A Best Practices Guide for Comprehensive Employee Awareness Programs
By MediaPro
()
About this ebook
With 20-plus years in the adult learning and employee awareness business, MediaPro has ample experience in helping organizations teach their employees. In this guide, we’ve tapped some of our best talent to explain some time-tested best practices for running employee awareness programs in cybersecurity and privacy. We believe that if you’re going to really change behavior within your organization, you’ve got to do four things: Analyze, Plan, Train, and Reinforce. These are the core components of our Adaptive Awareness Framework, a vision for how you can build an effective employee awareness program. Each one of the four chapters in our Best Practices Guide for Comprehensive Employee Awareness Programs is devoted to one of these components:
•Chapter 1 Analyze: Using Data to Inform Your Awareness Program
•Chapter 2 Plan: Creating a Roadmap for Your Awareness Program
•Chapter 3 Train: Building Training that Achieves Real Behavior Change
•Chapter 4 Reinforce: Battling the Forgetting Curve
Through our focus on proven adult learning principles and award-winning training experiences, MediaPro has helped enterprises of all kinds improve the professional performance of their people. We’re passionate about our work in adult learning, and it shows in the quality of our courses, the delight of our clients, and in our industry recognition.
MediaPro
MediaPro is a learning services company that specializes in the areas of information security, data privacy, compliance, and custom online courseware. We deliver the high-quality learning experiences that grow knowledge, change behavior, and support cultural change. Our clients can be found in most every industry and include Fortune 500 brands, SMB’s, and government entities. We’re passionate about our work in adult learning, and it shows in the quality of our courses, the delight of our clients, and in our many industry awards.
Related to A Best Practices Guide for Comprehensive Employee Awareness Programs
Related ebooks
The Cybersecurity Mindset: Cultivating a Culture of Vigilance Rating: 0 out of 5 stars0 ratingsModern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratingsIT Governance Critical Issues Series: Cyber Security Rating: 0 out of 5 stars0 ratingsCyber Resilience: Defence-in-depth principles Rating: 0 out of 5 stars0 ratingsData Privacy: What Enterprises Need to Know? Rating: 0 out of 5 stars0 ratingsThe Psychology of Information Security: Resolving conflicts between security compliance and human behaviour Rating: 5 out of 5 stars5/5Defending the Digital Perimeter: Network Security Audit Readiness Strategies Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsSecurity Leader Insights for Information Protection: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsThe Future and Opportunities of Cybersecurity in the Workforce Rating: 3 out of 5 stars3/5Certified Cybersecurity Compliance Professional Rating: 5 out of 5 stars5/5Security Operations: CISSP, #7 Rating: 0 out of 5 stars0 ratings7 Rules To Become Exceptional At Cyber Security Rating: 5 out of 5 stars5/5Cyber Security Consultants Playbook Rating: 0 out of 5 stars0 ratingsCan. Trust. Will.: Hiring for the Human Element in the New Age of Cybersecurity Rating: 5 out of 5 stars5/5Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors Rating: 0 out of 5 stars0 ratingsBuilding Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5We Need To Talk: 52 Weeks To Better Cyber-Security Rating: 0 out of 5 stars0 ratingsUse of Cyber Threat Intelligence in Security Operation Center Rating: 0 out of 5 stars0 ratingsHow to Define and Build an Effective Cyber Threat Intelligence Capability Rating: 4 out of 5 stars4/5Building a Practical Information Security Program Rating: 5 out of 5 stars5/5CompTIA CySA+ Certification The Ultimate Study Guide to Practice Questions With Answers and Master the Cybersecurity Analyst Exam Rating: 0 out of 5 stars0 ratingsThreat Forecasting: Leveraging Big Data for Predictive Analysis Rating: 0 out of 5 stars0 ratingsCyber Security From Beginner To Expert Cyber Security Made Easy For Absolute Beginners Rating: 0 out of 5 stars0 ratingsData Breach Preparation and Response: Breaches are Certain, Impact is Not Rating: 0 out of 5 stars0 ratingsThe Human Fix to Human Risk: 5 Steps to Fostering a Culture of Cyber Security Awareness Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 1 out of 5 stars1/5The Ransomware Threat Landscape: Prepare for, recognise and survive ransomware attacks Rating: 0 out of 5 stars0 ratingsTrends In Cybersecurity: The Insider To Insider Risks Rating: 0 out of 5 stars0 ratingsCybersecurity and Infrastructure Protection Rating: 0 out of 5 stars0 ratings
Security For You
How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsWireless Hacking 101 Rating: 4 out of 5 stars4/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Hacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Codes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsIAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Certification Study Guide: Exam N10-004: Exam N10-004 2E Rating: 4 out of 5 stars4/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsHacking For Dummies Rating: 4 out of 5 stars4/5
Reviews for A Best Practices Guide for Comprehensive Employee Awareness Programs
0 ratings0 reviews
Book preview
A Best Practices Guide for Comprehensive Employee Awareness Programs - MediaPro
A Best Practices Guide for Comprehensive Employee Awareness Programs
Edited by Tom Pendergast, Jeremy Schwartz, and Laura Lanning, with an introduction by Steve Conrad
Text copyright © 2016 MediaPro Holdings LLC
All rights reserved
Table of Contents
Introduction
Meet the Authors
Chapter 1: Analyze
Chapter 2: Plan
Chapter 3: Train
Chapter 4: Reinforce
Epilogue: How You’ll Know it Works
Bibliography
Introduction
Today, security and privacy professionals find themselves in an enviable position. Global trends—from always-on connectivity to cloud computing to rising concerns for privacy and associated privacy regulation—have elevated the importance of both security and privacy personnel within all organizations, in both the public and private sector. Professionals in these fields have a voice at the upper levels of decision-making like never before, and the job market reflects intense demands for people skilled in these areas.
There is a dark side to this story, of course. Cybercriminals recognize the possibility for riches in the flow of information that makes the global economy go around, and they are coming after your data with ever-increasing tenacity. As you know, technological advances have helped tighten and control many security and privacy risks. However, because these technologies have improved so much in recent years, cyber attackers have shifted their focus to the ever-vulnerable human. While you can build a wall of technical protections around systems and information, it is ultimately the actions and behaviors of your people that will determine just how secure your data, and ultimately your bottom line, really are.
Our own 2016 survey of more than 1,000 employees across the United States revealed that 88 % lack the awareness to stop preventable cyber incidents.¹ Broader, industry-wide research paints the same picture. The 2016 Verizon Enterprises Data Breach Investigation Report, for example, found that 30% of phishing emails were opened in 2015; up from 24% the year before.² And falling for scam emails is just a sampling of the dangers posed by employees lacking security or privacy awareness. A 2016 CompTIA report titled International Trends in Cybersecurity found that human error accounts for more than 50% of security breaches.³ Enterprises face threats that compromise the security of critical information due to unintentionally risky behavior from employees with poor privacy and security hygiene. Left unchecked, these employees are putting their companies at serious risk of material loss due to a data breach or other cyber incident. The danger of sensitive client or customer data compromised by a data breach threatens organizations of all sizes and industries. Year after year, massive breaches affecting millions of people continue to make headlines. Reports of lost revenue, lost customers, and lost reputation often follow.
Consider the analogy of a bank vault. No matter how much money may have been spent on construction and installation of this safeguard, it proves useless if it is left unsecure. The same is true in the security and privacy spaces. A vault is only as strong as its keepers. The keepers must know to properly close and