communication
As a follow up, to the last post, we are now working on Section 3 of the business case. In this section we review and detail the awareness program content. Here is the suggested sample content for this section:
Awareness Program Content
A robust content list fed to the end user on a monthly or quarterly basis will avoid information overload and will allow flexibility in the program so immediate response to current information security risks can be dealt with. A monthly or quarterly...
Summer is a great time to take stock of your current awareness program. Review the past year's program and run it through a thorough analysis. Was it relevant to the users? Was the content refreshed with updated security best practices? Is it time to run a quiz and test the current users knowledge base? Perhaps you need to add some videos to the existing program?
Perhaps it is time to start from scratch and look at a program re-design or a different approach to refresh and revitalize the...
To win the gold...a corporate security awareness program aims to make all the employees understand and appreciate not only the value of the company's information assets but also the consequences in case these assets are compromised. In theory, the process is straightforward and painless. But as every IT/security manager knows, in real life, an awareness program can be a huge headache - especially in a large enterprise.
How do you plan correctly when implementing a security awareness program?...
I had dinner with a good friend last night and the discussion, as usual, lingered toward work-related topics. The company that she works for (a large multi-national company) recently decided to enforce a clean desk policy for security purposes. Nothing wrong with that, except; this company did it to the extreme. Employees can not have even a small amount of anything on their desk. If they do happen to leave an item on their desk, a note goes into their employee file and points are taken off of...
