security culture regulates what topics can be discussed, in what context, and among whom. It prohibits speaking to law enforcement, and certain media and locations are identified as security risks; the Internet, telephone and mail, individuals' homes and vehicles, and community meeting places are assumed to contain covert listening devices. Security culture prohibits or discourages discussing involvement in illegal or covert activities. Three exceptions, however, are drawn: discussing plans with others involved, discussing criminal activities for which one has been convicted, and discussing past actions anonymously in zines or with trusted media are permitted. Robinson identifies the black bloc tactic, in which anarchists cover their faces and wear black clothing, as a component of security culture. Other practices include the use of pseudonyms and "[i]nverting the gaze to inspect others' corporeality". Breaches of security culture may be met by avoiding, isolating or shunning those responsible.
In his discussion of security culture during the protests around the 2008 Republican National Convention (RNC), Clough notes that "fear of surveillance and infiltration" impeded trust among activists and led to energy being directed toward counter-measures. He also suggests that security culture practices may cause newer participants in movements to feel less welcome or less trusted, and therefore less likely to commit to causes, and, in the context of the 2008 RNC, prevented those who did not conform to anarchist norms from assuming prominent positions within the RNC Welcoming Committee. Assessing the role of security culture in the anti-RNC mobilisation, which was infiltrated by four police operatives, Clough finds that had "a mixed record", succeeding in frustrating shorter-term infiltrators operating at the movement's peripheries, but failing to prevent longer-term infiltrators from gaining others' trust.