The Challenge
Common challenges faced by organisations today while establishing and delivering a security awareness program include:
- Lack of qualified resources to deliver information security awareness sessions
- Security awareness programs that don't create an impact which doesn't change the attitude of personnel and change behaviors
Organisations might have the best security awareness program in the industry but if the objectives and details of the security awareness program are not communicated effectively, the security awareness program has no effect on the personnel and the outcomes of the program. At Trustwave we address these problems by providing a comprehensive set of resources, support and services to help organisations build an effective security awareness program that has an impact on the overall organisation.
Resources Available to Free Users
Through your free Security Colony account you have access to a range of resources that you can use to establish a security awareness program within your organisation.
- Cybersecurity Awareness Presentation - Slide deck that provides a framework for creating a high-level introduction to cybersecurity for the purposes of raising staff awareness within an organisation regarding its importance and relevance to all staff members. A key objective of the presentation is to make staff aware of the fact that each and every employee in an organisation has a role to play in preventing and responding to security incidents.
- Industry Surveys Control Analysis - Document analysing the types of controls which are reported to be in use throughout organisations across the world, through analysis of industry survey responses from 2013 – 2015. The objective is to understand the controls which are considered “common” or standard across organisations, in order to get a picture of the controls that can reasonably be expected to be in place. Which should provide a starting point for educating staff, and a starting point for getting your management team to have a perspective on what is ‘normal’ in cyber security control terms.
Resources Available to Premium Users
- Choose Your Own Adventure - The Choose Your Own Adventure – Cyber Security Breach Scenario (CYOA) consists of an interactive and non-linear series of ‘scenario cards’ that provide a compelling narrative to staff around the effects (reputational, legal and financial) a cyber security breach can have within an organisation, and the role that every employee has in keeping their organisation cyber secure.
-
- Cyber Security Awareness Program Plan - Template providing a visual example of how to represent the various activities that are likely to comprise an organisational cyber security awareness raising program as a one-page-plan. The plan is divided into four quarters (with each quarter focusing on a particular cyber security ‘theme’ and target behavior that can affect an organisation’s overall security posture).
- Security Awareness Posters - Examples of cyber security awareness raising posters that have been developed for facilitating improved employee awareness of the importance of cyber security and where to go and who to contact within an organisation to obtain more information about cyber security related matters. The posters were originally printed at A2 size using matt stock 160gsm.
- Security Awareness Phishing Sticker - Example of a ‘sticker’ that was developed for an organisation’s security awareness raising program. It is designed to provide a visual guide that contains 7 key tips that staff should watch out for in order to be able to effectively identify phishing emails they may receive and to provide guidance on who to report the receipt of these emails to. The sticker was originally printed on material called Yupo Octopus Cling, meaning it can be removed easily.
Other SecurityColony Features That Can Help
If you have any further questions about establishing a security awareness program, you can get in touch with us via the "Ask a Consultant" function.
Paid subscribers also have their own Private Forum dedicated to their organisation.
Questions from free users will be answered when we can fit them in (but it generally won't take long).