SlideShare a Scribd company logo

Build a Security Awareness and Training Program

Download as PPTX, PDF
Info-Tech Research Group
Info-Tech Research Group

Your Challenge: Security threats and exploits continue to be on the rise in the form of advanced persistent threats (APTs) and other unique attack types. APTs and attackers are looking to go after the weakest link within your organization – the people. Whether it is a lack of knowledge or a disregard for security, your end users are either the intentional or unintentional cause of security threats for your organization. Our Advice - Critical Insight: Even with extremely robust security controls, your end users will continue to be one of the weakest links. To change the behaviors of your employees, make them invested in organizational security through positive reinforcement. Our Advice - Impact and Result: Focus on increasing employees’ knowledge within the training but actively going beyond to change their behavior by making them all security aware. Go beyond the standard classroom style learning that is expected of training – use new teaching methods and positive reinforcement to ensure that your end users become more security aware. Use Info-Tech’s blueprint and methodology to craft a program that will engage your audiences and employees, while ensuring to review important security-related topics.

Technology
1 of 12
Build a Security Awareness and Training Program Your weakest link is between the keyboard and the chair. End users are either the intentional or the unintentional cause of security threats for your organization. They are one of the largest vulnerabilities organizations face today: They are easily manipulated through malicious activities They are then exploited in order to: Steal information or data Cause disruption or sabotage to an organization Organizations invest huge capital into technology-based security controls while, in the meantime, end users will continue to be one of the weakest links. The average cost of a data breach due to human error was approximately $160 per record compromised. Source: Ponemon Institute, 2014 Cost of a Data Breach Of organizations, 19% found that the cost of a social engineering incident was more than $100,000. For organizations with more than 5,000 employees, this increased to 30%. Source: Ponemon Institute, 2014 Cost of a Data Breach Over 95% of all security incidents investigated recognized human error as a contributing error. IBM Security Services 2014 Cyber Security Intelligence Index Of companies, 55% indicated that they believe privileged users were the biggest internal threat to corporate data. Source: 2015 Vormetric Insider Threat Report There are three main areas that security needs to focus on: technology, process, people Most organizations are aware of these three areas; however, many focus purely on the technology and process aspects. The resources and budget spent on the people aspect of security pales in comparison to process and technology. For any organization to succeed with their technology and process related controls, the people need to be security aware and trained. There are three main areas that security needs to focus on: technology, process, people Develop your security awareness and training program using an agile methodology. For the most effective results, apply the software agile development methodology to your security awareness and training program, focusing on the continual delivery of customized modules delivered to staff in smaller portions. Security policies are your foundation. For any security awareness and training to be effective it must be rooted in organizational security policies. Test your end users. Any sort of mock or simulated testing of end users’ susceptibility to exploitation can prove highly informative to your program. Test continually. Remind your end users that security is a priority for the entire organization and should be something that is part of every employee’s responsibilities.
http://www.infotech.com/research/ss/build-a-security- awareness-and-training-program USEOURBUILDASECURITYAWARENESSANDTRAININGPROGRAMBLUEPRINT Best-practice Toolkit: Guided Implementations: 120 Do-It-Yourself Project Slides Plus: 1 other template Start this project today by calling 1-877-876-3322www.infotech.com Onsite workshops available Information Security Awareness and Training Appropriateness Tool Information Security Awareness and Training Program Workbook Information Security Awareness and Training Content Development Tool Information Security Awareness and Training Program Roadmap Tool Information Security Awareness and Training Content Guide Identify the content Determine the appropriateness Determine how to execute the plan Implement the program USEOURBUILDASECURITYAWARENESSANDTRAININGPROGRAMBLUEPRINT Best-practice Toolkit: Guided Implementations: 120 Do-It-Yourself Project Slides Plus: 1 other template Start this project today by calling 1-877-876-3322www.infotech.com Onsite workshops available Information Security Awareness and Training Appropriateness Tool Information Security Awareness and Training Program Workbook Information Security Awareness and Training Content Development Tool Information Security Awareness and Training Program Roadmap Tool Information Security Awareness and Training Content Guide Identify the content Determine the appropriateness Determine how to execute the plan Implement the program

Recommended

Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...
Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...
Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...Info-Tech Research Group
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services202066
 
End-user computing is not a trend, it's a transformational shift
End-user computing is not a trend, it's a transformational shiftEnd-user computing is not a trend, it's a transformational shift
End-user computing is not a trend, it's a transformational shiftUni Systems S.M.S.A.
 
VDI Best Practices
VDI Best PracticesVDI Best Practices
VDI Best PracticeseG Innovations
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory ServicesVarun Arora
 
VDI Design Guide
VDI Design GuideVDI Design Guide
VDI Design GuideDan Brinkmann
 
End User Computing
End User ComputingEnd User Computing
End User ComputingMudit Dhebar
 
Desktop virtualization customer presentation
Desktop virtualization customer presentationDesktop virtualization customer presentation
Desktop virtualization customer presentationNuno Alves
 

Recommended

Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...
Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...
Master the Ever Expanding Puzzle of End-User Computing with a Strategy and Ro...Info-Tech Research Group
 
active-directory-domain-services
active-directory-domain-servicesactive-directory-domain-services
active-directory-domain-services202066
 
End-user computing is not a trend, it's a transformational shift
End-user computing is not a trend, it's a transformational shiftEnd-user computing is not a trend, it's a transformational shift
End-user computing is not a trend, it's a transformational shiftUni Systems S.M.S.A.
 
VDI Best Practices
VDI Best PracticesVDI Best Practices
VDI Best PracticeseG Innovations
 
Active Directory Services
Active Directory ServicesActive Directory Services
Active Directory ServicesVarun Arora
 
VDI Design Guide
VDI Design GuideVDI Design Guide
VDI Design GuideDan Brinkmann
 
End User Computing
End User ComputingEnd User Computing
End User ComputingMudit Dhebar
 
Desktop virtualization customer presentation
Desktop virtualization customer presentationDesktop virtualization customer presentation
Desktop virtualization customer presentationNuno Alves
 
Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionInfo-Tech Research Group
 
Create a Winning BPI Playbook
Create a Winning BPI PlaybookCreate a Winning BPI Playbook
Create a Winning BPI PlaybookInfo-Tech Research Group
 
Master Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleMaster Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleInfo-Tech Research Group
 
Optimize Change Management
Optimize Change ManagementOptimize Change Management
Optimize Change ManagementInfo-Tech Research Group
 
Improve IT Business Alignment With An Infrastructure Roadmap
Improve IT Business Alignment With An Infrastructure RoadmapImprove IT Business Alignment With An Infrastructure Roadmap
Improve IT Business Alignment With An Infrastructure RoadmapInfo-Tech Research Group
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramInfo-Tech Research Group
 
Standardize the Service Desk
Standardize the Service DeskStandardize the Service Desk
Standardize the Service DeskInfo-Tech Research Group
 
Optimize Project Intake Approval and Prioritization
Optimize Project Intake Approval and PrioritizationOptimize Project Intake Approval and Prioritization
Optimize Project Intake Approval and PrioritizationInfo-Tech Research Group
 
Modernize Communications and Collaboration Infrastructure
Modernize Communications and Collaboration InfrastructureModernize Communications and Collaboration Infrastructure
Modernize Communications and Collaboration InfrastructureInfo-Tech Research Group
 
Optimize the IT Operating Model
Optimize the IT Operating ModelOptimize the IT Operating Model
Optimize the IT Operating ModelInfo-Tech Research Group
 
Info-Tech Membership Overview
Info-Tech Membership OverviewInfo-Tech Membership Overview
Info-Tech Membership OverviewInfo-Tech Research Group
 
Define an EA Operating Model
Define an EA Operating ModelDefine an EA Operating Model
Define an EA Operating ModelInfo-Tech Research Group
 
Become a Transformational CIO
Become a Transformational CIOBecome a Transformational CIO
Become a Transformational CIOInfo-Tech Research Group
 
Craft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
Craft an End-to-End Data Center Consolidation Strategy to Maximize BenefitsCraft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
Craft an End-to-End Data Center Consolidation Strategy to Maximize BenefitsInfo-Tech Research Group
 
Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security StrategyInfo-Tech Research Group
 
Build an Application Integration Strategy
Build an Application Integration StrategyBuild an Application Integration Strategy
Build an Application Integration StrategyInfo-Tech Research Group
 
Develop a Project Portfolio Management Strategy
Develop a Project Portfolio Management StrategyDevelop a Project Portfolio Management Strategy
Develop a Project Portfolio Management StrategyInfo-Tech Research Group
 
Implement an enterprise service bus revised
Implement an enterprise service bus revisedImplement an enterprise service bus revised
Implement an enterprise service bus revisedInfo-Tech Research Group
 
Implement a Shared Services Model
Implement a Shared Services ModelImplement a Shared Services Model
Implement a Shared Services ModelInfo-Tech Research Group
 
Assess and Optimize EA Capability
Assess and Optimize EA CapabilityAssess and Optimize EA Capability
Assess and Optimize EA CapabilityInfo-Tech Research Group
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

More Related Content

More from Info-Tech Research Group

Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionInfo-Tech Research Group
 
Master Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleMaster Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleInfo-Tech Research Group
 
Improve IT Business Alignment With An Infrastructure Roadmap
Improve IT Business Alignment With An Infrastructure RoadmapImprove IT Business Alignment With An Infrastructure Roadmap
Improve IT Business Alignment With An Infrastructure RoadmapInfo-Tech Research Group
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramInfo-Tech Research Group
 
Optimize Project Intake Approval and Prioritization
Optimize Project Intake Approval and PrioritizationOptimize Project Intake Approval and Prioritization
Optimize Project Intake Approval and PrioritizationInfo-Tech Research Group
 
Modernize Communications and Collaboration Infrastructure
Modernize Communications and Collaboration InfrastructureModernize Communications and Collaboration Infrastructure
Modernize Communications and Collaboration InfrastructureInfo-Tech Research Group
 
Craft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
Craft an End-to-End Data Center Consolidation Strategy to Maximize BenefitsCraft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
Craft an End-to-End Data Center Consolidation Strategy to Maximize BenefitsInfo-Tech Research Group
 
Develop a Project Portfolio Management Strategy
Develop a Project Portfolio Management StrategyDevelop a Project Portfolio Management Strategy
Develop a Project Portfolio Management StrategyInfo-Tech Research Group
 
Implement an enterprise service bus revised
Implement an enterprise service bus revisedImplement an enterprise service bus revised
Implement an enterprise service bus revisedInfo-Tech Research Group
 

More from Info-Tech Research Group (20)

Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection Solution
 
Create a Winning BPI Playbook
Create a Winning BPI PlaybookCreate a Winning BPI Playbook
Create a Winning BPI Playbook
 
Master Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sampleMaster Contract Review and Negotiation For Software Agreements-sample
Master Contract Review and Negotiation For Software Agreements-sample
 
Optimize Change Management
Optimize Change ManagementOptimize Change Management
Optimize Change Management
 
Improve IT Business Alignment With An Infrastructure Roadmap
Improve IT Business Alignment With An Infrastructure RoadmapImprove IT Business Alignment With An Infrastructure Roadmap
Improve IT Business Alignment With An Infrastructure Roadmap
 
Build a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management ProgramBuild a Business-Driven IT Risk Management Program
Build a Business-Driven IT Risk Management Program
 
Standardize the Service Desk
Standardize the Service DeskStandardize the Service Desk
Standardize the Service Desk
 
Optimize Project Intake Approval and Prioritization
Optimize Project Intake Approval and PrioritizationOptimize Project Intake Approval and Prioritization
Optimize Project Intake Approval and Prioritization
 
Modernize Communications and Collaboration Infrastructure
Modernize Communications and Collaboration InfrastructureModernize Communications and Collaboration Infrastructure
Modernize Communications and Collaboration Infrastructure
 
Optimize the IT Operating Model
Optimize the IT Operating ModelOptimize the IT Operating Model
Optimize the IT Operating Model
 
Info-Tech Membership Overview
Info-Tech Membership OverviewInfo-Tech Membership Overview
Info-Tech Membership Overview
 
Define an EA Operating Model
Define an EA Operating ModelDefine an EA Operating Model
Define an EA Operating Model
 
Become a Transformational CIO
Become a Transformational CIOBecome a Transformational CIO
Become a Transformational CIO
 
Craft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
Craft an End-to-End Data Center Consolidation Strategy to Maximize BenefitsCraft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
Craft an End-to-End Data Center Consolidation Strategy to Maximize Benefits
 
Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security Strategy
 
Build an Application Integration Strategy
Build an Application Integration StrategyBuild an Application Integration Strategy
Build an Application Integration Strategy
 
Develop a Project Portfolio Management Strategy
Develop a Project Portfolio Management StrategyDevelop a Project Portfolio Management Strategy
Develop a Project Portfolio Management Strategy
 
Implement an enterprise service bus revised
Implement an enterprise service bus revisedImplement an enterprise service bus revised
Implement an enterprise service bus revised
 
Implement a Shared Services Model
Implement a Shared Services ModelImplement a Shared Services Model
Implement a Shared Services Model
 
Assess and Optimize EA Capability
Assess and Optimize EA CapabilityAssess and Optimize EA Capability
Assess and Optimize EA Capability
 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Build a Security Awareness and Training Program

  • 1. Build a Security Awareness and Training Program Your weakest link is between the keyboard and the chair. End users are either the intentional or the unintentional cause of security threats for your organization. They are one of the largest vulnerabilities organizations face today: They are easily manipulated through malicious activities They are then exploited in order to: Steal information or data Cause disruption or sabotage to an organization Organizations invest huge capital into technology-based security controls while, in the meantime, end users will continue to be one of the weakest links. The average cost of a data breach due to human error was approximately $160 per record compromised. Source: Ponemon Institute, 2014 Cost of a Data Breach Of organizations, 19% found that the cost of a social engineering incident was more than $100,000. For organizations with more than 5,000 employees, this increased to 30%. Source: Ponemon Institute, 2014 Cost of a Data Breach Over 95% of all security incidents investigated recognized human error as a contributing error. IBM Security Services 2014 Cyber Security Intelligence Index Of companies, 55% indicated that they believe privileged users were the biggest internal threat to corporate data. Source: 2015 Vormetric Insider Threat Report There are three main areas that security needs to focus on: technology, process, people Most organizations are aware of these three areas; however, many focus purely on the technology and process aspects. The resources and budget spent on the people aspect of security pales in comparison to process and technology. For any organization to succeed with their technology and process related controls, the people need to be security aware and trained. There are three main areas that security needs to focus on: technology, process, people Develop your security awareness and training program using an agile methodology. For the most effective results, apply the software agile development methodology to your security awareness and training program, focusing on the continual delivery of customized modules delivered to staff in smaller portions. Security policies are your foundation. For any security awareness and training to be effective it must be rooted in organizational security policies. Test your end users. Any sort of mock or simulated testing of end users’ susceptibility to exploitation can prove highly informative to your program. Test continually. Remind your end users that security is a priority for the entire organization and should be something that is part of every employee’s responsibilities.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. http://www.infotech.com/research/ss/build-a-security- awareness-and-training-program USEOURBUILDASECURITYAWARENESSANDTRAININGPROGRAMBLUEPRINT Best-practice Toolkit: Guided Implementations: 120 Do-It-Yourself Project Slides Plus: 1 other template Start this project today by calling 1-877-876-3322www.infotech.com Onsite workshops available Information Security Awareness and Training Appropriateness Tool Information Security Awareness and Training Program Workbook Information Security Awareness and Training Content Development Tool Information Security Awareness and Training Program Roadmap Tool Information Security Awareness and Training Content Guide Identify the content Determine the appropriateness Determine how to execute the plan Implement the program USEOURBUILDASECURITYAWARENESSANDTRAININGPROGRAMBLUEPRINT Best-practice Toolkit: Guided Implementations: 120 Do-It-Yourself Project Slides Plus: 1 other template Start this project today by calling 1-877-876-3322www.infotech.com Onsite workshops available Information Security Awareness and Training Appropriateness Tool Information Security Awareness and Training Program Workbook Information Security Awareness and Training Content Development Tool Information Security Awareness and Training Program Roadmap Tool Information Security Awareness and Training Content Guide Identify the content Determine the appropriateness Determine how to execute the plan Implement the program