Moving from Consciousness to Culture: Creating an Environment of Security Awareness

By Mary Munley

Although the aftermath of September 11th has brought to the forefront the realization that security threats are real, most companies are still far from creating a culture of security awareness within their organizations. This is particularly true with information security even though recent surveys have shown that corporations are worried about the financial impact of threats and attacks against their computer systems. Unfortunately, many of these same organizations are still focusing primarily on technical solutions such as firewalls, anti-virus software, patches, biometric devices and the like, to protect themselves against these threats. They have failed to take an overall holistic approach to security by combining technology with awareness. Most have recognized the importance of having clear and enforceable policies, but have stopped short of developing a comprehensive, ongoing awareness program.
» Read more

5 Security Awareness Best Practices

By Ian Palmer

When asked who needs to take charge on the security awareness front, Varun Kohli says that employers must ensure that their workers know how to steer clear of cyber criminals. Kohli, the vice president of marketing at predictive mobile threat defense company Skycure, insists that employees are the weak link in the chain of security – and research seems to support his claim. But whatever shortcomings workers may have, employers with the right security awareness policies in place can potentially limit the odds of seeing their networks compromised by malware, viruses or any of the other tools in the cyber criminals’ bag of nefarious tricks.

» Read more

Creating an IT Security Awareness Program for Senior Management

By Robert Nellis

This paper will present an approach to creating and deploying a security awareness program with senior management as the intended audience. A successful program for senior management is the key to the security program for the entire organization and therefore needs to be carefully and concisely constructed. Creating the program requires numerous resources, a clear understanding of security within the organization and an understanding of the position of senior management on IT security. This paper will outline the steps necessary to identify the current level of senior management’s IT security knowledge. Once the knowledge level is identified the steps to develop the content of the awareness program based on this knowledge will be discussed.
» Read more

Security Awareness

By Yash Tiwari

Security awareness is the knowledge and attitudes of members of a group that is tasked with the protection of the physical, and more important, informational assets of a specific organization. Many of these require formal security awareness training for all work when they join the organization, and periodically thereafter. About history, we can say that it all starts in the Eighties. The use of the PC (personal computer) brgan to be common among companies. The need of a computer appeared to give a solution for the fear that many of the employers have with his storage data. In the Nineties, more and more people got access to a computer and viruses became popular. Many kinds of these viruses like the worm virus set the start for awareness of the danger that can touch us and our information. Nowadays enters the need to create awareness among employees for the constant improvement of those viruses.

» Read more

Computer Security Education – The Tool for Today

By Ian Burke

ecurity education, for a long time, has been seen as a thing reserved for security professionals. The Computer Security Act of 1987 put forward for the National Institute of Standards and Technology to create standards and guides for security awareness and training. This act was the first of a string of legislation that would place mandates around security education for non-security professionals. This trend illustrated newfound awareness in the community and in the world around computer security.

» Read more

Security Awareness for Managers: Protecting Yourself and Your Company

By Daniel Brecht

Learn the best practices for developing a security awareness training program that is engaging. Engaging awareness programs have been shown to change more users’ behavior and are seen as an asset for your organization instead of annoyance. Nowadays, security awareness training (SAT) is a top priority for organizations of any sizes. Thanks to SAT, management and employees can understand IT governance issues and control solutions as well as recognize concerns, understand their relevance and respond accordingly. Many companies invest heavily in cybersecurity education programs for employees to learn how to protect their computer and personal information and how to be aware of the many hacktivists and cyber-criminals that scour the Web in search of targets and vulnerabilities.

» Read more

Security Awareness Roles

Information security has tremendous importance in preventing any kind of unauthorized inspection, use, modification, disclosure, access, destruction, disruption, or recording of information. In general, it is used regardless of the type of information in question.

» Read more

SecurityIQ, AwareEd, and PhishSim User’s Manual, Pt. 6: AwareEd

By InfoSec Resources

Maintaining an awareness education program is a requirement of most technology related regulatory and compliance standards. Security awareness programs can be complex and resource-intensive to manage for organizations of any size, but SecurityIQ can solve many of these issues with AwareEd. AwareEd provides organizations with a mechanism to automate the delivery, promotion, tracking, and reporting of a security awareness training program with minimal administrative time required.

» Read more

1 2 3 4 5 6 28