Presentation is loading. Please wait.

Presentation is loading. Please wait.

Success Strategies for Security Awareness Pamela Mitchell, MBA, MTM Secureworld Expo September 2011.

Published byDuncan Delane Modified over 9 years ago

Similar presentations

Presentation on theme: "Success Strategies for Security Awareness Pamela Mitchell, MBA, MTM Secureworld Expo September 2011."— Presentation transcript:

1 Success Strategies for Security Awareness Pamela Mitchell, MBA, MTM Secureworld Expo September 2011

2 Agenda  Security is Top Priority  Employees Are Your Biggest Challenge  Success Strategies for Security Awareness  Top Ten Tips  Summary & Final Thoughts  Questions

3 Security is TOP Priority!  Everyone in the company has a security role and responsibilities to fulfill  Many security incidents are the result of lack of awareness and training  The threat from inside is real!  Regulatory requirements must be met

4 Employees Are Your Biggest Challenge  The Risk  Too Many Gullible Users  The Human Security Dilemma

5 Success Strategies (1 of 2)  Do Your Homework  Get It From The Top  Gather Your Allies  Watch Your Language  Streamline Communications

6 Success Strategies (2 of 2)  Think Fun  Tell It Like It Is  Sign Off On The Same Page  Walk Your Talk  Metrics

7 Top Ten Tips (1 of 2)  Identify a theme  Deliver the message early and often  Variety is the spice of (Security) Life  Use a tiered approach (Mgmt, IT, Users)  Get people to care about Security

8 Top Ten Tips (2 of 2)  Celebrate Security Awareness Month in October  Perform Quarterly Walkthroughs  Develop a Monthly Newsletter  Create a Top Ten List and display  Mandatory online interactive training once a year

9 End User Security Awareness Challenges Identifying a theme, craft a cohesive program and repeat, repeat, repeat Motivating users to take a personal interest in information security and convincing users to develop and maintain safer computer usage habits Delivering a consistent message about the importance of information security Giving end user security awareness a higher priority within organizations Developing materials that deliver a clear message about security topics on a regular basis in a variety of ways

10 Initiatives should be endorsed at the top with the message cascading throughout the organization Summary & Final Thoughts Security Awareness & Training Should Be Top Priority! Develop a comprehensive communication plan and deliver security information that users will view as being valuable to them personally and professionally Using multiple and appropriate communications, the message should be direct, concise and meaningful, and the call-to-action must be clear

11 Resources and References  State and Federal Government National Institute of Standards and Technology (NIST) Publication National Institute of Standards and Technology (NIST) Publication http://www.nist.gov/manuscript-publication- search.cfm?pub_id=151287 http://www.nist.gov/manuscript-publication- search.cfm?pub_id=151287 http://www.nist.gov/manuscript-publication- search.cfm?pub_id=151287 http://www.nist.gov/manuscript-publication- search.cfm?pub_id=151287 Department of Homeland Security, CyberSecurity Training http://www.dhs.gov/files/training/cybersecurity.shtm Department of Homeland Security, CyberSecurity Training http://www.dhs.gov/files/training/cybersecurity.shtm http://www.dhs.gov/files/training/cybersecurity.shtm California Technology Agency, Office of Information Security California Technology Agency, Office of Information Security http://www.cio.ca.gov/OIS/Government/library/training.asp http://www.cio.ca.gov/OIS/Government/library/training.asp http://www.cio.ca.gov/OIS/Government/library/training.asp Multi-State Information Sharing and Analysis Center (MS-ISAC) Multi-State Information Sharing and Analysis Center (MS-ISAC) http://msisac.cisecurity.org/resources/videos/ http://msisac.cisecurity.org/resources/videos/ http://msisac.cisecurity.org/resources/videos/

12 Resources and References  Educational Institutions University of Tennessee http://security.tennessee.edu/ University of Tennessee http://security.tennessee.edu/ http://security.tennessee.edu/ University of California, Santa Cruz http://its.ucsc.edu/security/training/index.html University of California, Santa Cruz http://its.ucsc.edu/security/training/index.html http://its.ucsc.edu/security/training/index.html

13 Resources and References  Search Security http://searchsecurity.techtarget.com/resources http://searchsecurity.techtarget.com/resources http://searchsecurity.techtarget.com/resources  Vendors Microsoft, McAfee, Websense, Cisco, etc. Microsoft, McAfee, Websense, Cisco, etc.

14 QUESTIONS ???

Download ppt "Success Strategies for Security Awareness Pamela Mitchell, MBA, MTM Secureworld Expo September 2011."

Similar presentations

The Whole/Hole of Security A Consultants Perspective August 25, 2004 Potomac Consulting Group Don Philmlee, CISSP.

The Whole/Hole of Security A Consultants Perspective August 25, 2004 Potomac Consulting Group Don Philmlee, CISSP.
TSM Learning Management System. Functional Highlights ISO 9001:2000 Certified Development Center. Complete Security System built in for managing Administrators,

TSM Learning Management System. Functional Highlights ISO 9001:2000 Certified Development Center. Complete Security System built in for managing Administrators,
Introduction to Instructor-Led Online Learning Kevin R. Duffy, M.A.Ed. Daytona State College Daytona Beach Police Department.

Introduction to Instructor-Led Online Learning Kevin R. Duffy, M.A.Ed. Daytona State College Daytona Beach Police Department.
Stop. Think. Connect. National Cybersecurity Awareness Campaign October 2010.

Stop. Think. Connect. National Cybersecurity Awareness Campaign October 2010.
Date Title (Select Purpose of your SWOT) Your Name Here.

Date Title (Select Purpose of your SWOT) Your Name Here.
1 Secure Online Presence Savio Fernandes

1 Secure Online Presence Savio Fernandes
1 Any views expressed related to procedural or explanatory material are those of the author and not necessarily those of the U.S. Census Bureau.

1 Any views expressed related to procedural or explanatory material are those of the author and not necessarily those of the U.S. Census Bureau.
Media Center Essential Question How can I be an effective user of information?

Media Center Essential Question How can I be an effective user of information?
1 The European Agency for Special Needs Education Pete Walker Internet Development Group Manager Kieren Pitts Senior Analyst/Programmer.

1 The European Agency for Special Needs Education Pete Walker Internet Development Group Manager Kieren Pitts Senior Analyst/Programmer.
Get Them Reading & Engaged with 2.0 Technologies Session III Ballroom D Lindsay Cesari.

Get Them Reading & Engaged with 2.0 Technologies Session III Ballroom D Lindsay Cesari.
HOW TO IMPLEMENT A NEW SEARCH SYSTEM AND MAKE FRIENDS WHILE DOING IT Michelle M. Powers Manager of Library Services Career Education Corporation (CEC)

HOW TO IMPLEMENT A NEW SEARCH SYSTEM AND MAKE FRIENDS WHILE DOING IT Michelle M. Powers Manager of Library Services Career Education Corporation (CEC)
SafetyFirsts Customer-Only Web Site Resources A Green Light to Safety Research, Articles, Specialty Reports & Training Presentations.

SafetyFirsts Customer-Only Web Site Resources A Green Light to Safety Research, Articles, Specialty Reports & Training Presentations.
Instant Communication Software Creating a Culture of Safety and Awareness.

Instant Communication Software Creating a Culture of Safety and Awareness.
Homeland Security and Law Enforcement Created By: Ashley Spivey For _Local_Actions_for_Homeland_Security.pdf.

Homeland Security and Law Enforcement Created By: Ashley Spivey For _Local_Actions_for_Homeland_Security.pdf.
Teaching Using the Internet in Your Classroom.

Teaching Using the Internet in Your Classroom.
Plain Language Action and Information Network (PLAIN)

Plain Language Action and Information Network (PLAIN)
Teaching RM in Psychology Dr Matthew Coxon. 1.To reflect on and discuss the challenges and issues we all have when teaching RM in Psychology; 2.To share.

Teaching RM in Psychology Dr Matthew Coxon. 1.To reflect on and discuss the challenges and issues we all have when teaching RM in Psychology; 2.To share.
Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.

Security Education and Awareness Workshop January 15-16, 2004 Baltimore, MD.
Week of Dec. 3-7 Vocabulary and Building Background.

Week of Dec. 3-7 Vocabulary and Building Background.
Information Literacy Government and Educational Websites Created by Alice Frye, Ph.D., Department of Psychology, University of Massachusetts, Lowell 1.

Information Literacy Government and Educational Websites Created by Alice Frye, Ph.D., Department of Psychology, University of Massachusetts, Lowell 1.

Similar presentations

Ads by Google