|
Information Security Awareness and Training Program |
Sph3r3 utilizes the approach to couple business with home security awareness.Business information systems no longer have a distinguished perimeter to the outside and a safe workplace and home lifestyle will only lead to great productive within the workforce.Potentially combining critical business security awareness with concepts of Identify Theft and protecting your children from cyberspace will provide the understanding and need of information protection.The primary business objective of the Information Security Awareness and Training Program (ISATP) is to help an organization reduce occurrences of security-related incidents. Such incidents may include: - Inappropriate and harmful disclosure of confidential financial or personal information;
- Unknowingly disclosing personal information to unauthorized parties in result of their malicious social engineering tactics;
- Enabling access to critical information systems due to personnel storing usernames and passwords in insecure locations (e.g., in unlocked desk drawers and on exposed post-it notes);
- Enabling access to critical information systems due to personnel leaving workstations exposed while attending internal meetings or visiting the washroom; and
- Physical access to resources allowing access to unauthorized information.
| Download Sph3r3's Free ISATP Presentation Working with the organization, Sph3r3 identifies the critical success factors and measures of effectiveness to ensure the success of the security awareness campaign. This includes monitoring the program on a routine basis, evaluating the understanding of the attendees and continual promotion of the organization’s information security objectives. The developed programs also comply with SOX, HIPAA, FISMA, PCI, CIP and other regulatory requirements for security awareness training programs. Often security awareness training programs are implemented as non customized content attempting to satisfy the requirements of adopting a program without exercising appropriate measures to ensure business alignment and effective use of employee objectives. A successful awareness program should align with the employees daily roles and objectives ensuring that the information security content resonates with all personnel. |
The presentation discusses the following topics: - Developing your ISATP
- Defining specific audiences for your program
- Assessing the success of your campaign
Download the presentation here | |  |
|
