Designing the Perfect Security Awareness Newsletter

By John G. Laskey

Even in smaller organizations, a regular security awareness newsletter can support effective, participative security. While your organization’s editorial rules could be a creative break on a really great newsletter, the following tips can help you build up an effective one that will be welcomed by associates and be an asset to the organization’s security. It is important to encourage communications between security managers and the organization’s associates. At best, this can be used to measure the effectiveness of security issues even allowing you to make adjustments where these are merited. Newsletters should encourage discussion; always ensuring things stays inside of editorial guidelines.
» Read more

Strengthen Security with an Effective Security Awareness Program

By Tom Olzak

You’ve developed a world class security program. Your technology-based defenses are cutting edge. Your security team is well trained and ready to handle anything that comes its way. So you’re done, right? Not quite. One of the most important pieces of an effective information asset defense is missing – employee awareness.

» Read more

Security Awareness for End Users

The security of your company relies on a sound digital infrastructure and an IT team that can support it. However, as we’re about to explore below, it’s an organization’s end users that tend to make or break security efforts. This is why security awareness for your end users must become a company priority. If you don’t take this issue seriously, it’s only a matter of time before a cybercriminal is successful with an attack.

» Read more

Social Engineering Your Employees to Information Security

By Martin Manjak

This paper will examine the role and value of Information Security Awareness efforts in the organization. I will discuss the various threats (e.g., social engineering tactics) targeting employees that an InfoSec Awareness campaign is designed to counter. We will review some of the obstacles to implementing a program, offer some tools and strategies for developing effective materials, and lastly look at two case studies of Information Security Awareness campaigns at the University at Albany, SUNY. The appendices contain samples of actual materials developed using the methods discussed in the paper.
» Read more

Moving from Consciousness to Culture: Creating an Environment of Security Awareness

By Mary Munley

Although the aftermath of September 11th has brought to the forefront the realization that security threats are real, most companies are still far from creating a culture of security awareness within their organizations. This is particularly true with information security even though recent surveys have shown that corporations are worried about the financial impact of threats and attacks against their computer systems. Unfortunately, many of these same organizations are still focusing primarily on technical solutions such as firewalls, anti-virus software, patches, biometric devices and the like, to protect themselves against these threats. They have failed to take an overall holistic approach to security by combining technology with awareness. Most have recognized the importance of having clear and enforceable policies, but have stopped short of developing a comprehensive, ongoing awareness program.
» Read more

5 Security Awareness Best Practices

By Ian Palmer

When asked who needs to take charge on the security awareness front, Varun Kohli says that employers must ensure that their workers know how to steer clear of cyber criminals. Kohli, the vice president of marketing at predictive mobile threat defense company Skycure, insists that employees are the weak link in the chain of security – and research seems to support his claim. But whatever shortcomings workers may have, employers with the right security awareness policies in place can potentially limit the odds of seeing their networks compromised by malware, viruses or any of the other tools in the cyber criminals’ bag of nefarious tricks.

» Read more

Creating an IT Security Awareness Program for Senior Management

By Robert Nellis

This paper will present an approach to creating and deploying a security awareness program with senior management as the intended audience. A successful program for senior management is the key to the security program for the entire organization and therefore needs to be carefully and concisely constructed. Creating the program requires numerous resources, a clear understanding of security within the organization and an understanding of the position of senior management on IT security. This paper will outline the steps necessary to identify the current level of senior management’s IT security knowledge. Once the knowledge level is identified the steps to develop the content of the awareness program based on this knowledge will be discussed.
» Read more

Security Awareness

By Yash Tiwari

Security awareness is the knowledge and attitudes of members of a group that is tasked with the protection of the physical, and more important, informational assets of a specific organization. Many of these require formal security awareness training for all work when they join the organization, and periodically thereafter. About history, we can say that it all starts in the Eighties. The use of the PC (personal computer) brgan to be common among companies. The need of a computer appeared to give a solution for the fear that many of the employers have with his storage data. In the Nineties, more and more people got access to a computer and viruses became popular. Many kinds of these viruses like the worm virus set the start for awareness of the danger that can touch us and our information. Nowadays enters the need to create awareness among employees for the constant improvement of those viruses.

» Read more

Computer Security Education – The Tool for Today

By Ian Burke

ecurity education, for a long time, has been seen as a thing reserved for security professionals. The Computer Security Act of 1987 put forward for the National Institute of Standards and Technology to create standards and guides for security awareness and training. This act was the first of a string of legislation that would place mandates around security education for non-security professionals. This trend illustrated newfound awareness in the community and in the world around computer security.

» Read more

Security Awareness for Managers: Protecting Yourself and Your Company

By Daniel Brecht

Learn the best practices for developing a security awareness training program that is engaging. Engaging awareness programs have been shown to change more users’ behavior and are seen as an asset for your organization instead of annoyance. Nowadays, security awareness training (SAT) is a top priority for organizations of any sizes. Thanks to SAT, management and employees can understand IT governance issues and control solutions as well as recognize concerns, understand their relevance and respond accordingly. Many companies invest heavily in cybersecurity education programs for employees to learn how to protect their computer and personal information and how to be aware of the many hacktivists and cyber-criminals that scour the Web in search of targets and vulnerabilities.

» Read more

1 2 3 4 5 28