Security Awareness

(SEC-AWARE.AE1) / ISBN : 978-1-64459-593-0
This course includes
Interactive Lessons
Gamified TestPrep
Get A Free Trial

About This Course

Skills You’ll Get

1

Introduction

  • About This Course
  • False Assumptions
  • Icons Used in This Course
2

Knowing How Security Awareness Programs Work

  • Understanding the Benefits of Security Awareness
  • Knowing How Security Awareness Programs Work
  • Recognizing the Role of Awareness within a Security Program
  • Disputing the Myth of the Human Firewall
3

Starting On the Right Foot: Avoiding What Doesn’t Work

  • Making a Case Beyond Compliance Standards
  • Treating Compliance as a Must
  • Limiting the Popular Awareness Theories
  • Distinguishing Social Engineering from Security Awareness
  • Addressing Mental Models That Don’t Work
  • Making Perfection the Stated Goal
  • Measuring from the Start
  • Prioritizing Program Over Product
  • Choosing Substance Over Style
  • Understanding the Role of Security Awareness
4

Applying the Science Behind Human Behavior and Risk Management

  • Achieving Common Sense through Common Knowledge
  • Borrowing Ideas from Safety Science
  • Applying Accounting Practices to Security Awareness
  • Applying the ABCs of Awareness
  • Benefiting from Group Psychology
  • Remembering That It’s All About Risk
5

Creating a Security Awareness Strategy

  • Identifying the Components of an Awareness Program
  • Figuring Out How to Pay for It All
6

Determining Culture and Business Drivers

  • Understanding Your Organization’s Culture
  • Identifying Subcultures
  • Interviewing Stakeholders
  • Partnering with Other Departments
7

Choosing What to Tell The Users

  • Basing Topics on Business Drivers
  • Incorporating Personal Awareness Topics
  • Motivating Users to Do Things “Right”
  • Common Topics Covered in Security Awareness Programs
8

Choosing the Best Tools for the Job

  • Identifying Security Ambassadors
  • Knowing the Two Types of Communications Tools
  • Exploring Your Communications Arsenal
9

Measuring Performance

  • Knowing the Hidden Cost of Awareness Efforts
  • Meeting Compliance Requirements
  • Collecting Engagement Metrics
  • Measuring Improved Behavior
  • Demonstrating a Tangible Return on Investment
  • Recognizing Intangible Benefits of Security Awareness
  • Knowing Where You Started: Day 0 Metrics
10

Assembling Your Security Awareness Program

  • Knowing Your Budget
  • Choosing to Implement One Program or Multiple Programs
  • Gaining Support from Management
  • Devising a Quarterly Delivery Strategy
  • Deciding Whether to Include Phishing Simulations
  • Planning Which Metrics to Collect and When
  • Branding Your Security Awareness Program
11

Running Your Security Awareness Program

  • Nailing the Logistics
  • Getting All Required Approvals
  • Getting the Most from Day 0 Metrics
  • Creating Meaningful Reports
  • Reevaluating Your Program
  • Redesigning Your Program
  • Considering Breaking News and Incidents
12

Implementing Gamification

  • Understanding Gamification
  • Identifying the Four Attributes of Gamification
  • Figuring Out Where to Gamify Awareness
  • Examining Some Tactical Gamification Examples
  • Putting Together a Gamification Program
  • Promoting the Program
13

Running Phishing Simulation Campaigns

  • Knowing Why Phishing Simulations Matter
  • Setting Goals for Your Phishing Program
  • Planning a Phishing Program
  • Choosing a Phishing Tool
  • Implementing a Phishing Simulation Program
  • Running a Phishing Simulation
  • Tracking Metrics and Identifying Trends
  • Dealing with Repeat Offenders
  • Management Reporting
14

Ten Ways to Win Support for Your Awareness Program

  • Finding Yourself a Champion
  • Setting the Right Expectations
  • Addressing Business Concerns
  • Creating an Executive Program
  • Starting Small and Simple
  • Finding a Problem to Solve
  • Establishing Credibility
  • Highlighting Actual Incidents
  • Being Responsive
  • Looking for Similar Programs
15

Ten Ways to Make Friends and Influence People

  • Garnering Active Executive Support
  • Courting the Organization’s Influencers
  • Supporting Another Project That Has Support
  • Choosing Topics Important to Individuals
  • Having Some Fun Events
  • Don’t Promise Perfection
  • Don’t Overdo the FUD Factor
  • Scoring an Early Win
  • Using Real Gamification
  • Integrating the Organization’s Mission Statement
16

Ten Fundamental Awareness Topics

  • Phishing
  • Business Email Compromise
  • Mobile Device Security
  • Home Network and Computer Security
  • Password Security
  • Social Media Security
  • Physical Security
  • Malware and Ransomware
  • Social Engineering
  • It Can Happen to You
17

Ten Helpful Security Awareness Resources

  • Security Awareness Special Interest Group
  • CybSafe Research Library
  • Cybersecurity Culture Guidelines
  • RSA Conference Library
  • You Can Stop Stupid
  • The Work of Sydney Dekker
  • Human Factors Knowledge Area
  • People-Centric Security
  • Human Security Engineering Consortium
  • How to Run a Security Awareness Program Course

Related Courses

All Course
scroll to top